Enhancing Role Based Access Control with Privacy in Cloud Computing

Cloud Computing provides high performance, accessibility and low cost for data storing and sharing, provides a better consumption of resources. Cloud service providers compromise an abstraction of infinite storage space for clients to mass data. However, security concerns are the main constraints as we now outsource the storage of data possibly sensitive to cloud providers. To preserve data privacy, a mutual approach is to encrypt data files before the clients upload the encrypted data into the cloud. Data confidentiality becomes the main concern in outsourcing client data to cloud storage and it is also essential for an access control mechanism to prevent data mistreatment within the organization. There is no system designed for secure and efficient data sharing especially for dynamic groups in the cloud. Therefore we propose a secure data sharing scheme by using Role based Access Control (RBAC) and Elliptical Curve Cryptography (ECC) for frequently changed groups and anonymous access. RBAC provides flexible controls and database management by having users mapped to roles and roles mapped to privileges on data objects. ECC based encryption scheme incorporates the cryptographic approaches. ECC with RBAC provides anonymous access control, thereby to address the privacy in data as well as the user identity.  If the group member is revoked, this system provides automatic generation of new public key of existing group and distributed to the group, which eliminate the need to encrypt the data again with this new key therefore any user in the group can access the data in the cloud, which is not accessible by the revoked users. Thus the proposed method provides privacy and data confidentiality in cloud.