Article Preview
Top1. Introduction
In the digital world, exponential growth in internet users and technologies, the cloud computing (CC) is becoming a dominant technology among industry executives, academicians, and researchers. CC does not only provide on-demand computing resources (A. Abbas, 2014 and S.U. Khan et al., 2014), but also allows flexibility in data access i.e. cloud users able to access the data from anywhere from any places in the world. The majority of businesses are initiated to transform their data over the cloud for the sake of expanding business infrastructure with low budgets and upkeep (K. Alhamazani et al., 2014 & A. N. Khan, M. L. M. Kiah et al., 2014). On-demand storage service of the cloud computing is being a major challenging task for cloud service providers (CSPs). A CSP must give assurance to the cloud users that their information is secured and no one can access their data without their permission. L. Wei, H. Zhu et al., 2014 proposed a framework to ensure the security and confidentiality over individual’s data. In cloud service, the user uploads all information on the cloud without retaining the backup of the data. After uploading, a data owner loses his physical control over the data and these outsources data may be at high risk of leakage to malicious users. In the cloud fashion, the same cloud storage is shared by multiple cloud users, so individual’s information may be accessed by the illegitimate users. These illegitimate users may be either authorized or unauthorized individuals. Therefore, CSP faces extraneous difficulties in maintaining and storing the data to the cloud. To preserve the security of the data over the cloud, some CSPs allow data users to upload only encrypted data but the encryption process at the data owner side, increases the excessive burden of computation. In addition, to perform any alteration on the data, firstly it is retrieved from the cloud, decrypt it, perform the update and then re-encrypt for uploading the data again to the cloud. This complete practice required two times encryption and one time decryption process, which is a very time taking process and degrades the system performance. To overcome the above stated problem, the data owner permits CSP to perform the computation on outsourced data. In a cloud context, CSP act as a Third Party Auditor (TPA) and is regarded as a partially authentic entity. As a result, the cloud service provider's (CSP) untrustworthiness poses many security problems for enterprises, organizations, and academics. Various cryptographic techniques have been proposed by the several researchers to hide the actual meaning of the data. De-Oxyribo Nucleic Acid (DNA) based cryptography approaches have become popular in recent years. Numerous DNA cryptography methods are reported in the literature (Ashish Gehani, Thomas La Beanet al., 2000; Ashish Gehani et al., 2004; Beenish Anam, Kazi Sakib et al., 2010; Lalit Mohan Gupta et al., 2019). To enhance the protection and security over the data, researchers give the concept of access control over the data. Identity based encryption (IBE) (Boneh D et al. 2005) and Attribute based encryption (ABE) (Goyal et al., 2006) schemes are two major access control encryption schemes in which those users can only decrypt the encrypted data who satisfy their access control policy. In the scheme of D. Chen et al., 2014, the data owner performs access control, key generation, encryption, and decryption of files in a standard framework. The number of members in a group may change over time, i.e., members may be either added or removed based on their agreement policy. As a result, when information is shared among group members, a flexible cryptographic framework is required to manage this varying nature in the number of users. The approach should be capable of efficiently handling key management (A. N. Khan, M. M. Kiah et al. 2014). Existing, departing, and newly admitted group users may engage in nefarious acts in order to compromise the data security and privacy of group data (A. N. Khan, M. M. Kiah et al. 2014). Internal attacks that compromise data security can be far more damaging than external attacks. Many researchers, in most circumstances, trust internal institutions and are mainly concerned with protecting data from outside intruders. Nevertheless, with the presence of numerous members in a group, a number of data safety concerns must be addressed. In this study, we highlighted some of the major concerns raised by the participation of multiple members of a group during data sharing.