Secure Data Access Control with User Scalability in Cloud Computing 1N.Balasupramanian, 2 S.Udhaya Shree 1,2
Assistant Professor, Department of Computer Applications, Rajiv Gandhi College of Engineering and Technolog, Puducherr! Puducherr!
Abstract--The key definition of cloud computing is the “Cloud”. Cloud is a large group of computers interco interconnec nnected ted server serverss or per person sonal al compute computers. rs. Clou Cloud d comp comput utin ing g is lot lot bigg bigger er than than netw networ ork k computing which encompasses multiple companies, multiple servers, servers, and multiple networks. networks. The most obviou obviouss disadva disadvantag ntages es of web-ba web-based sed applic applicati ation on have long been considered is the security risks and scalability scalability.. erewith erewith we are are suppose suppose to focus on on new challe challenge ngess for secure secure data data and access access control control when users users outsource outsource sensitive sensitive data for sharing on cloud servers, which are not within the same authori!ed domain as data owners. To keep keep sens sensit itiv ivee data data conf confide ident ntia iall agai agains nstt unau unautho thori ri!e !ed d serv server ers, s, the the e"it e"iting ing syst system emss normally use cryptographic methods by providing data decr decryption yption keys only to authori!ed authori!ed users. users. ence by applying the applying the above logic we face a heavy computation overhead on the data owne ownerr for for key key dist distri ribu buti tion on and and data data manage managemen ment, t, which which may not ultima ultimatel tely y result result in user scalability. ere the aim of achieving secure data data access access contro controll with with user user scala scalabil bility ity remains remains unresolved. This paper addresses this challenging open issue by defining and applying access policies based on data attributes and by allowing the data owner owner to delega delegate te most most of the computati computation on tasks tasks invo nvolved in secure dat data access contr ntrol to unauthori!e unauthori!ed d cloud servers without disclosing disclosing the underlying information present in the message sent. #e atta attain in this this goal goal by appl applyi ying ng crypt cryptog ogra raph phic ic techni$ techni$ues ues such such as %ey %ey polici policies es attrib attribute ute-bas -based ed encr encrypt yptio ion n and and &-' &-' re-e re-enc ncry rypt ptio ion. n. ("te ("tens nsiv ivee analysis shows that our proposed scheme is highly efficient and provably secure under e"isting security models. Keywords-C Keywords-Clo loud ud,, )eleg )elegat atio ion, n, Attribute based encryption.
.
&' re-en re-encry crypt ptio ion, n,
%&-
N!"#DUC!#N
Cloud computing is a promising computing paradigm which recently has drawn e$tensi%e attention &rom both academia and industry. By combining a set o& e$isting and and new new tech techni ni'u 'ues es &rom &rom rese resear arch ch area areass such such as Ser% Ser%ic icee(#ri (#rieente nted Arc Archite hiteccture turess )S# )S#A* and %irtuali+ation, cloud computing is regarded as such a
comp comput utin ing g para paradi digm gm in whic which h reso resour urce cess in the the computing in&rastructure are pro%ided as ser%ices o%er the nternet. Along with this new paradigm, %arious business models are de%eloped, which can be described by terminology o& - as a ser%ice )-aaS* /10 where could could be so&twa so&tware, re, hardwa hardware, re, data data storag storage, e, and etc. etc. Success&ul e$amples are Ama+ons C2 and S3 /20, 4oogle App ngine /30, and 5icroso&t A+ure /60 which pro%ide users with scalable resources in the pay(as(you use &ashio &ashion n at relati relati%el %ely y low price prices. s. 7or e$ample e$ample,, Ama+ons S3 data storage ser%ice 8ust charges 9:.12 to 9:.1; per gigabyte month. As compared compared to building building their own in&rastructures, users are able to sa%e their in%estments signi&icantly by migrating businesses into the cloud.
pri%acy issue, but also o& 8uristic concerns. 7or e$ample, in healthcare application scenarios use and disclosure o& protected health in&ormation )?@* should meet the re'uirements o& @ealth nsurance ?ortability and Accountability Act )@?AA* /;0, and =eeping user data con&idential against the storage ser%ers is not 8ust an option, but a re'uirement. 7urthermore, we obser%e that that ther theree are are also also case casess in whic which h clou cloud d user userss themsel%es are content pro%iders. !hey publish data on cloud ser%ers ser%ers &or sharing and need &ine(grained &ine(grained data access access control in terms o& which user )data consumer* consumer* has the access pri%ilege to which types o& data. n the healthcare case, &or e$ample, a medical center would be the the data data owne ownerr who who stor stores es mill millio ions ns o& heal health thca care re records in the cloud. t would allow data consumers
Proceedings of "ational Conference on Advanced Computing and Communication#"CACC11, April!1$, 2%11
such as doctors, patients, researchers and etc, to access %arious types o& healthcare records under policies admitted by @?AA. !o en&orce these access policies, the data owners on one hand would li=e to ta=e ad%antage o& the abundant resources that the cloud pro%ides &or e&&iciency and economy on the other hand, they may want to =eep the data contents con&idential against cloud ser%ers. As a signi&icant research area &or system protection, data access control has been e%ol%ing in the past thirty years and %arious techni'ues /0/0 ha%e been de%eloped to e&&ecti%ely implement &ine(grained access control, which allows &le$ibility in speci&ying di&&erential access rights o& indi%idual users. !raditional access control architectures usually assume the data owner and the ser%ers storing the data are in the same trusted domain, where the ser%ers are &ully entrusted as an omniscient re&erence monitor /1:0 responsible &or de&ining and en&orcing access control policies. !his assumption howe%er no longer holds in cloud computing since the data owner and cloud ser%ers are %ery li=ely to be in two di&&erent domains. #n one hand, cloud ser%ers are not entitled to access the outsourced data content &or data con&identiality on the other hand, the data resources are not physically under the &ull control o& the owner. 7or the purpose o& helping the data owner en8oy &ine(grained access control o& data stored on untrusted cloud ser%ers, a &easible solution would be encrypting data through certain cryptographic primiti%e)s*, and disclosing decryption =eys only to authori+ed users. Unauthori+ed users, including cloud ser%ers, are not able to decrypt since they do not ha%e the data decryption =eys. !his general method actually has been widely adopted by e$isting wor=s /110/160 which aim at securing data storage on untrusted ser%ers. #ne critical issue with this branch o& approaches is how to achie%e the desired security goals without introducing a high comple$ity on =ey management and data encryption. !hese e$isting wor=s, as we will discuss in section E(C, resol%e this issue either by introducing a per &ile access control list )ACF* &or &ine(grained access control, or by categori+ing &iles into se%eral &ile groups &or e&&iciency. As the system scales, howe%er, the comple$ity o& the ACF(based scheme would be proportional to the number o& users in the system. !he &ile group(based scheme, on the other hand, is 8ust able to pro%ide coarse(grained data access control. t actually still remains open to simultaneously achie%e the goals o& &ine(grainedness, scalability, and data con&identiality &or data access control in cloud computing. n this paper, we address this open issue and propose a secure and scalable &ine(grained data access control scheme &or cloud computing. #ur proposed scheme is partially based on our obser%ation that, in practical application scenarios each data &ile can be associated with a set o& attributes, which are meaning&ul in the conte$t o& interest. !he access structure o& each user can thus be de&ined as a uni'ue logical e$pression o%er these attributes to re&lect the scope o& data &iles that the user
2J
is allowed to access. As the logical e$pression can represent any desired data &ile set, &ine(grainedness o& data access control is achie%ed. !o en&orce these access structures, we de&ine a public =ey component &or each attribute. Data &iles are encrypted using public =ey components corresponding to their attributes. User secret =eys are de&ined to re&lect their access structures so that a user is able to decrypt a cipher te$t i& and only i& the data &ile attributes satis&y his access structure. Such a design also brings about the e&&iciency bene&it, as compared to pre%ious wor=s, in that, 1* the comple$ity o& encryption is 8ust related the number o& attributes associated to the data &ile, and is independent to the number o& users in the system and 2* data &ile creation>deletion and new user grant operations 8ust a&&ect current &ile>user without in%ol%ing system(wide data &ile update or re(=eying. #ne e$tremely challenging issue with this design is the implementation o& user re%ocation, which would ine%itably re'uire re(encryption o& data &iles accessible to the lea%ing user, and may need update o& secret =eys &or all the remaining users. & all these tas=s are per&ormed by the data owner himsel&>hersel&, it would introduce a hea%y computation o%erhead on him>her and may also re'uire the data owner to be always online. !o resol%e this challenging issue, our proposed scheme enables the data owner to delegate tas=s o& data &ile re(encryption and user secret =ey update to cloud ser%ers without disclosing data contents or user access pri%ilege in&ormation.
. 5#DFS AND ASSU5?!#NS A! &stem 'odels Similar to /1H0, we assume that the system is composed o& the &ollowing partiesI the Data #wner, many Data Consumers, many Cloud Ser%ers, and a !hird ?arty Auditor i& necessary. !o access data &iles shared by the data owner, Data Consumers, or users &or bre%ity,
Adhiparasakthi Engineering College, Melmaruvathur
download data &iles o& their interest &rom Cloud Ser%ers and then decrypt. Neither the data owner nor users will be always online. !hey come online 8ust on the necessity basis. 7or simplicity, we assume that the only access pri%ilege &or users is data &ile reading. $tending our proposed scheme to support data &ile writing is tri%ial by as=ing the data writer to sign the new data &ile on each update as /120 does. 7rom now on, we will also call data &iles by files &or bre%ity. Cloud Ser%ers are always online and operated by the Cloud Ser%ice ?ro%ider )CS?*. !hey are assumed to ha%e abundant storage capacity and computation power. !he !hird ?arty Auditor is also an online party which is used &or auditing e%ery &ile access e%ent. n addition, we also assume that the data owner can not only store data &iles but also run his own code on Cloud Ser%ers to manage his data &iles. !his assumption coincides with the uni&ied ontology o& cloud computing which is recently proposed by Kouse&& et al. /1J0. (! &ecurit 'odels n this wor=, we 8ust consider @onest but Curious Cloud Ser%ers as /160 does. !hat is to say, Cloud Ser%ers will &ollow our proposed protocol in general, but try to &ind out as much secret in&ormation as possible based on their inputs. 5ore speci&ically, we assume Cloud Ser%ers are more interested in &ile contents and user access pri%ilege in&ormation than other secret in&ormation. Cloud Ser%ers might collude with a small number o& malicious users &or the purpose o& har%esting &ile contents when it is highly bene&icial. Communication channel between the data owner>users and Cloud Ser%ers are assumed to be secured under e$isting security protocols such as SSF. Users would try to access &iles either within or outside the scope o& their access pri%ileges. !o achie%e this goal, unauthori+ed users may wor= independently or cooperati%ely. n addition, each party is preloaded with a public>pri%ate =ey pair and other parties when necessary can easily obtain the public =ey. #ur main design goal is to help the data owner achie%e &ine( grained access control on &iles stored by Cloud Ser%ers.
. !C@NLU ?"F5NA"S A! )e Polic Attri*ute+(ased Encrption )P+A(EG?(AB /1;0 is a public =ey cryptography primiti%e &or one(to(many communications. n G?(AB, data are associated with attributes &or each o& which a public =ey component is de&ined. !he encryptor associates the set o& attributes to the message by encrypting it with the corresponding public =ey components. ach user is assigned an access structure which is usually de&ined as an access tree o%er data attributes, i.e., interior nodes o& the access tree are threshold gates and lea& nodes are associated with attributes. User secret =ey is de&ined to re&lect the access structure so that the user is able to decrypt a cipherte$t i& and only i& the data attributes satis&y his access structure. A G?(AB scheme is
composed o& &our algorithms which can be de&ined as &ollowsI *etup !his algorithm ta=es as input a security parameter M and the attribute uni%erse U O1, 2, . . . ,NP o& cardinality N. t de&ines a bilinear group 41 o& prime order p with a generator g, a bilinear map e I 4 1 Q41 R 42 which has the properties o& *ilinearit, computa*ilit, and non+degenerac. t returns the public =ey ?G as well as a system master =ey 5G as &ollows ?G )K, !1, !2, . . . , !N* 5G )y, t1, t2, . . . , tN* where !i ∈ 41 and ti ∈ p are &or attribute i, 1 T i T N, and K ∈ 42 is another public =ey component.
SG Os=iPi∈ F )ecryption !his algorithm ta=es as input the cipherte$t encrypted under the attribute set , the users secret =ey SG &or access tree ! , and the public =ey ?G. t &irst computes e)i, s=i* e)g, g*pi):*s &or lea& nodes. !hen, it aggregates these pairing results in the bottom( up manner using the polynomial interpolation techni'ue. 7inally, it may reco%er the blind &actor K s e)g, g*ys and output the message 5 i& and only i& satis&ies ! . ?lease re&er to /1;0 &or more details on G?( AB algorithms. /10 is an enhanced G?(AB scheme which supports user secret =ey accountability.
(! P+. Re+Encrption P+. RE?ro$y "e(ncryption )?"* is a cryptographic primiti%e in which a semi(trusted pro$y is able to con%ert a cipherte$t encrypted under Alices public =ey into another cipherte$t that can be opened by Bobs pri%ate =ey without seeing the underlying plainte$t. 5ore &ormally, a ?" scheme allows the pro$y, gi%en the pro$y re(encryption =ey r=aVb, to translate cipherte$ts under public =ey p=a into cipherte$ts under public =ey p=b and %ise %ersa. ?lease re&er to /10 &or
2
Proceedings of "ational Conference on Advanced Computing and Communication#"CACC11, April!1$, 2%11
more details on pro$y re(encryption schemes. Fa+y re( encryption is 8ust updating the secret =ey &or the data owner.
.
#U" ?"#?#SD SC@5
A! 'ain /dea n order to achie%e secure, scalable and &ine(grained access control on outsourced data in the cloud, we utili+e and uni'uely combine the &ollowing three ad%anced cryptographic techni'uesI G?(AB, ?" and la+y re( encryption. 5ore speci&ically, we associate each data &ile with a set o& attributes, and assign each user an e$pressi%e access structure which is de&ined o%er these attributes. !o en&orce this =ind o& access control, we utili+e G?(AB to escort data encryption =eys o& data &iles. Such a construction enables us to immediately en8oy &ine(grainedness o& access control. @owe%er, this construction, i& deployed alone, would introduce hea%y computation o%erhead and cumbersome online burden towards the data owner, as he is in charge o& all the operations o& data>user management. Speci&ically, such an issue is mainly caused by the operation o& user re%ocation, which ine%itabily re'uires the data owner to re(encrypt all the data &iles accessible to the lea%ing user, or e%en needs the data owner to stay online to update secret =eys &or users. !o resol%e this challenging issue and ma=e the construction suitable &or cloud computing, we uni'uely combine ?" with G?(AB and enable thedata owner to delegate most o& the computation intensi%e operations to Cloud Ser%ers without disclosing the underlying &ile contents. Such a construction allows the data owner to control access o& his data &iles with a minimal o%erhead in terms o& computation e&&ort and online time, and thus &its well into the cloud en%ironment. Data con&identiality is also achie%ed since Cloud Ser%ers are not able to learn the plainte$t o& any data &ile in our construction. 7or &urther reducing the computation o%erhead on Cloud Ser%ers and thus sa%ing the data owners in%estment, we ta=e ad%antage o& the la+y re(encryption techni'ue and allow Cloud Ser%ers to aggregate computation tas=s o& multiple system operations. As we will discuss in section E(B, the computation comple$ity on Cloud Ser%ers is either proportional to the number o& system attributes, or linear to the si+e o& the user access structure>tree, which is independent to the number o& users in the system. Scalability is thus achie%ed. n addition, our construction also protects user access pri%ilege in&ormation against Cloud Ser%ers. Accoutability o& user secret =ey can also be achie%ed by using an enhanced scheme o& G?(AB.
(! Definition and "otation 7or each data &ile the owner assigns a set o& meaning&ul attributes which are necessary &or access control. Di&&erent data &iles can ha%e a subset o& attributes in common. ach attribute is associated with a %ersion number &or the purpose o& attribute update as we will discuss later. Cloud Ser%ers =eep an attribute history list AHL which records the %ersion e%olution history o& each attribute and ?" =eys used.
3:
C! &cheme Description 7or clarity we will present our proposed scheme in two le%elsI &stem .evel and Algorithm .evel . At system le%el, we describe the implementation o& high le%el operations, i.e., &stem &etup, "e0 ile Creation, "e0 ser Grant , and ser Revocation, ile Access, ile Deletion, and the interaction between in%ol%ed parties. At algorithm le%el, we &ocus on the implementation o& low le%el algorithms that are in%o=ed by system le%el operations. 1- &stem .evel 3perations4 System le%el operations in our proposed scheme are designed as &ollows. &stem &etup n this operation, the data owner chooses a security parameter κ and calls the algorithm le%el inter&ace ASetup(κ), which outputs the system public parameter PK and the system master =ey MK. !he data owner then signs each component o& PK and sends PK along with these signatures to Cloud Ser%ers. "e0 ile Creation Be&ore uploading a &ile to Cloud Ser%ers, the data owner processes the data &ile as &ollows. • select a uni'ue ID &or this data &ile • randomly select a symmetric data encryption =ey DEK R K, where K is the =ey space, and encrypt the data &ile using DEK • de&ine a set o& attribute I &or the data &ile and encrypt DEK with I using G?(AB, i.e., )E˜, {Ei}i I * ← AEncrpt )I,DEK,PK*. "e0 ser Grant
Adhiparasakthi Engineering College, Melmaruvathur
scheme into two stages as is shown in 7ig.6.n the &irst stage, the data owner determines the minimal set o& attributes, rede&ines MK and PK &or in%ol%ed attributes, and generates the corresponding ?" =eys. @e then sends the users ID, the minimal attribute set, the ?" =eys, the updated public =ey components, along with his signatures on these components to Cloud Ser%ers, and can go o&&(line again. Cloud Ser%ers, on recei%ing this message &rom the data owner, remo%e the re%o=ed user &rom the system user list UL, store the updated public =ey components as well as the owners signatures on them, and record the ?" =ey o& the latest %ersion in the attribute history list AHL &or each updated attribute. AHL o& each attribute is a list used to record the %ersion e%olution history o& this attribute as well as the ?" =eys used. %ery attribute has its own AHL. < ith AHL, Cloud Ser%ers are able to compute a single ?" =ey that enables them to update the attribute &rom any historical %ersion to the latest %ersion. ile Access !his is also the second stage o& user re%ocation. n this operation, Cloud Ser%ers respond user re'uest on data &ile access, and update user secret =eys and re(encrypt re'uested data &iles i& necessary. As is depicted in 7ig. 6, Cloud Ser%ers &irst %eri&y i& the re'uesting user is a %alid system user in UL. & true, they update this users secret =ey components to the latest %ersion and re(encrypt the DEKs o& re'uested data &iles using the latest %ersion o& PK. Notably, Cloud Ser%ers will not per&orm update>re(encryption i& secret =ey components>data &iles are already o& the latest %ersion. 7inally, Cloud Ser%ers send updated secret =ey components as well as cipherte$ts o& the re'uested data &iles to the user. #n recei%ing the response &rom Cloud Ser%ers, the user &irst %eri&ies i& the claimed %ersion o& each attribute is really newer than the current %ersion he =nows. 7or this purpose, he needs to %eri&y the data owners signatures on the attribute in&ormation )including the %ersion in&ormation* and the corresponding public =ey components, i.e., tuples o& the &orm ) j, !* in 7ig. 6. & correct, the user &urther %eri&ies i& each secret =ey component returned by Cloud Ser%ers is correctly computed. ile Deletion !his operation can only be per&ormed at the re'uest o& the data owner. !o delete a &ile, the data owner sends the &iles uni'ue ID along with his signature on this ID to Cloud Ser%ers. & %eri&ication o& the owners signature returns true, Cloud Ser%ers delete the data &ile. 2- Algorithm level operations4 Algorithm le%el operations include eight algorithmsI ASetup, AE"#$%pt, AKe%&e", ADe#$%pt, AUp'teAtt, AUp'teSK, AUp'teAtt* i+e, and AMi"i+Set. As the &irst &our algorithms are 8ust the same as Setup, E"#$%pti-", Ke% &e"e$ti-", and De#$%pti-" o& the standard G?(AB respecti%ely, we &ocus on our implementation o& the last &our algorithms. 7ig.; depicts two o& the &our algorithms. AUp'teAtt !his algorithm updates an attribute to a new %ersion by rede&ining its system master =ey and public =ey component. t also outputs a pro$y re(encryption =ey between the old %ersion and the new %ersion o& the attribute. AUp'teAtt*i+e !his algorithm translates the cipherte$t component o& an attribute i o& a &ile &rom an old %ersion into the latest %ersion. t &irst chec=s the attribute history list o& this attribute and locates the position o& the old %ersion. !hen it multiplies all the ?" =eys between
the old %ersion and the latest %ersion and obtains a single ?" =ey. 7inally it apply this single ?" =ey to the cipherte$t component Ei and returns E(") which coincides with the latest de&inition o& attribute i. AUp'teSK !his algorithm translates the secret =ey component o& attribute i in the user secret =ey SK &rom an old %ersion into the latest %ersion. ts implementation is similar to AUp'teAtt* i+e e$cept that, in the last step it applies ($.i/i(") )01 to SKi instead o& $.i/i(") . !his is because ti is the denominator o& the e$ponent part o& SKi while in Ei it is a numerator. AMi"i+Set !his algorithm determines a minimal set o& attributes without which an access tree will ne%er be satis&ied.7or this purpose, it constructs the con8uncti%e normal &orm )CN7* o& the access tree, and returns attributes in the shortest clause o& the CN7 &ormula as the minimal attribute set.
D! &ummar n our proposed scheme, we e$ploit j j the techni'ue o& hybrid encryption to protect data &iles, i.e., we encrypt data &iles using symmetric DEKs and encrypt DEKs with G?AB. Using G?(AB, we are able to immediately en8oy &ine(grained data access control and e&&icient operations such as &ile creation>deletion and new user grant. !o resol%e the challenging issue o& user re%ocation, we combine the techni'ue o& pro$y re(encryption with G?(AB and delegate most o& the burdensome computational tas= to Cloud Ser%ers. &ile re(encryption operations into one, and thus statistically sa%e the computation o%erhead.
E.
ANAFKSS #7 #U" ?"#?#SD SC@5 A!&ecurit Analsis
31
Proceedings of "ational Conference on Advanced Computing and Communication#"CACC11, April!1$, 2%11
2- ser Access Privilege Confidentialit4 #ur proposed scheme 8ust discloses the lea& node in&ormation o& a user access tree to Cloud Ser%ers. As interior nodes o& an access tree can be any threshold gates and are un=nown to Cloud Ser%ers, it is hard &or Cloud Ser%ers to reco%er the access structure and thus deri%e user access pri%ilege in&ormation. 5- ser &ecret )e Accounta*ilit4 !his property can be immediately achie%ed by using the enhanced construction o& G?(AB /10 which can be used to disclose the identities o& =ey abusers. Now we analy+e data con&identiality o& our proposed scheme by gi%ing a cryptographic security proo&. 6- Data Confidentialit4
C! Related 7or8 $isting wor= close to ours can be &ound in the areas o& achie%e secure and scalable &ine(grained data access control in cloud computing.
E. C#NCFUS#N !his paper aims at secure data access control with user scalability in cloud computing. #ne challenge in this conte$t is to achie%e data access control, data con&identiality, and scalability simultaneously, which is not pro%ided in the e$isting system. n this paper we propose a scheme to attain this goal by e$ploiting G?AB and uni'uely combining it with techni'ues o& ?(F encryption. 5oreo%er, our proposed scheme can enable the data owner to delegate most o& computation o%erhead to power&ul cloud ser%ers. Con&identiality o& user access pri%ilege and user secret =ey accountability can be achie%ed. 7ormal security proo&s show that our proposed scheme is secure under standard cryptographic models.
E. "7"NCS
(! Performance Analsis !his section represents the cloud security responsibilities between the data owners and the users.
.
32
/10 5. Armbrust, A. 7o$, ". 4ri&&ith, A. D. Woseph, ". @. Gat+, A. Gonwins=i,4. Fee, D. A. ?atterson, A. "ab=in, . Stoica, and 5. aharia, Abo%e the cloudsI A ber=eley %iew o& cloud computing, Uni%ersity o& Cali&ornia, Ber=eley, !ech. "ep. USB(CS(2::(2J, 7eb 2::. /20 Ama+on >aws. ama+on.com. /30 4oogle App ngine, #nline at httpI>>code.google.com>appengine>. /60 5icroso&t A+ure, httpI>>www.microso&t.com>a+ure>. /;0 1:6th United States Congress, @ealth nsurance ?ortability and Accountability Act o& 1 )@??A*, #nline at httpI>>aspe.hhs.go%> admnsimp>pl1:611.htm, 1. /0 @. @arney, A. Colgro%e, and ?. D. 5cDaniel, ?rinciples o& policy in secure groups, in Proc! of "D&&9%1, 2::1. /H0 ?. D. 5cDaniel and A. ?ra=ash, 5ethods and limitations o& security policy reconciliation, in Proc! of &P9%2, 2::2. /J0 !. Ku and 5. >seclab.cs.ucda%is.edu>pro8ects>history>. /110 5. Gallahalla, . "iedel, ". Swaminathan, L. ?, 1J. /1H0 L. , 2::. /1J0 F. Kouse&&, 5. Butrico, and D. D. Sil%a, !oward a uni&ied ontology o& cloud computing, in Proc! of GCE9%?, 2::J. /10 S. Ku, G. "en, <. Fou, and W. Fi, De&ending against =ey abuse attac=sin =p(abe enabled broadcast systems, in Proc! of &ECREC3''9%>, 2::. /2:0 D. Sheridan, !he optimality o& a &ast CN7 con%ersion and its use with SA!, in Proc! of &AT9%6, 2::6. /210 D. Naor, 5. Naor, and W. B. Fotspiech, "e%ocation and tracing schemes&or stateless recei%ers, in Proc! of CR=PT39%1, 2::1. /220 5. Atallah, G. 7ri==en, and 5. Blanton, Dynamic and e&&icient =eymanagement &or access hierarchies, in Proc! of CC&9%:, 2::;.
Adhiparasakthi Engineering College, Melmaruvathur
33