Cloud computing is generally perceived as the next generation computing structure for hosting and delivering economical services such as platform, software, and infrastructure.
Notwithstanding the various advantages and facilities of cloud computing, privacy and security issues remain a basic concern and impair the growth of this technology. Consequently, this research proposal discusses the possibility using attribute-based encryption to achieve secure sharing of students’ cloud-based data.
The proposed pilot study will be performed on a university domain that shares student files and will validate the use of attribute-based encryption system for improving security and enhancing the trust of cloud users. This section presents a background of the privacy and security issues characteristic to cloud systems.
As a result, the importance of using attribute-based encryption to eliminate the security and privacy issues of cloud based systems is highlighted.
There are numerous, related research studies that highlight the significance of students’ record systems for improved effectiveness, better student management (Ewing, 2012), advanced student academic follow-up, strict student privacy (Urtel, 2008), and reduced costs (Stowell, Addison, & Smith, 2012).
Using students’ management software will improve the management of student assessment tests, class attendance, class participation, scores, and GPAs. Students and parents monitor the students’ learning progress and examine other extracurricular activities, such as students’ engagement in sports.
Also, the school board can promptly view the students’ academic records and recommend future career paths for the students.
Students’ electronic recording systems offer potential for improved privacy and higher accessibility to required records. Likewise, with the rapid increase in tablet and smartphone use, more students and instructors are ready to migrate to students’ electronic recording system.
Nevertheless, privacy issues have prevented the implementation of cloud-based students’ recording systems. Mobile devices can be operated in almost every environment and may be used to instantly access various networks, and this exposes them to potential privacy risks.
Thus, it becomes difficult to secure students’ scores on mobile devices without compromising students’ privacy. For instance, a mobile virus harnessed the susceptibility of Android’s browser to circumvent application authorizations and retrieve users’ data.
Therefore, the possible utilization of mobile technology to access students’ records has highlighted the need to create significant methods for safeguarding the privacy of information, inside and outside the school environment.
Importance of Offline Access
Cloud-based academic systems are gaining acceptance by scholarly institutions, offering students access to their academic records through online environments, such as blackboards and portals. Nevertheless, solely depending on a cloud-based server is restrictive, particularly when students need to access course instructions.
Such events make it necessary for students to be offered offline access to their academic records. In case a physical disaster affects connectivity, students’ academic record systems that function online will be inaccessible.
For instance, Hurricane Katrina exposed various issues with existing cloud-based systems (Tang, Ash, Bates, Overhage & Sands, 2006). Offering offline accessibility enables students to move around with their academic records, and allows them to access the records even in the absence of a connected server.
Cloud-based academic systems must be structured to also respond to cyber threats (Tripathi, Delano, Lund & Rudolph, 2009). Data theft, information compromise, and service attacks on cloud-based systems is beyond a hypothetical issue (Prasad & Ahammed, 2014).
Delivering offline access disintegrates the safety of academic records from the system server, thus reducing its security requirements (Prasad & Ahammed, 2014).
The proposed study will use recent advancement in attribute-based encryption (ABE). ABE systems allow individual users to decrypt encrypted text if the individuals’ keys match the explicit attributes that were used to create the ciphered text (Bethencourt, Sahai, & Waters, 2007).
Attribute-based-encryption is an open-key encryption method and allows all users to encode data through restricted key generating systems (Prasad & Ahammed, 2014).
Two formulations usually describe ABE. The cipher-text rule ABE (Bethencourt, Sahai, & Waters, 2007) is a system that combines ciphertexts with guidelines that describe the authorized encoder.
The guidelines are usually communicated as Boolean equations citing a group of characteristics that is integrated with an individual’s personal key.
For instance, given the characteristics Professor, Supervisor, Princeton University (PU), WorldEducationService and Staff, the following sample guideline can obtain data that may be accessed by a PU professor, a supervisor or a staff of World Education Service:
((Professor_ Supervisor) ^ PU) _ (WorldEducationService ^ Staff)
Another variant of attribute-based-encryption is the key policy ABE, which reverses the connection between key and ciphertext. Personal records are labeled with their appropriate attributes (for example, assignment score, and examination grade).
The owner gives access to part of the data by generating specific keys that integrate the policy equation, and suggesting the retrievable data segment.
Collusion resistance is a basic characteristic of all ABE systems and makes it impossible for users to fuse attributes on personal keys to fulfill a specific guideline. For example, the policy below may state that only the staff linked with PU or with the scholarship company may access the students’ current grades:
(ScholarshipCo _ PU) ^ (WorldEducationService ^ Staff)
It is impossible to combine the WES staff’s key with a professor’s key using the ScholarshipCo and Staff attributes (that is, PU attribute) or the scholarship company’s key (that is, ScholarshipCo attribute) to fulfill the requirement.
Here, the WES staff must create a trust association with the school to access PU or ScholarshipCo attributes. Users will be unable to jointly decrypt information they cannot decrypt alone since each personal key is generated with an exclusive random source.
One important advantage of attribute-based encryption is its use of expressive operators. Access guidelines may be written using AND and OR commands, and allow comparison functions.
Number values used for comparison functions are usually expressed as binary attributes so every bit needed to characterize the numeric value matches to a nonnumeric element. An integration of OR and AND gates is applied to create a binary tree that indicate appraisals over textual attributes (Bethencourt, Sahai, & Waters, 2007).
The proposed research will be designed to respond to some problems. One of the problems that will be addressed in the research is the dependence of cloud based students’ record systems on file-sharing safety.
When students’ records are shared between departments and schools, they are usually secured using transport-level protocols only (Bethencourt, Sahai, & Waters, 2007).
Receivers of these cloud-based records derive clear textual outputs from cached and insecure forms. This poses a problem because it exposes the information to security threats.
Another problem that would be addressed in the proposed research is the fact that access control to cloud-based students’ records is strictly online. Many school systems currently need Internet access to switch decisions (Bethencourt, Sahai, & Waters, 2007).
The records cannot be reached when the database or server is unreachable, which may delay students’ communication with supervisors or external users. Furthermore, the design of cloud-based systems is provider-centric. As a result, students will have limited access to their school records only when they are online.
The problem must be addressed since academic records are always useful for students.
The insecurity of academic records is a major problem in cloud-based systems. Notwithstanding the implementation of strict regulatory measures, academic systems fail to effectively secure students’ records. Instead, schools depend on post hoc audits to identify security breaches. Using the attribute-based encryption may eliminate this deficiency.
The complicated nature of access guidelines to students’ records influence its usefulness and effective manipulation over the cloud. Academic employees experience numerous records with various types of policies related to them.
Numerous players including instructors, supervisors, board officers, auditors, and technicians, with different accessibility ranks manipulate students’ records. The efficiency of data manipulation is the effective definition of the access control medium that defines who can access specific data.
This excessively complicated, expensive, and error prone setting severely requires tools and computerization.
This chapter highlighted the role of attribute-based encryption for improving security and privacy in cloud computing systems.
The importance of cloud computing systems for future technological applications is obvious. Chapter one offered an overview of the privacy and security concerns related to cloud systems and the need to integrate encryption to promote security.
The next chapter will offer a comprehensive literature review on the importance of cloud computing systems for managing academic records. Consequently, the use of attribute-based encryption to enhance cloud-based systems will be analyzed.
Bethencourt, J., Sahai, A. & Waters, B. (2007). Ciphertext-policy attribute-based encryption. IEEE Computer Society, 32(3): 321-334.
Ewing, A. M. (2012). Estimating the Impact of Relative Expected Grade on Student Evaluations of Teachers. Economics of Education Review, 31(1): 141–54.
Prasad, P. S. & Ahammed, A. (2014). Attribute-Based Encryption for Scalable and Secure Sharing of Personal Health Records in Cloud Computing. International Journal of Computer Science and Information Technologies, 5(4): 5038-5040.
Stowell, J. R., Addison, W. E., & Smith, J. L. (2012), Comparison of Online and Classroom based Student Evaluations of Instruction. Assessment and Evaluation in Higher Education, 37(4): 465–73.
Tang, P. C., Ash, J. S., Bates, D. W., Overhage, J. M., & Sands, D. Z. (2006). Personal health records: Definitions, benefits, and strategies for overcoming barriers to adoption. Journal of the American Medical Informatics Association, 13(2): 121-126.
Tripathi, M., Delano, D., Lund, B., & Rudolph, L. (2009). Engaging patients for health information exchange. Health Affairs, 28(2): 435-443.
Urtel, M. G. (2008). Assessing Academic Performance between Traditional and Distance Education Course Formats. Technology and Society, 11(1): 322–30.