Assignment - IEEE papers PDF

Preview

Summary

IEEE papers...

Description

Assignment

Student name: Ameer Ahmed ID: 501006153

What is the problem? What are the motivations for this work? The paper writes about an e-health system for patients. Usually to have an e-system, this requires datacenter located physically within the premises of the entity in which it holds all responsibility of securing this system, from physical security up to application layer security which will make the authentication and access control hard and less-secure. This requires the presence of qualified staff and hardware specifications which will increase the cost and managing needed for such system. The motivation for this work is to reduce cost, efforts and increase security at the same time by moving to the cloud. When moving to a cloud, the first benefit gained is that this system will be protected by the cloud security, which in most cases very tight and strict than normal on-premises security, second motivation is 24/7 availability via the cloud due to the redundancy nature of the cloud and the availability options it has since the cloud will provide more secure ways to support the dynamic and controlled information exchange. What is the proposed solution? Why the solution solves the problem better than previous solutions. Weakness? The proposed solution is to minimize the computational overhead on the data owner’s side (patients and medical centers) as well as the time that data owners are required to be available online. The data owners will upload encrypted searchable indexes to enable multiple keyword searching over the encrypted data along with the encrypted data to the cloud server without disclosing the contents. Then the decryption keys are provided only to authorized users during the access control process. Valid and certified token is needed for every and each user in order to access the data via a secure communication channel in which the server will send data. The authentication model is based on a challenge-response protocol which keeps user sensitive information confidential. While for the access control management, it will be on two phases, phase one will use a static authorization method to get the highest access rights of users while the second phase will grant the user the least access permissions on the required data. The concept of intention is being utilized to give users the minimum required access rights to limit threats arising from non-needed or mis-provisioned rights that may cause unintended harm. The users’ intentions are set via a received set of keywords related to the roles and job description. These keywords provide levels of finetuned access control to the required data. Public keys along with session keys using DUKPT scheme to establish a secure data exchange between various communicating entities. Previous solutions, one of the proposals is attribute-based access control (ABAC). In this model, a set of meaningful attributes in the context of interest are associated with each data file. To enforce access policies, a public key component for each attribute is defined. Data files are encrypted using public key components corresponding to their attributes. An access structure for users is defined based on the secret keys they have. In this work, although the data owner delegates most of the computational operations to cloud servers, a cloud server is not able to learn about outsourced data. Other approaches also faced same challenge, controlling authentication over the cloud. Another method suggested DACAR platform for the e-Health cloud. This method uses cryptographic approaches to verify identities of users, and rolebased policies to manage the access control to resources. The DACAR platform uses a single point of contact (SPoC), a rule-based information sharing policy syntax and data buckets hosted by a cloud infrastructure, to allow the secure usage of sensitive healthcare data. However, the overhead of patients’ processes is high, and the patient needs to be involved in the process of protecting and disseminating

her/his medical records. Most of these methods focus on just authentication or access control management. How the solution is achieved (designed and implemented)? The solution is achieved by splitting the system into entities as follow: data owners, service provider (SP), cloud server (CS), users (U), and an authentication and access control manager (AAM). The service provider sets and administrates access policies on behalf of data owners. The AAM is a trusted server which manages the process of authentication and access control. Data owners outsource their data files to an SP which determines and manages access control on their behalf. The CS provides the required resources to data owners to store and manage their data on the cloud. This server is typically managed by a cloud service provider (CSP) and can provide abundant storage capacity and computational power on demand. To access health records shared by the SP, interested users submit a valid token with a search query request to the CS. The AAM authenticates the user’s request and provides the proper decryption keys for valid requests. Users can then decrypt the data of interest with these decryption keys. As for the authentication, a challenge-response protocol (Schnorr zero-knowledge identification protocol) will be used to prove the identity of the user. This specific protocol satisfies three main features: completeness (if the statement is true, the honest verifier will be convinced of this fact by an honest prover), soundness (it is unlikely that a cheating prover would convince the honest verifier that a false statement is true), and zero-knowledge (no cheating verifier would gain any additional knowledge other than a statement is true).

As for the implementation, different steps have been followed. User registration where the SP generates a unique secret ID for each user and also will generate a number v=B^(-ID).mod(p) for each user to be used for authentication and token issuance. Data encryption, in which the SP encrypts the data before storing it in the cloud by generating a symmetric data encryption key (SKF) for each data fragment category according to their level of sensitivity. Data search where an approach is used that applies multiple keywords in the search request and returns data ordered by its relevancy to the keywords. User authentication is based on the AMC component that verifies the identity of the user without acquiring information about the user ID. Access control for security policies that specify and regulate the authorized actions that can be carried out in the system. Data access control where the user can send the received token as the search right through a secure channel to the cloud provider hosting the data. The below shows the process of generating a valid token for the user.

What is the evaluation of the proposed solution? For performance evaluation, a test prototype was implemented in amazon EC2 cloud to simulate the CS, SP, and AAM. Below two graphs shows the user requests that were initated from the localmachines.

Below figure, the challenge request time shows the time that the server takes between receiving the request and generating the challenge request based on user information. Challenge validation shows the time that the SP needs to verify the received challenge request from the user. The session time comprises the entire user-perceived time from sending a request until receiving a response. This time includes network time, challenge request, challenge response and challenge validation time.

Also, the breakdown of the response time was measured. Below graph shows the three major components of the total response time. Validation operation (the process of verifying the user response) represents the highest percentage of the overall execution time and the challenge request (the step of sending challenge for the user) is the second highest contributor. Network latency represents a very small component of the request response time.

AAM performance in terms of system throughput and varying workload, below figure shows the increasing number of request in minutes, it shows that the AAM is always responsive and can manage 13984 transactions over 5 minutes.

What are the contributions? Many papers contributed such as S. Yu, C. Wang, K. Ren, and W. Lou, ”Achieving secure, scalable, and finegrained data access control in cloud computing,”. Also L. Yibin, W. Dai, Z. Ming, and M. Qiu, ”Privacy protection for preventing data over-collection in smart city,” IEEE Transactions on Computers, vol. PP, pp. 1, 2015. And, A. Majumder, S. Namasudra, and S. Nath, ”Taxonomy and classification of access control models for cloud environments,” in Continued Rise of the Cloud, pp. 23-53, 2014. [5] N. Kahani, and H. R.

Shahriari, ”An approach for providing privacy and access control in outsourced databases,” 14th International CSI Computer Conference, 2009. Also, D. Ferraiolo, and D. Kuhn, ”Role-based access controls,” in Proceedings of the 15th National Computer Security Conference, pp. 554-563, 1992. And American National Standards Institute. ANSI X9.24-1:2009 Retail Financial Services Symmetric Key Management Part 1: Using Symmetric Techniques, 2009. Also, E. Brier, and T. Peyrin, ”A forward-secure symmetric-key derivation protocol,” in Advances in Cryptology-ASIACRYPT, pp. 250-267, 2010. And N. Cao, C. Wang, M. Li, K. Ren, and W. Lou, ”Privacy-preserving multikeyword ranked search over encrypted cloud data,” IEEE Transaction on Parallel and Distributed Systems, vol 25, pp. 222-233, 2014. Also, C. P. Schnorr, ”Efficient signature generation by smart cards,” Journal of Cryptology, vol 4, pp. 161-174, 1991. And U. Feige, A. Fiat, and A. Shamir, ”Zero-knowledge proofs of identity,” Journal of Cryptology, vol. 1, pp. 77-94, 1988. Also, U. Maurer, ”Unifying zero-knowledge proofs of knowledge,” in Progress Cryptology AFRICACRYPT, pp. 272-286, 2009. And J. T. McCall, ”Zero Knowledge compilers,” in UMM CSci Senior Seminar Conference, pp. 19, December 2013. And B. Wang, S. Yu, W. Lou, and Y. T. Hou, ”Privacypreserving multikeyword fuzzy search over encrypted data in the cloud,” in IEEE Proceedings, INFOCOM, 2014. And W. Sun, W. Lou, Y. T. Hou, and H. Li, ”Privacy-preserving keyword search over encrypted data in cloud computing,” in Secure Cloud Computing, pp. 189-212, 2014.

What future directions do the authors identify? The authors assumed here that the users will have only read access rights for simplicity, what if some users need read/write access? This will make more complex steps for authorization and token granting What ideas did you come up with while reading the paper? The first idea is the security of the cloud itself, what if the cloud itself got compromised, since the AAM can decrypt the data, this means that if an attacker gained access to the cloud this might lead to data breach like what happened with Yahoo. Second point, having all data in the hands of the third party entity (regardless of how big and how secure it is) it means that already the data is exposed to this entity....