Identity and Access Control Techniques for Enhanced Data Communication in Cloud

: The preservation of sensitive data and prevention of unauthorized access are critical objectives in cloud computing environments, necessitating the implementation of robust security measures. The present study delves into the amalgamation of the Hierarchical Role Based Access Control Model (HR-ACM), Composikey, a composite key encryption algorithm, and Interactive Tree Based zero knowledge protocol (ITZKP) to construct a robust security framework for cloud security. This study presents an investigation into the viability and efficacy of integrating HR-ACM, Composikey, and ITZKP as a means of augmenting security measures and reducing potential hazards in cloud-based systems. The execution times comparison of the Composikey, IBPRE, and KPRE models were compared for different filesizes (1 KB to 2 GB) to evaluate the performance of the HRACM method. As roles increase, RBAC a execution time increases significantly. The HRACM Method takes 0.001 to 0.002 seconds to implement across all role counts. The results show that the HRACM Method is more efficient and time-effective than the RBAC Method. The response time measured in microseconds for the existing ZKP and Libra systems for different file sizes, ranging from 1KB to 1 GB. The results reveal that the verifier time for the ITZKP system aligns closely with the existing systems, demonstrating its ability to perform efficient verification processes. These findings collectively demonstrate the potential of the integrated security framework in enhancing cloud security.


Introduction
Cloud computing has changed how individuals and organizations manage, retrieve, and manipulate data.Cloudbased systems have made data security a major concern.Uploading data to the cloud, places it outside an organization, requiring data security to consider confidentiality, integrity, and authenticity.Cloud computing security risks necessitate proper identity and access control.In a cloud-based setting, the techniques ensure that only authorized entities can retrieve data while preserving its confidentiality, integrity, and authenticity [1].The HR-ACM role-based access control authentication model manages authorization.The system assigns roles based on job duties.User-side access control computation restricts data access to authorized parties.The sophisticated cryptographic algorithm Composikey provides high data confidentiality assurance.Proxy-based re-encryption protects data during transmission from the cloud to the client.The cryptographic ITZKP protocol secures auditing while protecting inputs and intermediate outcomes.It maintains data authenticity and confidentiality.Identity and access control are essential for cloud computing data security, confidentiality, integrity, and availability [2].The present literature review aims to investigate the efficacy of diverse techniques utilized for augmenting identity and access control in cloud computing.A literature study focuses on the examination of various access control models, namely the Hierarchical Role-Based Access Control Model (HR-ACM), Composikey Algorithm, ITZKP, Identity and Access Management Framework (IAM), and Attribute-Based Access Control Model (ABAC) [3].
The HR-ACM model is a widely adopted method for cloud computing access control.It enables system administrators to designate user's roles based on their job duties and hierarchical positions.HR-ACM is effective at controlling access to cloud resources and preventing unauthorized access, according to studies.The study by Aboalian et al. [4] proposes a hierarchical attribute-driven role-based cloud computing access control system.The authors emphasize the significance of access control and cryptography in cloud storage to assure data confidentiality.The authors argue that in large-scale cloud systems, manual assignment of roles and permissions can result in computational and online burdens for data proprietors.To address these issues, they propose a system that automatically assigns user roles based on policies applied to user and role attributes.a hierarchical attribute driven role based access control system is proposed, such that the user role assignments can be automatically constructed using policies applied on the attributes of users and roles.Wan Z et al. [5] propose hierarchical attribute-set-based encryption (HASBE) by extending ciphertext-policy attribute-set-based encryption (ASBE) with a hierarchical structure of users Bhartiya et al. [6] posed an access control framework that addresses security concerns for the sharing of electronic health record (EHR) data.The proposed framework by authors uses a Hierarchy Similarity Analyzer (HSA) to identify conflicts and rank user/ resource attribute similarity based on similarity factors.This results in justifiable subsets of matching rules and policies for sharing data between independent healthcare entities, while ensuring that only authorized users have access to controlled data.
To address cloud storage security issues, Zhou et al. [7] proposed a role-based encryption (RBE) scheme that incorporates cryptographic techniques with the role-based access control (RBAC) model.The proposed RBE scheme enforces RBAC policies for encrypted data stored in public clouds and introduces a secure hybrid cloud storage architecture based on RBE.The Composikey algorithm is a composite key encryption technique that guarantees the security of critical information while maintaining access for authorized users.Waters [8] introduced a novel method for Ciphertext-Policy Attribute Encryption (CP-ABE) that accomplishes non-interactive and concrete cryptographic assumptions in the standard model.In Proxy Re-Encryption (PRE) protocols, Ateniese et al. [9] introduced the concept of key-private re-encryption keys.They argued that previous schemes lacked this characteristic and defined a new security concept for PRE schemes that included the key-private characteristic.The authors presented the first implementation of a key-private PRE and demonstrated its security under the CPA-security extension of the Decisional Bilinear Diffie Hellman assumption and its key-privacy under the Decision Linear assumption in the standard model.Goyal V et al. [10] suggests delegation of private keys which subsumes Hierarchical Identity-Based Encryption (HIBE).
The ITZKP protocol is a novel technique for secure auditing check that allows for calculations to be carried out without disclosing any of the inputs or intermediate results.Studies have shown that ITZKP is effective in enhancing cloud security.Zhang et al. [11] proposed a definition of data privacy with zero-knowledge proof for integrity tests in cloud storage.They emphasized that the cloud server must not reveal any valuable information about the stored data and proposed an algorithm covering data confidentiality, integrity, privacy, and soundness.This research is essential for enhancing data communication in the cloud by enhancing data integrity check.Yu et al. [12] proposed a secure zero-knowledge-based client-side deduplication scheme for cloud storage in smart cities over encrypted files.The scheme accomplishes a high probability of detecting client misbehavior and protects the confidentiality of data.A key distribution scheme based on proxy re-encryption is also introduced to facilitate the delegation of decryption rights.Yang et al. [13] proposed a secure zero-knowledge based client-side deduplication scheme for cloud storage in smart cities over encrypted files.The scheme accomplishes a high probability of detecting client misbehavior and protects the confidentiality of data.A key distribution scheme based on proxy re-encryption is also introduced to facilitate delegation of decryption rights.Zero-knowledgeproofs are widely used in cryptography, cloud computing, and finance.In their recent study,Bick et al. [14] proposed distributed zero-knowledge proofs in their recent study.The protocol is designed to safeguard the knowledge of the prover, including the graph.The authors design distributed zero-knowledge proofs for the 3-coloring problem and the spanning-tree verification problem that are communication-efficient.
From the literature review, the combination and integration of the Hierarchical Role Based Access Control Model (HR-ACM), Composikey (a composite key encryption algorithm), and ITZKP within the context of developing robust and secure architectures for cloud computing environments have not been extensively studied by researchers [15,16].While each of these systems has been individually explored, their combined utilization to enhance security measures in cloud environments remains relatively unexplored.
This research paper explored the integration of the HR-ACM, Composikey (a composite key encryption algorithm), and ITZKP to develop an efficient security architecture for cloud security.The objective was to combine these systems and leverage their unique capabilities to enhance security measures in cloud computing environments.Through the adoption of a cryptographically secure algorithm for generating random component keys, the Composikey method achieved high entropy, surpassing the simplicity of a random function.The unique ITZKP was successfully employed for secure auditing checks through computation.The results of this research demonstrate the feasibility and effectiveness of combining HR-ACM, Composikey, and ITZKP to develop an efficient security architecture for cloud security.The utilization of these systems offers enhanced access control, strengthened data protection, and secure authentication, mitigating the risks associated with unauthorized access, data breaches, and identity theft in cloud environments.

Methodology
The proposed comprehensive security framework for cloud data protection is implemented and evaluated using the research methodology as a framework.In order to fully understand the state-of-the-art in cloud data security, Attribute-Based Encryption (ABE), ITZKP, and related access control models, is conducted as part of the methodology.Figure 1 shows the flow chart of the research methodology.

Design and Implementation Phase
In the design phase, we outline the blueprint for the security architecture by integrating HR-ACM, Composikey, and ITZKP.This involves defining the hierarchical access control structure using HR-ACM, establishing encryption policies with Composikey, and designing the authentication framework utilizing ITZKP.

Role Based Access Control Model (HR-ACM)
The first step is to parse the OWL Ontology, which involves reading and extracting the relevant information from the ontology file [17].This can be done using an OWL parsing library or framework.The design phase of this research focuses on systematically developing and formalizing the methodology for integrating the OWL Ontology, generating a bit pattern, assigning roles to users, authenticating users, and ensuring authentication of user actions.This phase aims to establish a comprehensive and robust design for the access control system within the cloud computing environment.Through parsing the ontology, relevant information is extracted and mapped to the bit pattern based on a defined encoding scheme.This encoding scheme assigns specific bit positions or sequences to represent classes, properties, or relationships associated with the access control system.Roles are mapped to users based on their specific privileges and responsibilities.This mapping ensures that users are granted appropriate access rights and permissions within the cloud computing environment, facilitating effective control and management of resources.Figure 2 shows the system architecture for Role Based Access Control Model.When uploading data to the cloud, the data owner creates a self-protected package with encrypted data, authorization rules, and re-encryption keys (Figure 3).Before uploading data to the cloud, the owner encrypts it with a random symmetric key.Encrypting the encryption key improves data security [18].The symmetric method AES, recognized for its robustness, is utilized as it provides a suitable level of protection.Access control relies on authorization.This model controls data access permissions.These rules create re-encryption keys.The data owner, with a generator and element identities, is responsible for this process.An identity-based scheme is employed to generate the keys for re-encryption, effectively avoiding the inclusion of extraneous attributes and minimizing storage requirements.After generating the re-encryption keys, the final user can manipulate the data.It's important to note that the user can't do anything wrong to obtain the data.This data-centric method uses data to carry all necessary components within the same service provider or intercloud scenario.The decision point and Proxy Re-Encryption (PRE) must be deployed for smooth cryptographic processes.The decision point controls the authorization model and starts the access procedure.It verifies a user's data access rights.Permission is granted or denied after rule review.Permission grants re-encryption keys.This information is subsequently passed to a trustworthy third-party entity, known as the proxy, which undertakes the process of proxy re-encryption.Subsequently, when the ultimate user intends to utilize the data, they perform decryption using their set of keys.
Importantly, the service provider cannot misbehave or access the data.The genuine user alone knows the reencryption information, assuring data integrity and security.

Interactive Tree-Based Zero Knowledge Protocol (ITZKP)
The implementation of the ITZKP for cloud data storage systems.The protocol involves three parties: the data owner, who acts as the prover, the cloud storage server, and a verifier, who is a semi-trusted third party [19].The goal is to ensure the integrity of the outsourced data without the need for periodic data integrity verification.In the ITZKP, the data owner relies on the cloud storage server to store and manage their data (Figure 5).As the data is no longer stored locally, the data owner utilizes ITZKP to check the integrity of the outsourced data.This protocol allows the data owner to verify that the cloud server is correctly storing and maintaining the data [20].Figure 4 shows the hash calculation and Hash tree used for implementation.The process begins with the data owner uploading the file to the storage cloud.The file is divided into smaller chunks, with a minimum block size of 4 kilobytes to optimize performance.In this scenario, the file is divided into eight chunks.To establish common knowledge between the verifier and the data owner, a complete tree of hashes is created for the file, represented as H15+ H13 + H14.This tree of hashes serves as the basis for verification.
The verifier generates a challenge by selecting a random nonce (R) and a tree branch.The prover, in this case, the data owner, computes the hash of the selected tree branch (S).The prover then computes (R•S%N).The verifier performs further computations by evaluating (R•S%N)^2)%N and ((R^2)%N • (S^2)%N)%N.If there is a match, the verifier updates its confidence value.
This process is repeated until the confidence value reaches the desired set value.The ITZKP algorithm ensures that the data owner can verify the integrity of their outsourced data in a secure and efficient manner, eliminating the need for periodic data integrity verification [21].Within the ITZKP algorithm, certain technical details are relevant.These include the usage of a large prime number (base) denoted as 'g' and another large prime number (modulus)denoted as 'N'.Additionally, the public key of the trusted third-party auditor (TPA) is referred to as 'KPUBTP'.Data Owner: The Data Owner initiates the protocol by uploading a file, denoted as 'data',to the storage service.The data is then subjected to a hash function, H(data), resulting inthe hash value D. Next, the Data Owner computes a secret, S, using the formula g^D mod N, where 'g' represents a large prime number (base) and 'N' represents another large primenumber (modulus).To protect the secret, it is encrypted with the public key of the Third-Party Auditor (TPA), KPUBTPA, resulting in R0.The Data Owner sends the tuple (filename, R0) to the TPA [23,24].
Third Party Auditor: The Third-Party Auditor plays a crucial role in the protocol.They generate a key pair consisting of the public key KPUBTPA and the private key KPRITPA.The public key, KPUBTPA, is published as common knowledge among all parties.The TPA receives the tuple (filename, S) from the Data Owner and decrypts R0 using the private key KPRITPA, resulting in S. The TPA then stores the filename and S in its local database forfuture reference.

Results and Analysis
The results of the experiments conducted to compare the HRACM (Hierarchical Role Based Access Control Method) with the RBAC (Role-Based Access Control) method reveal significant differences in execution time.The comparative analysis of the execution time of the HRACM Method and RBAC Method is depicted in Figure 7, considering varying role counts.The findings indicate that the HRACM approach exhibits superior performance in terms of execution time compared to the RBAC approach.This is evidenced by consistently lower time values observed for the HRACM approach across varying role counts.This suggests that the HRACM approach exhibits greater efficiency and expedites access control procedures.The observed variance in the duration of execution implies that the HRACM approach is comparatively more optimized and efficacious in administering access control in the system.The enhanced effectiveness of the HRACM technique can be attributed to its utilization of a hierarchical framework and a rolebased methodology.The HRACM approach streamlines access control procedures by arranging roles in a hierarchical structure, leading to expedited and more effective authorization processes.The RBAC approach demonstrates a significant increase in its execution time as the quantity of roles grows.The HRACM Method demonstrates a consistent and relatively short implementation time across all role counts, ranging from 0.001 to 0.002 seconds.According to the results, it can be inferred that the HRACM Method presents a higher level of efficiency and time-effectiveness in comparison to the RBAC Method.The RBAC Method experiences a noticeable decrease in performance and prolonged execution durations as the number of roles increases.In contrast, the HRACM Method ensures a uniform and optimized duration of execution, regardless of the number of roles involved.This result highlights the benefits of employing the HRACM Methodology in situations that entail a greater quantity of roles.The implementation of the HRACM Methodology can lead to expedited and optimized execution of access control procedures within organizations, resulting in enhanced operational efficiency and heightened system responsiveness.The HRACM Method's exceptional efficacy can be ascribed to its inventive configuration that integrates hierarchical role-based access control principles.
Figure 7 displays a graphical representation where the horizontal axis represents the quantity of roles, while the vertical axis indicates the duration of execution measured in seconds.The visual illustration portrays a dichotomous presentation, wherein one line signifies the HRACM approach while the other delineates the RBAC technique.Each data point depicted on the graph corresponds to a distinct count of roles and its corresponding duration of execution for each method.Upon examination of the graph, it becomes apparent that the HRACM Method consistently demonstrates reduced execution times across all role counts in comparison to the RBAC Method.The HRACM Method exhibits a consistent trajectory, suggesting a uniform range of execution time within the interval of 0.001 to 0.002 seconds.
The observation suggests that the HRACM Method demonstrates effectiveness and consistency regardless of the number of roles involved in the access control process.
On the other hand, the line representing the RBAC Method exhibits a distinct upward trend as the role count increases.The graph demonstrates that as the number of roles increases, the execution time for the RBAC Method also increases significantly.The noted escalation in the deterioration of performance highlights the probable constraints of the RBAC approach in scenarios that entail a larger quantity of roles.The visual representation of the data reinforces the findings, emphasizing the superior swiftness of the HRACM Method in terms of its execution.The HRACM Method has been shown to exhibit efficacy and flexibility in scenarios involving fluctuating role counts, as indicated by its uniform and diminished execution durations, as illustrated by the even trajectory of its graph.The graph presents a succinct and lucid depiction of the comparative analysis of the execution time between the HRACM Method and RBAC Method.The graphical depiction of the data improves comprehension of the performance disparities between the two techniques, empowering scholars, and professionals to make knowledgeable determinations about the choice of a suitable access control mechanism that aligns with their performance prerequisites.To help explain the execution time differences between HRACM, DAC, and ABAC methods, Figure 8 was created.The graph's abscissa shows roles and the ordinate shows execution time in seconds.Figure 8 compares HRACM, DAC, and ABAC execution times.Three lines represent each technique.
After scrutinizing the graph, it becomes evident that the HRACM method displays consistently reduced execution times across all role counts.The trajectory of the HRACM approach exhibits a relatively low slope, indicating a consistent and efficient pattern of execution durations.The findings underscore the HRACM method's performance superiority, as it consistently outperforms the DAC and ABAC methods in runtime.
In terms of comparison, the trajectories illustrated by the DAC and ABAC methodologies demonstrate a certain level of resemblance, indicating that their respective durations of execution are likely to be similar.Both methodologies exhibit slightly higher execution times compared to the HRACM method, indicating that they may require additional time to perform access control operations To conduct a comprehensive assessment of the HRACM approach, a comparative analysis was performed versus the extant access control mechanisms, namely DAC (Discretionary Access Control) and MAC (Mandatory Access Control).Table 1 presents a comparison and summary of the attributes of these methodologies.The tabular data depicts a juxtaposition of the attributes inherent in the DAC, MAC, and HRACM methodologies.The DAC approach confers user privileges without regard to hierarchical structures, whereas the MAC methodology prioritizes security integrity.The HRACM approach, in contrast, allocates user privileges according to a hierarchical framework.In addition, it can be noted that both the Mandatory Access Control (MAC) and the Hierarchical Role-Based Access Control Model (HRACM) are designed to provide data integrity, whereas the Discretionary Access Control (DAC) method does not offer this feature.In terms of authorization management, it is only the Hierarchical Role-Based Access Control Model (HRACM) that includes this functionality.Regarding dynamics, it can be observed that both the DAC and MAC methods lack dynamic access control, whereas the HRACM method presents a degree of partial dynamic control.Finally, with regards to flexibility, it can be observed that both the HRACM and MAC techniques demonstrate flexibility, while the DAC approach lacks this characteristic.The analysis comparing the execution times of HRACM, DAC, and MAC techniques, as presented in Table 2, indicates that the HRACM approach exhibits superior performance compared to the other two methods across multiple model characteristics.The HRACM approach exhibits greater dynamism and flexibility as compared to the DAC and MAC techniques, owing to its provision of additional features.This suggests that HRACM has the capacity to streamline and enhance access control procedures in a more efficient manner.
In addition to evaluating the performance of the HRACM method, the execution times of the Composikey, IBPRE, and KPRE models were compared for different file sizes.This comparison aimed to assess the efficiency of these encryption algorithms in terms of execution time while ensuring the security of critical information and maintaining access for authorized users.The execution times were measured for file sizes ranging from 1 KB to 2 GB.Table 2 presents the execution times for the IBPRE, KPRE, and Composikey models across various file sizes.To facilitate a visual comparison of the execution times for all three methods, a bar graph was generated (Figure 9).The graph in Figure 9 provides a clear visual representation of the execution time comparison among the Composikey, IBPRE, and KPRE models for various file sizes.The x-axis represents the file sizes, while the y-axis represents the execution time in seconds.Analyzing the graph, it can be observed that the Composikey method consistently exhibits lower execution times compared to the IBPRE and KPRE models for all file sizes.This finding highlights the advantage of the Composikey method in terms of efficiency and execution speed, indicating its potential for delivering faster encryption operations.Furthermore, the graph demonstrates that the execution times for the IBPRE and KPRE models are nearly identical across all file sizes.This suggests that these two methods offer similar performance characteristics in terms of execution time.The results emphasize the superiority of the Composikey method in terms of execution time.Its consistently lower execution times across different file sizes make it an attractive choice for securing critical information while minimizing processing time.Overall, the comparison of execution times among the Composikey, IBPRE, and KPRE models reveals the efficiency and effectiveness of the Composikey method in achieving faster encryption operations.The graph in Figure 10 serves as a visual representation of the performance differences among the three methods, further supporting the findings.
In addition to the execution time comparison, the vulnerability of the algorithms to various types of attacks was evaluated.Table 3 presents a comparison of the DES, IBPRE, and Composikey algorithms concerning their vulnerability to different types of attacks.It is observed that the IBPRE algorithm is resistant to known-plaintext attacks, while the DES algorithm and Composikey algorithm are not susceptible to such attacks.The DES algorithm is vulnerable to chosen-plaintext and ciphertext-only attacks, whereas the IBPRE algorithm is not susceptible to these attacks.Remarkably, the Composikey algorithm is not susceptible to any of the analysed attacks.The ITZKP was successfully implemented for secure auditing checks by calculation, ensuring the confidentiality and integrity of the data without disclosing any inputs or intermediate results.The file was divided into 8 chunks, each with its own hash concatenated with the hashes of its immediate children, providing a secure and efficient data organization.To evaluate the performance of the proposed ITZKP system, three attributes were considered for comparison: challenge time, response time, and verifier time.These attributes were compared with those of two existing systems, ZKP and Libra, under the same testing conditions for different file sizes ranging from 1 KB to 1 GB.The objective was to assess the efficiency and effectiveness of the proposed ITZKP system in comparison to the existing systems.
Figure 10(a) presents the results of the challenge time in milliseconds.The bar chart clearly demonstrates that the proposed ITZKP system requires less time compared to the existing ZKP and Libra systems.This indicates that the ITZKP system offers improved efficiency and faster processing time for handling challenges, ensuring quick and reliable verification processes.Figure 10(b) illustrates the response time measured in microseconds for the existing ZKP and Libra systems for different file sizes, ranging from 1 KB to 1 GB.The ITZKP system was used to verify the prover's response.The graph shows that the response time for the ITZKP system is comparable to the existing systems, indicating its effectiveness in generating timely responses without compromising security.The verifier time, as shown in Figure 10(c), is another critical aspect of the auditing process.The graph displays the time taken by the verifier in verifying the authenticity of the data.The results reveal that the verifier time for the ITZKP system aligns closely with the existing systems, demonstrating its ability to perform efficient verification processes.
A simulation study is done for the OPAW distribution to assess the estimators performance.The Average Estimates (AEs), Absolute Biases (ABs), and Mean Square Errors (MSEs) of the MLEs are calculated from 1,000 samples for some scenarios reported in Tables 1, 2 and 3, respectively.These findings indicate that the AEs tend to the true values, and the ABs and MSEs decay when n increases, which ensures that the MLEs of the OPAW parameters are consistent.
Additionally, the ITZKP system was subjected to testing to evaluate its resilience against potential attacks.Table 4 showcases the number of iterations carried out by the algorithm under different chances of attacks.The results indicate that the number of iterations increases as the chances of attack escalate, highlighting the system's ability to adapt and strengthen its security measures in response to potential threats.Table 4 shows the relationship between attack probability and ITZKP system iterations.To protect against attacks, the system iterates more.The analysis and comparison of the ITZKP system with existing systems shows its efficiency and effectiveness in secure auditing checks.ITZKP outperforms ZKP and Libra in challenge, response, and verifier times.Its adaptability and resilience make it reliable in data integrity and confidentiality.A) Performance analysis In this section, multiple users access the system in an Ethernet LAN with 100Mbps network speed to evaluate its performance.Uploading is 3.61Mbps and downloading is 2.87Mbps.The evaluation device has a 32-bit operating system and a 2.27GHz x64-based Intel i3 processor.Performance analysis evaluates the system's responsiveness, efficiency, and ability to handle multiple user requests.To assess the system's performance, experiments are conducted in a controlled network environment.Response time, throughput, and resource utilization are assessed.The system's response time is measured.Throughput measures the system's data processing speed.Resource utilization assesses CPU and memory usage.The data in Table 5 shows that the system performs well in the network environment.User requests are processed quickly because the response time is acceptable.Throughput measurements show that the system can handle the specified downloading and uploading speeds, allowing users to transfer data smoothly.The system optimally uses hardware resources, ensuring performance without resource bottlenecks.Strong key sharing and authentication secure cloud storage provider-user communication.These processes verify user identities and exchange cryptographic keys to limit system access to authorized users.Identity-Based Key Exposure Resilient Auditing secures systems.This auditing scheme protects data integrity and authenticity.Identity-based auditing prevents data tampering and access.These safeguard cloud storage.Encryption, strong key sharing and authentication, and Identity-Based Key Exposure Resilient Auditing safeguard data.

Discussion
This research has yielded significant findings regarding the improvement of security measures in cloud computing settings by implementing innovative approaches such as HR-ACM, Composikey, and ITZKP.Nonetheless, there exist various potential areas for future research that can propel the domain of cloud security to greater heights.An area of potential future investigation pertains to the concept of scalability.The assessment of scalability of proposed methodologies is crucial considering the increasing size and complexity of cloud environments.Subsequent inquiry may encompass the evaluation of the efficacy and effectiveness of HR-ACM, Composikey, and ITZKP methodologies in the context of cloud infrastructures that are progressively more extensive.They would yield significant perspectives on their capacity to manage an increased quantity of data and user inquiries, guaranteeing the efficacy and efficiency of security protocols in cloud environments that are subject to change.
An additional area that warrants investigation in the future pertains to the resilience of the suggested methodologies in the face of sophisticated forms of attacks.The evaluation of the resilience of HR-ACM, Composikey, and ITZKP against advanced intrusion attempts or newly emerging cryptographic vulnerabilities is of utmost importance in light of the evolving nature of security threats.It is possible to perform thorough examinations and computer-based models to detect possible vulnerabilities and develop strategies to reduce the impact of these emerging hazards.This approach can improve the overall security stance of cloud computing systems.The validation of the practical applicability and effectiveness of the proposed techniques requires an important subsequent step, which is the deployment in realworld scenarios [24].Undertaking comprehensive experimentation and performance assessments across a range of cloud computing environments would yield valuable insights into their practical feasibility and efficacy.Through the experimentation of methodologies across diverse scenarios and datasets, scholars can acquire a comprehensive comprehension of their efficacy and pinpoint any pragmatic obstacles that necessitate resolution.

Conclusions
This study evaluates various cloud computing security methods.HR-ACM, Composikey, and ITZKP have improved data security, access management, and authenticity.HR-ACM's strong security framework efficiently allocates user roles, verifies their actions, and restricts unauthorized cloud resource access.Composikey, a composite key encryption algorithm, has increased data security while maintaining access for authorized users.ITZKP's computationbased secure auditing checks have protected inputs and intermediate outcomes, ensuring data privacy throughout the process.Our experiments and performance evaluations proved the methodologies' efficacy and efficiency.The HR-ACM approach outperforms conventional RBAC frameworks in execution time and scalability.The Composikey encryption algorithm protects cloud data by outperforming previous methods.The ITZKP protocol also securely authenticates data integrity while protecting confidential data.The findings of this study contribute to the body of knowledge in cloud security and provide valuable insights for practitioners and researchers aiming to develop efficient and robust security architectures for cloud computing environments.
Our comparative analysis suggests the proposed methodologies improve security, performance, and privacy.HR-ACM provides precise access control and efficient user rolemanagement.The Composikey algorithm protects sensitive data, while the ITZKP protocol conducts audit checks securely and privately.
However, more research and improvement are possible.Next research may examine the scalability of the suggested methods in more complex and large-scale cloud environments.Their ability to withstand sophisticated attacks and implementation in real-world scenarios would reveal their practicality.Incorporating emerging technologies like machine learning and blockchain could improve security, while addressing privacy concerns would ensure responsible data management.To conclude, HR-ACM, Composikey, and ITZKP work well together to build resilient and secure cloud computing frameworks.Our study shows that technology can solve major security issues and provide a solid foundation for cloud-based solutions.These methods and further research can create a secure, private cloud computing environment.This can boost user trust and cloud technology adoption.

Future scope
There is potential for further investigation into the amalgamation of the suggested methodologies with nascent technologies such as machine learning, blockchain, or edge computing.The exploration of the potential synergies and advantages arising from the integration of these technologies can make a valuable contribution to the advancement of more resilient and effective security frameworks for cloud-based settings.Through the utilization of nascent technologies, scholars can effectively tackle distinct security hurdles and augment the comprehensive security and confidentiality facets of cloud computing systems.
Finally, the preservation of privacy in the context of cloud computing is a topic that requires additional research.The research paper primarily cantered on the topics of data protection and access control.However, there is potential for future work to explore additional techniques that prioritize the preservation of user privacy, facilitate secure data sharing, and adhere to the ever-changing landscape of privacy regulations.The implementation of robust security measures and prioritization of user privacy in cloud architectures would foster trust among users and facilitate responsible data handling practices.

Figure 2 .
Figure 2. Design phase for Role Based Access Control Model

Figure 3 .
Figure 3. System architecture for Role Based Access Control Model[18]

Figure 5 .
Figure 5. Design phase for Interactive Tree-Based Zero Knowledge Protocol (ITZKP)

Figure 7 .
Figure 7. Execution Time Comparison between HRACM Method and RBAC MethodTo prove its efficacy and superiority, the execution time of the HRACM (Hierarchical Role-Based Access Control Model) approach was compared to DAC and ABAC.The comparative analysis assessed access control techniques' execution duration efficiency and efficacy.The research involved 64 role tallies and their efficacy times.The results indicate that the three methodologies differ in implementation length.HRACM had a significantly lower execution time than DAC and ABAC.

Figure 8 .
Figure 8. Execution Time Comparison between HRACM Method and RBAC Method

Figure 9 .
Figure 9. Execution Time Comparison among Composikey, IBPRE, and KPRE Models for Different File Sizes

Figure 10 .
Figure 10.Comparison of Challenge Time, Verifier Time and Response Time

Table 1 .
Comparison with Existing model

Table 2 .
Execution Time for different file sizes

Table 3 .
Types of Attacks and Comparison of Algorithms

Table 4 .
Number of Iterations for Different Chances of Attack

Table 5 .
Time analysis Security Module The security module enhances CSP and user security.Encryption, strong key sharing, and authentication safeguard data.Identity-Based Key Exposure Resilient Auditing secures the proposed cloud storage system.System security is enhanced by robust auditing mechanisms that resist key exposure risks.Only authorized users can decrypt sensitive cloud storage data.Encryption algorithms protect data.