A fine grained access control and flexible revocation scheme for data security on public cloud storage services

2012 International Conference on Cloud Computing Technologies, Applications and Management (ICCCTAM) Pub Date : 2012-12-01 DOI:10.1109/ICCCTAM.2012.6488066

T. Eissa, Gi-Hwan Cho

{"title":"A fine grained access control and flexible revocation scheme for data security on public cloud storage services","authors":"T. Eissa, Gi-Hwan Cho","doi":"10.1109/ICCCTAM.2012.6488066","DOIUrl":null,"url":null,"abstract":"Cloud computing based storage services have rapidly spread in the market due to their promising capabilities and features. However, the security challenge of outsourcing sensitive data for sharing on the cloud which is not fully controlled by the data owners is still open. In this paper, we present negative and positive attributes in attribute based encryption to support fine grained access control and flexible revocation. The framework is designed to shift the key security roles, such as authentication and key management, from the cloud to be shared between data owners and a trusted third party. Furthermore, this research aims to enable data owner to do most of the heavy re-encryption tasks using the cloud resources and without revealing his data or attributes to the cloud. We propose a flexible revocation solution which enables the owner to revocate users without the need for re-encrypting all the affected files or regenerating system and users' keys. We highlight the performance of our scheme by analyzing its computational complexity.","PeriodicalId":111485,"journal":{"name":"2012 International Conference on Cloud Computing Technologies, Applications and Management (ICCCTAM)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 International Conference on Cloud Computing Technologies, Applications and Management (ICCCTAM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCCTAM.2012.6488066","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 10

Abstract

Cloud computing based storage services have rapidly spread in the market due to their promising capabilities and features. However, the security challenge of outsourcing sensitive data for sharing on the cloud which is not fully controlled by the data owners is still open. In this paper, we present negative and positive attributes in attribute based encryption to support fine grained access control and flexible revocation. The framework is designed to shift the key security roles, such as authentication and key management, from the cloud to be shared between data owners and a trusted third party. Furthermore, this research aims to enable data owner to do most of the heavy re-encryption tasks using the cloud resources and without revealing his data or attributes to the cloud. We propose a flexible revocation solution which enables the owner to revocate users without the need for re-encrypting all the affected files or regenerating system and users' keys. We highlight the performance of our scheme by analyzing its computational complexity.

查看原文本刊更多论文

细粒度访问控制和灵活的撤销方案，保障公有云存储服务的数据安全

基于云计算的存储服务由于其具有良好的性能和特性，在市场上迅速普及。然而，将敏感数据外包到不完全由数据所有者控制的云上共享的安全挑战仍然存在。在基于属性的加密中，我们提出了负属性和正属性，以支持细粒度访问控制和灵活撤销。该框架旨在将关键安全角色(如身份验证和密钥管理)从云端转移到数据所有者和可信第三方之间共享。此外，本研究旨在使数据所有者能够使用云资源完成大多数繁重的重新加密任务，而不会将其数据或属性泄露给云。我们提出了一个灵活的撤销解决方案，使所有者能够撤销用户，而无需重新加密所有受影响的文件或重新生成系统和用户的密钥。我们通过分析其计算复杂度来突出该方案的性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2012 International Conference on Cloud Computing Technologies, Applications and Management (ICCCTAM)

自引率

0.00%

发文量