Cloud computing has revolutionized the way businesses and organizations store and manage their data. With the increasing reliance on cloud technology, it has become imperative for organizations to ensure that their data is protected from cyber threats and breaches. Cloud security is therefore a critical concern for organizations, as it involves the protection of confidential information stored in the cloud from unauthorized access, theft, and loss.
Cyber-attacks have become a serious threat to modern society, especially in the context of a rapidly developing digital infrastructure. India is no exception and has experienced a significant increase in cybercrime in recent years. The country's fast-growing economy and expanding digital footprint have made it an attractive target for cyber criminals. With the increasing digitization of various sectors and the growing dependence on technology, India is facing a rapid rise in cybercrime. The country's expanding digital infrastructure, coupled with a lack of awareness and inadequate cyber security measures, has made it a prime target for cyber criminals.
Cyber-attacks in India have increased significantly in recent years. According to reports, there has been a surge of more than 300% cybercrime in India over the past few years. Comparatively, the increase in cybercrime has been a global trend. However, the extent of the increase in cybercrime varies by region and country. Nevertheless, India has been one of the countries that have seen a substantial increase in cybercrime in recent years.
In Fig. 1, the increase in cyber-attacks in various parts of Asia is shown. India has witnessed a drastic reduction in number of cyber breaches in 2022. This affects India to drop from third to seventh amongst most cyber breached countries. According to reports by Swedish VPN services company Surfshark, over 4.7 million email accounts got breached in India. The 4.7 million email accounts that were breached in 2022 represent a 94 percent increase compared to 2021. The reduction of data breaches in India went in parallel with global trend of reduced breaches.
There are various security measures that can prevent cyber-attacks, such as firewalls, antivirus, anti-malware software, encryption, access controls, and network segmentation. The efficiency of the methods used will be dependent on various reasons or factors, including the level of security required, the complexity of the network and systems, and the level of threats. A comprehensive security strategy that includes multiple layers of security measures provides better protection than relying on a single method, but no security method can guarantee 100% protection against cyber-attacks, as the threat landscape is constantly evolving.
Signcryption is a cryptographic technique that combines the properties of digital signatures and encryption, providing confidentiality, integrity, and authenticity of a message in a single operation. Multi-authority signcryption allows multiple authorities to securely encrypt and sign a message, each contributing to the overall security of the system. A constant size ciphertext refers to the property of the encrypted message being of a fixed size, regardless of the size of the plaintext.
Signcryption has the drawback of being computationally intensive compared to traditional encryption and signature operations. Multi-authority signcryption can be challenging to manage and secure, as it requires coordination and trust between multiple entities. In constant size ciphertext, information loss and decrease in quality of data can occur as a result of compression techniques used to achieve a fixed size. Additionally, constant size ciphertext can also increase the chance of the encrypted message being vulnerable to known plaintext attacks, which can compromise the confidentiality of the data. Furthermore, the fixed size of the ciphertext can also limit the flexibility of the system in terms of the size of the plaintext that can be encrypted.
In this project, the focus will be on providing enhanced security for cloud data. To achieve this goal, various techniques and methods can be utilized, by integrating an efficient AES-256 algorithm for encryption and decryption, and incorporating user attribute updates and revocation mechanisms. The objective of this project is to design a secure and efficient signcryption scheme that can provide data protection in cloud environments. The outcome of this project will be a solution that balances security and efficiency with time complexity that provides a secure way to store the data and access them from the cloud.
1.1. Security concerns
Cloud data authentication and confidentiality are two critical aspects of cloud security that ensure the protection of sensitive information stored in the cloud.
Cloud data authentication is the process in which the authenticity of a user or system attempting to access cloud data. It helps to mitigate unauthorized access to sensitive data by ensuring that only authorized users can access the data. To achieve data authentication, cloud service providers use techniques such as usernames and passwords, digital certificates, and two-factor authentication.
Cloud data confidentiality refers to the protection of sensitive data from unauthorized access, theft, or exposure. Confidentiality is essential for maintaining the privacy of users' data, protecting sensitive business information, and ensuring concurrence with privacy regulations as per the General Data Protection Regulation (GDPR). To achieve data confidentiality, cloud service providers use encryption to encrypt sensitive data both in transit and at rest, as well as access control mechanisms to restrict data access to users.
Cloud has several security risks and concerns. However, this part comprises of issues in public and private clouds, data in idle and transit state, data loss, data breach, Denial of Service (DOS) attacks and so on.
Public cloud storage is an important concern in cloud computing as it is very much an open target for hackers. The resources are stored in complicated systems in combination with hardware and software but it can expose the data if a data breach occurs. In order to minimize risks, it is recommended to use private clouds for sensitive data.
Data in idle state refers to the data stored in the cloud. An organization must maintain a private cloud to have control over the data present in the cloud. As mentioned previously, the data is not easy to maintain if they have a public cloud. Private cloud helps in bettering the security.
Data in transit state refers to the data that is in motion from one server to another or from server to a local system or from a local system to a server. The file can be requested from any location at any time. Data which is in motion is very prone to breaches from various other sources. It is also exposed to other factors such as data manipulation and loss. Figure 2. Illustrates about the data in idle and transit state.
Data loss is also known as data leakage. It can be termed as a process where the data can be deleted or corrupted by a user or software or application. Without any authorization, a third-party application accessing the data leads to a data breach.
When the system receives too much of traffic to buffer the server, denial of service attack occurs. It is usually done to target a large organization to make the users inaccessible to the data provided.
In conclusion, cloud data authentication and confidentiality are critical components of cloud security that work together to protect sensitive data and maintain the privacy and confidentiality of users' data in the cloud. To ensure the security of cloud data, organizations need to employ robust authentication and confidentiality mechanisms and stay informed about the latest security threats and trends.
1.2. Motivation
The motivation behind the project is to address the security challenges faced in the current cloud storage systems. With the increasing use of cloud storage for storing sensitive data, the need for secure communication between multiple authorities and secure access control policies is becoming more critical. Traditional digital signature and encryption methods may not be adequate in such scenarios, as they are computationally intensive and may not support multiple authorities or attribute-based access control.
The goal of this project is to develop a system that efficiently provides confidentiality, integrity, and authenticity of data in a multi-authority environment, while also accommodating attribute-based access control policies. The system can be used to secure sensitive data stored in cloud storage systems, improving the overall security and privacy of the data. Additionally, the efficiency of the system can also reduce the computational overhead and latency associated with data transmission, making it a practical solution for real-world applications. This project can make a significant contribution to the field of cloud storage security, helping to address the current security challenges faced by organizations and individuals who rely on cloud storage.
1.3. Paper Organization
In Section 2, illustrates the existing works and advancements. Section 3 is the proposed model. The overall performance analysis is framed in Section 4. The conclusion and the future work of the model is described in Section 5.