Abstract: Accessing Data and control it is an efficient way to provide data security in the cloud. But in untrusted cloud servers, the data storage and retrival control becomes a challenging in cloud storage systems. Existing access control schemes are not satisfactory in cloud storage systems, because they either produce multiple encrypted copies of the same data or require a fully trusted cloud server. Since this new computing technology requires users to entrust their precious data to cloud providers, in that sense the security and privacy concerns on outsourced data is increasing. Attribute-based encryption (ABE) provides a mechanism for typical access control over encrypted data. But in most ABE systems, the cipher text size and the decryption overhead, which causes for the complexity of the access policy, and also one single Trusted Authority (TA) and Cipher text Policy (CP-ABE) are unable to manage multiple group owners for encryption process and access policy. For achieving scalability, flexibility, and fine-grained access control of data in cloud, we propose Hierarchical Attribute-Set-Based Encryption (HASBE). This is an extension of cipher text-policy Attribute-Set-Based Encryption (ASBE) with a hierarchical structure of users with compound attributes. Through which we will achieve Sophisticated, flexible and scalable data access control with the help of compound attributes of HASBE.In addition to that we are using ECC Elliptic Curve Cryptography Instead of RSA in ABE. This scheme achieves scalability due to its hierarchical structure, but also achieve flexibility and fine-grained access control. In addition, HASBE with ECC employs idol access time to deal with user revocation more efficiently than existing schemes. We formally proved the security of HASBE based on security of the cipher text-policy attribute-based encryption (CP-ABE) scheme by analyzing its performance and computational complexity. We have implemented our scheme and proved that it is both efficient and flexible in dealing with access control for outsourced data in cloud with comprehensive experiments.
Keywords: Cloud Computing, Cloud Data Storage Security, ABE, HASBE, Access Policies, ECC.