The term big data arose under the explosive increase of global data as a technology that is able to store and process big and varied volumes of data, providing both enterprises and science with deep insights over its clients? experiments. Big Data provides a reliable, fault-tolerant, available and scalable environment to harbor big data distributed management systems thus provide a need store our data at cloud providers place utilizing cloud computing technology. Attribute Based Encryption (ABE) techniques came into existence for securing and providing access control with its many attendant problem, more so with the use of Ciphertext-Policy Attribute-Based Encryption (CP-ABE) and Key-Policy Attribute-Based Encryption (KP-ABE). Big Data is used to maintains and manage valuable data that are store in the cloud. Having the cloud itself not fully trusted possess a lot of issues thereby making the big data in the cloud to face many threats that are not disclosed by services providers. For these reasons we are proposing an authentication protocol for big data with hierarchical attribute-based encryption and authorization structure which will provides a secure authentication protocol for two-level hierarchical attribute-based encryption and authorization structure of cloud big data access control system that will authenticate authorities or users. Our proposed protocol resorts to tree-based signature to significantly improve the security of attribute authorization thus providing data owner a level of security on the data that will require at least two-level of attributes been satisfy before big data can be access. To satisfy big data requirements, we proposed authentication protocol that support two levels of hierarchical attribute-based encryption and authorization structure using a combination of advanced encryption standard (AES), elliptic curve cryptography combining with the hardness of Diffie Hellman theorem (ECDH). Often times, data and file access control encryption were usually implemented with RSA and DSA protocol, which also comes with their own attendant problems, such as computational overhead cost, time sequence for both encryption and decryption key, encryption keys bit length which also culminate in longer period of time for process execution, We proposed a protocol for authentication and key exchange using AES (Advance Encryption Standard) and ECDH (Elliptic Curve Diffie Hellman) that help to resist forgery attack, replay attack, short key bits length thereby enable less utilization of bandwidth and availability on both mobile and desktop computing with robust security based on hardness of Diffie Hellman and Elliptic Curve cryptography algorithm. In addition, we proposed protocol that help preserve entities privacy, our protocol performance is far better than existing protocol, ours enable less power consumption and low bandwidth consumption as its key length invariably has lower bits than other protocol bits lengths. Comparing with the previous studies, we proof and show that our protocol has lower computational and communication overhead. We propose an authentication protocol for big data with the hierarchical attribute authorization structure which require that a trusted root authority grant access to data owner or domain authority that must define data users? attributes and each of the attributes are structure in terms by domain authority. For security of data we use ECDH and AES scheme. Elliptic curve ciphers require less computational power, memory and communication bandwidth giving it a clear edge over a traditional crypto-algorithms. Lately, many companies have adopted the use of ECDH algorithm to improve security efficiency (WhatsApp, Facebook, Firefox, etc.). In hierarchical attribute authorization adopted two levels - Trusted Root Authority (TRA) and Domain Authority (DA). The TRA acts as an authorization manager and DA?s in second tier as subordinated to the TRA.

Big Data, Cloud Computing, Authentication Protocol, Hierarchical Attribute Set Based Encryption, Ciphertext Policy Attribute Base Encryption, Elliptic Curve Cryptography, Diffie Hellman, ECDH, AES, ABE, CP-ABE, RSA, TRA

[1] Toninelli, A.; Montanari, R.; Kagal, L.; Lassila, O. A semantic context-aware access control framework for secure collaborations in pervasive computing environments. In Proceedings of the International Semantic Web Conference, Athens, GA, USA, 5?9 November 2006; pp. 473?486.
[2] Botta, A.; De Donato, W.; Persico, V. Pescap?, A. Integration of cloud computing and internet of things: A survey. Future Gener. Comput. Syst. 2016, 56, 684?700.
[3] Zissis, D.; Lekkas, D. Addressing cloud computing security issues. Future General. Computer. Systems. 2012, 28, 583?592.
[4] Bouabana-Tebibel, T.; Kaci, A. Parallel search over encrypted data under attribute-based encryption on the Cloud Computing. Comput. Secur. 2015, 54, 77?91.
[5] Akl, S.G.; Taylor, P.D. Cryptographic solution to a problem of access control in a hierarchy. ACM Transmission. Computer. Syst. 1983, 1, 239?248.
[6] Castiglione, A.; De Santis, A.; Masucci, B.; Palmieri, F.; Huang, X.; Castiglione, A. Supporting dynamic updates in storage clouds with the Akl?Taylor scheme. Inf. Sci. 2017, 387, 56?74.
[7] Akl, S.G.; Taylor, P.D. Cryptographic solution to a problem of access control in a hierarchy. ACM Transmission. Computer. Syst. 1983, 1, 239?248.
[8] Crampton, J.; Farley, N.; Gutin, G.; Jones, M.; Poettering, B. Cryptographic enforcement of information flow policies without public information via tree partitions 1. J. Computer. Security. 2017, 25, 511?535.
[9] Goyal, V.; Pandey, O.; Sahai, A.; Waters, B. Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, VA, USA, 30 October?3 November 2006; pp. 89?98.
[10] Bethencourt, J.; Sahai, A.; Waters, B. Ciphertext-policy attribute-based encryption. In Proceedings of the IEEE Symposium on Security and Privacy (SP?07), Berkeley, CA, USA, 20?23 May 2007; pp. 321?334.
[11] Waters, B. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In Proceedings of the International Workshop on Public Key Cryptography, Taormina, Italy, 6?9 March 2011; pp. 53?70.
[12] Bethencourt, J.; Sahai, A.; Waters, B. Ciphertext-policy attribute-based encryption. In Proceedings of the IEEE Symposium on Security and Privacy (SP?07), Berkeley, CA, USA, 20?23 May 2007; pp. 321?334.
[13] Lai, J.; Deng, R.H.; Li, Y. Expressive CP-ABE with partially hidden access structures. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, Seoul, Korea, 2?4 May 2012; pp. 18?19.
[14] Waters, B. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In Proceedings of the International Workshop on Public Key Cryptography, Taormina, Italy, 6?9 March 2011; pp. 53?70.
[15] Lee, C.-C.; Chung, P.-S.; Hwang, M.-S. A Survey on Attribute-based Encryption Schemes of Access Control in Cloud Environments. IJ Netw. Secur. 2013, 15, 231?240.
[16] Li, Y.; Zhu, J.; Wang, X.; Chai, Y.; Shao, S. Optimized ciphertext-policy attribute-based encryption with efficient revocation. Int. J. Security. Its Appl. 2013, 7, 385?394.
[17] Hongbing, C., R Chunrning, H Kai, W. Weihong and L. Yanyan: Secure big data storage and sharing scheme for cloud tenants. China Communication., 12: 106-115, 2015.
[18] Sookhak, M., A Gani, M.K. Khan and R Buyya: Dynamic remote data auditing for securing big data storage in cloud computing. Inf Sci., 380:101-116.2017.
[19] Puthal, D., S. Nepal, R Ranjan and J. Chen: DPBSV-an efficient and secure scheme for big sensing data stream. Proceedings of the 2015 IEEE Conference on Trustcom/BigDataSE/ISPA Vol. 1, August 20-22, 2015, IEEE, Helsinki, Finland, ISBN:978-1-4673-7951-9, pp: 246-253, 2015.