Title: Revocable Attribute based Cloud Security for Data Access using Encryption and Biometric Identification

Issue Number: Vol. 9, No. 4
Year of Publication: Dec - 2019
Page Numbers: 187-192
Authors: Maryam Safarian Nejad, Mohammad V. Malakooti, Navid Hashemi Taba
Journal Name: International Journal of Digital Information and Wireless Communications (IJDIWC)
- Hong Kong
DOI:  http://dx.doi.org/10.17781/P002634


Cloud computing is an emerging technology in which it has been used to provide an efficient solution for the affordable, trustable, and fastest storage and retrieval of the information. The only problem in cloud computing is security that has been considered by researchers and several methods for providing secure access control are presented. Our method is based on the attribute-based information that provides secure connection to the cloud storage and servers. Our Revocable Attribute- Based Symmetric Encryption (RABSE) is proposed for generating a text-based Policy key that can be used to access the cloud server when the policy key is used to authenticate the user by the server. Once the Policy key is authenticated the server will issue One Time Password (OTP) that can be used for accessing database in the cloud storage. The structure of policy key authentication will be changed occasionally to grant the data access to new users or revoke the privilege of the some users. The information stored in the cloud storage facilities are encrypted and must be decrypted prior to usage. We have used the symmetric key cryptography, the same key for both encryption and decryption processes rather than asymmetric which the public key is used for encryption and private key will be used for decryption processes. Each user will be connected to the server after user has entered the required attributes for server access control. Once the server has issued the access control privilege the user can encrypt the information of its own area. The data are encrypted in different area and each user can only access to its own privilege area. The user can decrypt the first part of the information, low level security area; after server confirmed the user authentication and OPT issued by server to unlock the database. The user will run the Malakooti-Raeisie (M-R) Key Gen algorithm to generate the secret keys required for XOR operation after descrambling process is finished. The user also can decrypt the information on the second and third parts of user area, mid and high level security area, which required fingerprint identification for the second part, and additional face image recognition for the third part.