IJDATICS_CICET22_Volume11_Issue2.pdf

i Preface Welcome to the Volume 11 Number 2 of the International Journal of Design, Analysis and Tools for Integrated Circuits and Systems (IJDATICS). This volume is comprised of selected research papers from the International Conference on Recent Advancements in Computing in Artificial Intelligenc e, Internet of Things and Computer Engineering Technology (CICET), October 24 - 26, 2022, Taipei, Taiwan. CICET 2022 is hosted by The Tamkang University amid pleasant surroundings in Taipei, which is a delightful city for the conference and traveling around. CICET 2022 serves a communication platform for researchers and practitioners both from academia and industry in the areas of Computing in Artificial Intelligence (AI), Internet of Things (IoT), Integrated Circuits and Systems and Computer Engineering Te chnology. The main target of CICET 2022 is to bring together software/hardware engineering researchers, computer scientists, practitioners and people from industry and business to exchange theories, ideas, techniques and experiences related to all aspects of CICET. Recent progress in Deep Learning (DL) has unleashed some of the promises of AI, moving it from the realm of toy applications to a powerful tool that can be leveraged across a wide number of industries. In recognition of this, CICET 2022 has selec ted Artificial AI and Machine Learning (ML) as this year’s central theme. The Program Committee of CICET 2022 consists of more than 150 experts in the related fields of CICET both from academia and industry. CICET 2022 is organized by The Tamkang Universi ty, Taipei, Taiwan, and co - organized by AI University Research Centre (AI - URC) and Research Institute of Big Data Analytics (RIBDA), Xi’an Jiaotong - Liverpool University, China as well as supporting by: Swinburne University of Technology Sarawak Campus, Mal aysia; Taiwanese Association for Artificial Intelligence, Taiwan; Trcuteco, Belgium; International Journal of Design, Analysis and Tools for Integrated Circuits and Systems, International DATICS Research Group. The CICET 2022 Technical Program includes 1 i nvited speaker and 30 oral presentations. We are beholden to all of the authors and speakers for their contributions to CICET 2022. On behalf of the program committee, we would like to welcome the delegates and their guests to CICET 2022. We hope that the delegates and guests will enjoy the conference. Professor Ka Lok Man, Xi’an Jiaotong - Liverpool University, China Professor Young B. Park, Dankook University, Korea Chairs of CICET 2022 ii Table of Contents Vol. 11, N o. 2 , December 2022 _____________________________________________________________________________________ Preface ................................................................................................. i Table of Contents ................................................................................... ii _____________________________________________________________________ ________________ 1. Shawn Ang, Law Kim Young, Zhi Qi, Zahid Akhtar, Kamran Siddique, Ka Lok Man and Jie Zhang , Attribute Based Encryption in Cloud Computing , Xiamen University Malaysia, Malaysia 1 2 Rou Lee, Zhi Qi, Zahid Akhtar, Kamran Siddique, Ka Lok Man and Jie Zhang , Automation in Cloud Migration: An Effective Study , Xiamen University Malaysia, Malaysia 7 3 Abubakar Ya’u Muhammad, Bashir D. Bala, Shamsuddeen Yusuf and Najib Hamisu Umar , A Compact - Size and Geometrically Simple Dual band Antenna for ISM and WLAN Application , KUST Wudil , Nigeria 1 3 4 S. Usman, I. Abdullahi, K. G. Ibrahim, N. I. Yusuf, H. B. Yusuf and B. G. Agaie , Multiple Linear Regression Using Cholesky Decomposition i n Studying Crime Rate i n Jigawa State, Nigeria , Federal University Dutse , Nigeria 1 7 5 Yuechun Wang, Ka Lok Man, Danny Hughes and Jie Zhan g , Design and Development of Trusted Real - Time Execution Environment , Xi’an Jiaotong - Liverpool University, China 22 6. Ailyn Kency Lam Cham Kee, Yuechun Wang, Yuxuan Zhao, Jie Zhang, Erick Purwanto, Tomas Krilavicius and Ka Lok Man , Machine Learning in Healt hcare: the Prediction of Diabetes Risk by ML Classification Models , Vytautas Magnus University, Kaunas, Lithuania 2 5 7. Syu - Jhih Jhang, Chih - Yung Chang, Shih - Jung Wu and Chia - Ling Ho , BUAS: Joint Bottom - Up Article Selection for Quick Article Similarity I dentification Based on NLP , Tamkang University, Taiwan 3 3 8. Yuan - Lin Liang, Chih - Yung Chang and Kuo - Chung Yu , CE - SQL: A Single - Table Chinese Text - to - SQL generation with BERT - Based Slot Filling Method , Tamkang University, Taiwan 37 9. Chien - Chang Chen, Cheng - Shian Lin, Yen - Ting Chen, Wen - Her Chen, Chien - Hua Chen, and I - Cheng Chen , Player Pair Evaluation in Rowing , Tamkang University, Taiwan 4 1 10. Sunusi Bala Abdullahi, Zakariyya Abdullahi Bature, Auwal Muhammad , Multimodal Biometric Recognition N etwork Base on Spatial - temporal Fingerprint and Finger Vein (STMFPFV - Net) Features , King Mongkut’s University of Technology Thonburi , T hailand 43 INTERNATIONAL JOURNAL OF DESIGN, ANALYSIS AND TOOLS FOR INTERGRATED CIRCUITS AND SYSTEMS, VOL. 1 1, NO. 2 , DEC EMBER 20 22 1 Attribute Based Encryption in Cloud Computing Shawn Ang 1 , Law Kim Young 1 , Zhi Qi 1 , Zahid Akhtar 2 , Kamran Siddique 1,* , Ka Lok Man 3 , Jie Zhang 3 Abstract — Cloud computing is a computing paradigm that provides various services and computing resources to users through Cloud Service Providers over the Internet. However, storing data in an unsecure cloud may lead to security issues such as privacy issues and data leakage. Therefore, it is necessary for encryption schemes t o be implemented in clouds to provide a secure environment for the users. One of the cryptographic schemes is the Attribute Based Encryption (ABE) , which provides privacy and access control in cloud and can be implemented in a Trusted Real - Time Execution E nvironment to achieve stronger security This paper first outlines the various existing encryption techniques, which can be categorized into symmetric and asymmetric algorithms. It then comprehensively explore the key policy and the access policy attribu te based encryption. Furthermore, this paper examines the various schemes of ABE and compares the schemes based on its access structure, advantages and disadvantages. L astly, this paper discuss es the application s of key policy and ciphertext policy ABE. In dex Terms — Cloud, Encryption techniques, Attribute Based Encryption, Key - Policy Attribute Based Encryption, Ciphertext - Policy Based Encryption. I. INTRODUCTION There are tons of advantages and benefits provided by cloud computing, among them are less maintenance, scalability, cost saving, accessible wherever etc. Despite with the huge benefits provided by cloud computing, there are still a number of organizations and companies are still showing hesitation to move into cloud computing, specifically stor ing big data in it mostly because there are still some security and privacy issues regarding cloud [1]. The main functionality of cloud would be storing and managing data from any part of the world regardless for the user’s location and device. Big data is also stored in it at the same time for managing and analyzing purposes. Big data processing and analyzing is proven to be pretty simple because cloud providers often support those requirements. Nevertheless, the issue lies within cloud is access control a s well as data privacy as keeping one’s data in cloud would mean that their data would be stored in a Cloud Service Provider (CSP) whom may not be that trustworthy as they are part of a third party [1]. This is because cloud service provider will have more or less direct contact to personal data that are resided in the cloud facilities and may disclose and share it with prohibited users for profit. To make sure the information stored is secure, the data stored in cloud facilities should always be encrypted before storing into the cloud. Despite that, those data are still accessible to all users , therefore, the data access should also be implemented here and should be restricted and classified according to features such as user’s positions and rights in the hierarchy of the company. Thus, this concludes that there will be two main things to consi der when storing information and data into cloud which are privacy of data and user access control. In the first part, some of the basic and traditional encryption techniques are introduced such as symmetric and asymmetric key encryption cryptographic and elaborated to give a general idea of what cryptography is. The later part of the paper will focus more on Attribute Based Encryption which is a subset of asymmetric key encryption. II. RELA T ED W OR K Symmetric Key Algorithm. It is one of the most fundamental techniques used in crypto community. It utilizes the similar key for both encryption and decryption of information. Further explanation is conducted in the later part of this paper. Asymmetric Key Algorithm. Asymmetric is the improvised version of symmetric key algorithm. It however uses two keys which is not similar for both encryption and decryption of information. More of it is elaborated in the later part of the paper. Key Policy Attribute Based Encryption (KPABE). It is a further modification of the asymmetric key algorithm itself. It provides further security aspects to the encryption of data itself. Further information regarding the method is given on the following part of the paper. Cipherte xt Policy Attribute Based Encryption (CPABE). It is an improvised version of KPABE except that the encryptor has control over the data he/she encrypted [5] III. ENCRYPTION TECHNIQUES A. SYMMETRIC KEY ALGORITHMS Symmetric key algorithm is an encryption technique that requires only a single key to perform both encryption and decryption. The secret key can be anything ranging from a number, word, or even a random string. This secret key is used to encrypt and decrypt the data, rendering it unreadable to those who do not have the secret key. Sender and receiver must exchange the secret key to be used in the decryption process. There are two types symmetric key algorithms, which is categorized into the block ciphers and stream ciphers. In block Manuscript received S e pt. 27 , 202 2 1 Department o f Information and Communication Technology, Xiamen University Malaysia, Sepang 43900, Malaysia 2 Department of Network and Computer Security, State University of New York Polytechnic Institute, Utica, 13502, USA 3 School of Advanced Technology, Xi’an Jiaotong - Liverpool University, Suzhou, 215123, China. *Corresponding author (email: kamran.siddique@xmu.edu.my ). INTERNATIONAL JOURNAL OF DESIGN, ANALYSIS AND TOOLS FOR INTERGRATED CIRCUITS AND SYSTEMS, VOL. 1 1, NO. 2 , DEC EMBER 20 22 2 ciphers, a key of predet ermined length is applied to a fixed size plaintext block and outputs a block of ciphertext of the same length as the plaintext block. In stream ciphers, one bit is encrypted at a time with the corresponding keystream to obtain the ciphertext stream. Some of the common symmetric key algorithms are the Advanced Encryption Standard (AES), Blowfish algorithm, and Data Encryption Standard (DES). 1) AD VANCED ENCRYPTION STANDARD Advanced Encryption Standard (AES) is one of the symmetric block cipher encryption algor ithms. The National Institute of Standards and Technology (NIST) first introduced AES when there was a need replacement for the Data Encryption Standard that started becoming more vulnerable. In the AES encryption, there are three block ciphers, which is t he AES - 128, AES - 192, and the AES - 256. Data is encrypted and decrypted in blocks of 128 - bits, but with three different cryptographic keys: 128 - bits, 192 - bits, and 256 - bits. The ciphertext is acquired by processing the plaintext through rounds of steps that includes table substitution, transposition of data rows, and mixing of columns of the plaintext. The 128 - bit keys consist of 10 rounds, whereas the 192 - bits consists of 12 rounds, and 14 rounds for the 256 - bits. 2) DATA ENCRYPTION STANDARD Data Encryption St andard (DES) is a symmetric block cipher introduced by NIST. DES algorithm applies the concept of Feistel Cipher, which is a multi - round cipher. It takes an input of plaintext block with 64 - bit and process it through the 16 round Fiestel structure to produ ce a 64 - bit ciphertext. A 56 - bit secret key is used in both the encryption and decryption process. The encryption process consists of two permutation boxes, known as the initial and final permutations, with the 16 Fiestel rounds. The DES algorithm applies a different 48 - bit key in each round which is generated from the key generation algorithm [10] B. ASYMMETRIC KEY ALGORITHMS Asymmetric key cryptosystem uses a different concept compared to symmetric cryptography that utilizes the similar key for the process of encryption and decryption. In asymmetric cryptography, non - identical keys are utilized for encryption and decryption re spectively. For this case of algorithm, each receiver will own a decryption key on its own, which will be known as his private key. As for his public key, it will function as an encryption key. Typically, this type of cryptography system will require a tru sted third party which will declare formally that a particular public key is the property of a certain entity only. 1) DIFFIE - HELLMAN KEY EXCHANGE I t was one of the first public - key protocols that was initially proposed by Ralph Merkie but was named after Whi tfield Diffie and Martin Hellman. It is a technique to exchange cryptographic keys securely . The transfer is done over a public channel. It is used during the early days of cryptography for public key exchange. With this protocol, a sender and the respecti ve receiver can develop a common secret key over a channel that is not secure Th e case even applied to that both sender and receiver have no prior knowledge of each other. The key created can later be utilized in the encrypt ion of the upcoming communicati ons. The process starts with the two entities agrees on a random starting color that can be known publicly. For this case , the color blue is chosen. Each individual will also pick a unrevealed color that only themselves know For instance , yellow and green . The important part is that Alice and Bob will combine the mutually shared color with their respective secret colors, which will produce a result of green and cyan mixture. They will proceed to interchange the colors publicly. Lastly, they will then mix t he exchanged color with private color of theirs and produce a result mixture of light - cyan which is identical for both of the entity. Even if a n attacker eavesdrops on the very exchange, he will only obtain the publicly known color which is blue and the pu blicly exchanged mixture It is computationally impossible for the eavesdropper to discover the end color. The action would be computationally expensive and proven impossible to be accomplished within a time limit that is logical. 2) RSA CRYPTOSYSTEM It was named after three cryptographers who first invented it, which are Ron Rivest, Adi Shamir and Len Adl eman. It is one of the first and oldest asymmetric cryptosystem ever founded and yet remained one of the most employed and used cryptosystem up till now. Two keys are present in the process of encryption and decryption are known as the public key and the p rivate key. Th is key will function as the element to encrypt messages and data. This key is known by everyone. With the encrypted message, the receiver can only decrypt the particular message using only the private key. This asymmetry cryptography is found ed on the basis of intensity of the factorization of the product of two big prime numbers. As for process of verification, the server handling the transfer of data will implement the authentication of key . This process takes place with the signing the mess age together along with the private key . This would be also known as digital signature. Th is digital signature is later passed back to the client. The client will then verify it when comparing it to the server’s known public key. IV. ATTRIBUTE BASED ENCRYPTION For this segment, the fundamental concept of Attribute Based Encryption (ABE) and its algorithm will be discussed. It was first proposed by Sahai et.al [1]. It uses one to many algorithms for the reason of protecting information stored in cloud. For this particular encryption, the information and data is encrypted with a particular set of attributes as its base. Three of the main elements involved are Data Owner, Data User and Authority. First, the authority will produce a key which is public, and it is se nt to owner of the data for the purpose of encryption. At the same time, it will also generate a master secret key. Then this key is utilized to produce user’s secret key based on its attributes. Data are encrypted using the public key together with INTERNATIONAL JOURNAL OF DESIGN, ANALYSIS AND TOOLS FOR INTERGRATED CIRCUITS AND SYSTEMS, VOL. 1 1, NO. 2 , DEC EMBER 20 22 3 the at tributes of it by the Data Owner and the data will be proceeded to be kept in cloud. To decrypted then access the information, Data User will have to possess the private key from the authority. The whole decryption process is only possible when at least d components of the attribute in the data matches the components in the secret key. In cases of adding new users to the current system, a new secret key with different attribute will be generated again by the authority. In Fig. 1, ABE scheme’s architecture i s displayed. ABE is generally distributed into Key Policy Attribute Based Encryption (KPABE) and Ciphertext Policy Attribute Based Encryption (CPABE). Fig. 1 ABE scheme’s architecture A. KEY POLICY ATTRIBUTE BASED ENCRYPTION For this section, a few different KPABE schemes will be discussed and elaborated. In 2006, KPABE, a cryptosystem for sharing of encrypted data was introduced by Goyal et al [2] For this encryption method, a set of attributes are embedded with the ciphert ext when formed and the user key comes with policy such as access structure. The message is only able to be decrypted when the access structure is fulfilled by the user attributes. For KPABE scheme, it is specified by four algorithms as stated below. Setup : A security parameter is taken as an input during the setup algorithm. A public parameter PK and a master key MSK is outputted. All these elements are only known to the private key generator (PKG). A description of session key space K is included in the p ublic parameters. Encryption: A message M , a set of attributes a and the public parameters PK are taken as input and ciphertext c is outputted. Key Generation: For this process, the master key msk , public parameters PK and an access structure A is taken as input and a decryption key D A is produced. Decryption: This algorithm will take ciphertext c which has been encrypted as input. Output will be the message M if a is a part of the access control structure. For this particular part, KPABE uses a tree - based access structure. The leaf nodes represent the attributes and the non - leaf nodes are threshold gates. They are represented in the form of [x,y] where x will represent the threshold value and number of attributes is represented by y. OR gate is r epresented by the threshold [1,y] while AND gate is seen as [y,y]. Only when user satisfied the root node, user will be able to decrypt and retrieve the data otherwise the data is impossible for decryption. In Fig.2 X1, X2 and X3 are taken as attributes an d the access policy X1 AND (X2 OR X3) of the threshold gate tree structure are displayed. The attributes among X2 or X3 are displayed as [1,2] and it represent the OR gate while AND gate is represented as [2,2]. Fig. 2 The threshold gate tree structure For the mentioned KPABE schemes, all of them are using monotonic access structure. It means that negative attribute does not exist in the access policy. However, a non - monotonic access structure is introduced by Ostrovsky et al. [3] That structure has included both positive as well as negative attributes which is NOT is supported between attributes. Fig.3 is displayed as a mind map for the basic concept of a non - monotonic access structure. In that figure, X1, X2 and X3 repres ent the attributes of tree structure which is non - monotonic for access policy X 1 AND X2 NOT X3. Fig. 3 The mind map for a nonmonotonic access structure B. CIPHERTEXT POLICY ATTRIBUTE BASED ENCRYPTION The Attribute Based Encryption was refined by Goyal, Pandey, Sahai, and Waters in their following works. They INTERNATIONAL JOURNAL OF DESIGN, ANALYSIS AND TOOLS FOR INTERGRATED CIRCUITS AND SYSTEMS, VOL. 1 1, NO. 2 , DEC EMBER 20 22 4 formulated two supplementary forms of ABE, which is the Key - Policy ABE and the Ciphertext - Policy ABE [8]. The KPABE has been discussed in the prev ious section of this paper. In this section, the CPABE will be discussed along with a few of its different schemes The first CPABE scheme was introduced by Bethencourt et al., where the ciphertext is linked with access structures and the users’ private key s with attributes. A CPABE scheme mainly consists of four algorithms: Setup, Encrypt, Key Generation, and Decrypt. A fifth algorithm called Delegate can also be added to the scheme. Setup : The setup algorithm takes the input of the security parameter and outputs the public parameters, Public Key (PK) and Master Secret Key (MK). Encrypt : The encryption algorithm takes the PK and an access structure, to encrypt a message . A ciphertext is then produced from the encryption such that only the person with the r equired attributes and access structure can perform the decryption. Key Generation : The key generation algorithm generates the secret keys , by using the MK and a set of attributes associated with the key as input. Decrypt : The decryption algorithm decry pts the ciphertext, which contains the access policy using the private key for a set of attributes. The algorithm decrypts the ciphertext back to the original message when the set of attributes complements the access structure. Delegate : Delegation takes the secret key for a set of attributes as input and outputs a new key for the set of attributes [7][9] The work of Bethencourt et al. [7] was then improved by Cheung et al. in terms of its security proof. It was proved to be secure under the Decisional B ilinear Diffie - Hellman (DBDH) assumption during its first computation. The access structure consists of the AND gate positive and negative attributes, which uses the don’t care condition to identify attributes that are not in the AND gate. However, the cip hertext and key size with the number of attributes using this scheme. Goyal et al. [7] later introduced an improved scheme which uses the bounded access tree with its security proved under DBDH assumption. But, user might be forced to use an access tree wi th a lower depth compared to the needed depth as it has to be specified in the setup stage. The schemes above generated ciphertext with sizes that were increasing linearly to its number of attributes. In the recent years, Li et al. [7] introduced an improv ed version of the CPABE by implementing a new access structure using Ordered Binary Decision Diagram (OBDD). This scheme is a non - monotonic access structure, which supports AND, OR, as well as NOT among the attributes. The input consists of Boolean variabl e, X 1 , X 2 , ..., X n , where each variable represents an attribute. The leaf node value of the tree determines the access, with the traversal starting from the root node down to the leaf node according to value of the attribute. The subtrees then test for anoth er attribute, and each will have two more subtrees, until the leaf node is reached. Fig 4 shows the representation of access policy X1 V X2 using binary decision and Fig 5 shows its reduced version. The access tree can be reduced using two ways, which is to identify and omitting redundant variables or to identify identical subtrees and letting them share. Fig. 4 Access policy X1 V X2 using binary decision Fig. 5. Reduced Version of Fig. 4 V. COMPARSION Comparison between all of the ABE schemes mentioned above will be compared in terms of their access structure, advantages and disadvantages. 1) Scheme: Sahai et al. [1] The access structure of this particular scheme is monotonic. It is categorized under KPAB E. The advantages of it compared to the other scheme is that it has fine - grained access control and the fact that is it uses a one to many cryptographic public key encryptions. The disadvantages of it would be the computational value for the particular sch eme is very high and the threshold value it uses is not quite expressive. 2) Scheme: Goyal et al. [2] The access structure for this scheme is monotonic too. The scheme proposed by Goyal is also categorized under Key Policy Attribute Based Encryption. The adv antages that come with it is that the user private key is defined on the tree access structure. The computational complexity is greatly improved compared to Sahai’s scheme. However, the disadvantage here would be that the scheme itself does not allow negat ive constraints. 3) Scheme: Ostrovsky et al. [3] INTERNATIONAL JOURNAL OF DESIGN, ANALYSIS AND TOOLS FOR INTERGRATED CIRCUITS AND SYSTEMS, VOL. 1 1, NO. 2 , DEC EMBER 20 22 5 This scheme uses non - monotonic access structure and is also categorized under KPABE. Advantages of it includes access structure of the scheme includes negative attribute. But due the fact, the disadvantages tha t comes along it is that it would display more computational overhead. 4) Scheme: Bethencourt et al. [7] This scheme is using the same monotonic access structure. However, it is categorized under Ciphertext Policy Attribute Based Encryption. The advantages in clude that better performance on access structure defined messages. The disadvantage is that compared to the other model, the security of this scheme is proven to be under them. 5) Scheme: Goyal et al. [7] This scheme uses a monotonic access structure and is one of the Ciphertext Policy Attribute Base Encryption. The advantage of using this scheme is that it uses bounded tree access which supports various access formulas. But, its access tree depth is bounded and must be specified in the setup phase. 6) Scheme: Li et al. [7] This Ciphertext Policy Attribute Based Encryption scheme introduced a non - monotonic access structure. Its advantage includes improving the efficiency and performance as it uses the ordered binary decision access structure. How ever, this scheme does not support revocation. VI. APPLICATION OF ABE In this section, the application of the two proposed complementary ABE, KPABE and CPABE [7] are discussed. A. KPABE The encryption of data in KPABE takes a set of descriptive attributes and a secret key associated with access structure as input, making it suitable for the following application: 1) FORENSIC APPLICATION Information and evidence stored is associated with a set of descriptive attributes, such as ID, date and time, name, and a short description. The information can only be accessed by an analyst. 2) NETWORK AUDIT LOG APPLICATION The attributes associated with the log stored in network audit includes IP address, username, date and time, etc. An authorised admin can retrieve the need ed records based on the requirement. In both of the applications, the encryption is done based on descriptive attributes. KPABE is unsuitable for applications where the owner needs to have some control over the data. B. CPABE Encryption of data in CPABE inclu des access structures and a secret key associated with a set of attributes. Some of the application of CPABE include: 1) COLLABORATIVE PROJECT DEVELOPMENT CPABE allows only individuals involved in the project to gain access to the data. 2) VIDEO SURVEILLANCE SYS TEM Due to privacy issues, access to the video data has to be restricted only to authorised personnel such as the security officer, or the supervisor. 3) DATA ACCESS IN ORGANIZATION The organization needs to limit the access of certain data so that only auth orised people or the higher - ups can view it. For instance, an employee from a department can only view data from their department but is restricted from other data. However, a manager may be able to view data from all departments. 4) UNIVERSITY ACADEMIC AFFAI R MANAGEMENT Contents shared within a course can only be accessed by students that have enrolled in that particular course. After the end of the course, the students will be restricted from accessing those materials using the delegation algorithm of CPABE. CPABE is not suitable for applications that require scalability as it does not support scalability. VII. CO NCLUSIONS Cloud computing has undoubt ed ly engraved itself in a part of the digital world nowadays. A lot of information and data is being stored an d processes using cloud facilities and the services they provide [6]. Without cloud, many organizations and corporations would go out of business or have to rework their whole business operating model. All the data transferred through back and forth the cl oud needs to be protected and encrypted to ensure confidentiality, integrity and authority of the data itself. Thus, encryption techniques are used for the very purpose. The basic idea and types of encryptions are introduced for the first section. The foll owing section explains into a deeper length of the topic of the paper itself, attribute - based encryption (ABE) used for cloud computing. ABE itself is further categorized into KPABE and CPABE. From paper itself it can be seen that CPABE has a better perfor mance when compared against KPABE as it would give full dominance to data owner regarding their data. A thorough comparison is made for all the encryption scheme mentioned in the paper. Their applications are also being mentioned and elaborated. It can be seen that these encryption techniques continue to improve further and at a greater speed with the advances of technologies and that is proven to be a good thing. By implementing these encryption techniques in the Trusted Real - Time Execution Environment , a very strong and practical security can be achieved in the cloud. A CKNOWLEDGEMENT This work was supported by the Xi’an Jiaotong - Liverpool University (XJTLU) AI University Research Centre, Jiangsu (Provincial) Data Science and Cognitive Computational INTERNATIONAL JOURNAL OF DESIGN, ANALYSIS AND TOOLS FOR INTERGRATED CIRCUITS AND SYSTEMS, VOL. 1 1, NO. 2 , DEC EMBER 20 22 6 Engineering Research Centre at XJTLU under Grant XJTLU - REF - 21 - 01 - 002. REFERENCES [1] A. Sahai, B. Waters. (2005). Fuzzy identity - based encryption, in: Theory and Applications of Cryptographic Techniques, Springer Berlin Heidelberg, pp. 457 - 473. https://doi.org/10.1007/11426639_27 [2] V. Goyal, O. Pandey, A.Sahai, B. Waters, (2006) Attribute - based encryption for fine - grained access control of encrypted data, in: Proceedings of the 13th ACM Conference on Computer and Communications Security, ACM, pp. 89 - 98. https://doi.org/10.1145/1180405.1180418 [3] R. Ostrovsky, A. Sahai, B. Waters. (20 07) Attribute - based encryption with non - monotonic access structures, in: ACM Conference on Computer and Communications Security Computer and communications security, ACM, pp. 195 - 203. https://doi.org/10.1145/1315245.1315270 [4] Wang, C., & Liu, Y. (2009). A Se cure and Efficient Key - Policy Attribute Based Key Encryption Scheme. 2009 First International Conference on Information Science and Engineering. doi:10.1109/icise.2009.157 [5] Suryawan, G. T., Linawati, & Andika, S. (2019). Ciphertext - Police Attribute Based E ncryption Performance on Notebook Device. 2019 International Symposium on Electronics and Smart Devices (ISESD). doi:10.1109/isesd.2019.8909472 [6] Lumb, I., Choi, E., Rimal, B.P. (2009). A taxonomy and survey of cloud computing systems, in: International Con ference on Networked Computing and Advanced Information Management, IEEE, pp. 44 - 51. http://dx.doi.org/10.1109/NCM.2009.218 [7] P, P. K., P, S. K., & P.J.A., A. (2018). Attribute based encryption in cloud computing: A survey, gap analysis, and future direction s. Journal of Network and Computer Applications, 108, 37 – 52. doi:10.1016/j.jnca.2018.02.009 [8] Waters, B. (2011). Ciphertext - Policy Attribute - Based Encryption: An Expressive, Efficient, and Provably Secure Realization. Public Key Cryptography – PKC 2011 Lect ure Notes in Computer Science , 53 – 70. doi: 10.1007/978 - 3 - 642 - 19379 - 8_4 [9] Beth encourt, J., Sahai , A., Waters, B. (2007). Ciphertext - Pol icy Attribute - Based Encryption. IEEE Symposium on Security and Privacy (SP '07) . Berkeley, CA, pp. 321 - 334. doi: 10.1109/SP.2007.11 [10] Chatterjee, R., Roy, S. (2017). Cryptography in Cloud Computing: A Basic Approach to Ensure Security in Cloud. International Journal of Engineering Science and Computing , 7 (5), 11818 - 11821. INTERNATIONAL JOURNAL OF DESIGN, ANALYSIS AND TOOLS FOR INTERGRATED CIRCUITS AND SYSTEMS, VOL. 1 1, NO. 2 , DECEMBER 2022 7 Automation in Cloud Migration: An Effective Study Rou Lee 1 , Zhi Qi 1 , Zahid Akhtar 2 , Kamran Siddique 1 , * , Ka Lok Man 3 , Jie Zhang 3 Abstract — When conducting a cloud migration in a Trusted Real - Time Execution Environment , it is always important to conduct the migration by following certain standard and constraint while modifying it according to the needs of the migration. Migration framework is introduced to provide such a standard and steps to be followed for migration. However, current migration frameworks no longer essentially satisfy the cloud migration efficiently . Resources are increasing and the usage of current migration frameworks are not proficiently supporting the demand s . Thus, researchers are develo ping more automation cloud migration frameworks that help in reducing the cost, time, manpower and increasing efficiency to conduct cloud migration. This paper concisely addresses cloud migration, stages of conducting cloud migration and introduces various automated cloud migration frameworks along with detailed analysis. Index Terms — Cloud Migration, Automation, Migration Framework I. INTRODUCTION There is a risk that is revolving around the topic of cloud computing in recent years, which is cloud lock - in [1]. Cloud lock - in is a risk where the consumers are unable to migrate to another cloud environment after adapting to one cloud environment [2]. This risk is introduced due to the demands of the consumers who wish to move from one cloud environment to another. The reason of the migration is because of the services that are provided by another cloud provider is better than the current cloud provider. In order to gain more customers, cloud providers are providing better services such as storage, SMTP support, and price. Thus, an increasing number of enterprises are aiming to pursue better services by migrating to a better platform. Besides migration from a cloud to another cloud, there also exists the demand of migrating from on premise to cloud. To ca ter to the problem and the demand, migration frameworks have been introduced. With the frameworks, consumers are able to perform migration by adhering to the standard and procedures in the framework. However, with the advancement of technology, the current migration framework no longer satisfies the needs of the consumers. There is an increment in the number of applications, resources, and data that are undergoing migration [3], which displayed that the current migration strategies no longer support the migration in terms of cost and performance. In 2016, the very - first automated migration framework is introduced. Automated migration framework is the framework that worked based on artificial intelligence (AI) . AI - based frameworks are introduced to maximize performance, maximizing results and reducing cost needed to perform migration. Cloud migration can be categorized into three approaches [2], which includes : 1. Re - host: Migration that involves moving the resources without modifying any codes. 2. Re - platform: Migration that involves moving the resources with a little effort in upgrading to cater to the cloud infrastructure. 3. Re - factor: Refacto r the code to cater to the functionality and the resources of cloud infrastructure. Furthermore, cloud migration can be categorized into four stages, which includes discovery, planning, migration, and quality assurance [ 4 ]. In all these stages, different a lgorithms and frameworks are used to maximize the positive effect of cloud migration. Before the introduction of artificial intelligence, traditional frameworks are used to guide the migration processes. However, challenges arise while making use of these frameworks. The challenges include the difficulty to cope up with the increasing amount of migrating resources, the increasing amount of cost in migration, the performance of the resources during migration, and the service interruption during migration tha t led to unwanted migration [ 5 ]. In this paper, we introduce various automated migration frameworks and perform detailed analysis on the frameworks to allow readers to have a better overview on automated cloud migration. The rest of the sections are organ ized as follows: Section I is the introduction; Section II is the literature review; Section III discusses the stages of cloud migration; Section IV depict s the automated cloud migration in different stages; Section V describes the challenges and future wo rk; Section VI is the conclusion. II. RELATED WORK Narantuya et al. [2] proposed strategies that solve d the problem of cloud lock - in. They also proposed a mechanism that reduces the downtime of migration of the resources during the moving of the resources. Th e study has successfully developed a framework with enable multiple virtual machines (VM) to migrate from one cloud to another based - on network traffic Manuscript received S e pt. 25, 2022 1 Xiamen University Malaysia, Sepang, Malaysia 2 State University of New York Polytechnic Institute , New York, USA 3 X i’an Jiaotong - Liverpool University, Suzhou, China INTERNATIONAL JOURNAL OF DESIGN, ANALYSIS AND TOOLS FOR INTERGRATED CIRCUITS AND SYSTEMS, VOL. 1 1, NO. 2 , DECEMBER 2022 8 dependencies. However, this framework does not support migration between public cloud, such as Google Cloud and Amazon. Lin, et al., [ 6 ] studie d about the framework and tool to automate migration planning. In their studies, they highlight the importance of automating the migration and propose solutions for migration planning to cope up with a large number of migration resources. However, in this study the researchers focus on the migration of servers. Thus, the researchers tend to focus on business application transformation in the future. Maja, V. & Hwang, J. [ 4 ] depict ed the AI - based migration techniques that help in proposing the migration plan and the challenges faced in the planning processes using AI - based migration techniques. Al - Kiswany et al. [7] discuss ed the automation in cloud migration from one provider to ano ther cloud provider by utilising the virtual image. It involves the grouping of servers with similarity and migrating the resources according to groups. The researchers increase the efficiency of cloud migration by migrating the resources as VM image. Bai et al. [8] depict ed the importance of developing a wave plan for migration. The researchers also introduce a method, Kullback - Leibler (KL) divergence - based method that allows systematic and efficient discovery of relationship between servers and servers or servers and application. This discovery is useful in migration planning. Beserra et al. [