Volume 11, Number 4
Applying Geo-Encryption and Attribute Based Encryption to Implement Secure Access
Control in the Cloud
Authors
Abu Salim1, Sachin Tripathi2 and Rajesh Kumar Tiwari3, 1Jazan University, Kingdom of Saudi Arabia, 2Indian Institute of Technology, India and 3RVS College of Eng. & Tech., India
Abstract
Cloud computing is utility-based computing provides many benefits to its clients but security is one aspect which is delaying its adoptions. Security challenges include data security, network security and infrastructure security. Data security can be achieved using Cryptography. If we include location information in the encryption and decryption process then we can bind access to data with the location so that data can be accessed only from the specified locations. In this paper, we propose a method based on the symmetric cryptography, location-based cryptography and ciphertext policy – Attribute-based encryption (CP-ABE) to implements secure access control to the outsourced data. The Symmetric key is used to encrypt that data whereas CP-ABE is used to encrypt the secret key and the location lock value before uploading on the server. User will download encrypted data and the symmetric secret key XORed with the Location Lock value, using his attributes based secret key he can obtain first XORed value of Symmetric secret key and location lock value. Using anti-spoof GPS Location lock value can be obtained which can be used to retrieve the symmetric secret key. We have adopted Massage Authentication Code (MAC) to ensure Integrity and Availability of the data. This protocol can be used in the Bank, government organization, military services or any other industry those are having their offices/work location at a fixed place, so data access can be bounded to that location.
Keywords
Cloud Computing, Secure Access Control, Security issues, Cryptography, Geo Encryption, Attribute-Based Encryption, CP- ABE