An Extended Data Protection Model Based on Cipher-Text-Policy Attribute Based Encryption Model and an XACML Framework in Cloud Computing

Abstract

Cloud Computing is a new service that has a fast growth in IT. It can be utilized for providing software and infrastructure services deployed in data centers. Although there are several benefits of cloud computing, such as the ability to store huge amount of data and to perform a large amount of computations, there are some issues, such as data security and privacy that affect the reliability of cloud computing. Moreover, encryption of the data by data owners and sharing them on cloud leads to different efficiency and secrecy problems. Access control and user authentication are the most critical security issues in cloud computing, because effective access control models ensure that the data are accessed by legal users. Hence, in this paper, we extend the proposed model in [38], and we propose a model to control the access of the encrypted sensitive data from unauthorized users in cloud computing. The proposed model based on Cipher-Text-Policy Attribute Based encryption (CP-ABE) and Extensible Access Control Markup Language (XACML) framework. The proposed model protects the encrypted sensitive data and ensures that the data is accessed only by legal users.

 Keywords:  XACML framework, cloud computing, CP-ABE, access control.