Role-based access using partial homomorphic encryption for securing cloud data

Cloud computing has encountered accelerated growth and technological advancements in recent times. However, Cloud computing is still perceived to be in its infancy and will unfold its hidden potential by augmenting its services with future technologies like Metaverse, Augmented Reality, and Virtual Reality. The demand for computing resources has also increased with the increase in the number of service users, thus, the data owners outsource their computational demands to the cloud servers configured at remote locations. Since the cloud offers multi-tenancy, the risk for unauthorized access and network attacks like Denial-of-Service attacks, and Sybil attacks, increases due to the consumption of shared resources and hypervisor exploitation. In order to protect the owner's data from unauthorized access, it needs to be encrypted before being outsourced. Conventional cryptosystems decrypt the encoded message before performing computations on the outsourced data, which increases the computational complexity of the system. Homomorphic Encryption permits the cloud service provider to perform computations on encrypted data without the need for decryption. Hence, in this paper, we introduce a layer of secure cipher gateway for user data. This work demonstrates an integrated scheme based on Partial Homomorphic Encryption and Role-Based Access Control policies to restrict unauthorized access. Data access is granted strictly as per the user-role mapping in the role-based hierarchy to ensure data integrity. The proposed model also suggests mitigation techniques for various cloud attacks. The work has been compared with its peers based on a secured communication channel for data transmission with reduced encryption and decryption time.