Secure Cloud Encryption Using File Hierarchy Attribute

Abstract

Secure Data Sharing enables account-to-account sharing of data through Snowflake database tables, secure views, and secure UDFs. With Secure Data Sharing, no actual data is copied or transferred between accounts. All sharing is accomplished through Snowflake’s unique services layer and metadata store. This is an important concept because it means that shared data does not take up any storage in a consumer account and, therefore, does not contribute to the consumer’s monthly data storage charges. The only charges to consumers are for the compute resources (i.e. virtual warehouses) used to query the shared data. Attribute-based encryption is a type of public-key encryption in which the secret key of a user and the cipher text are dependent upon attributes (e.g. the country in which he lives, or the kind of subscription he has). In such a system, the decryption of a cipher text is possible only if the set of attributes of the user key matches the attributes of the cipher text. There are mainly two types of attribute-based encryption schemes: Key-policy attribute-based encryption (KP-ABE) and cipher text-policy attribute-based encryption (CP-ABE). In KPABE, users’ secret keys are generated based on an access tree that defines the privileges scope of the concerned user, and data are encrypted over a set of attributes. However, CP-ABE uses access trees to encrypt data and users’ secret keys are generated over a set of attributes. Secure data sharing is a challenging problem currently being faced by the cloud computing sector. A novel method of Cipher text policy attribute based encryption (CP-ABE) is presented by paper to overcome the issues. The data from various sources like Medical and military sources, stored in the cloud, tend to have a multilevel hierarchy. But this hierarchy was not explored in CP-ABE.