Secure fine-grained access control and data sharing for dynamic groups in the cloud

Cloud computing is an emerging computing paradigm that enables users to store their data in a cloud server to enjoy scalable and on-demand services. Nevertheless, it also brings many security issues, since cloud service providers (CSPs) are not in the same trusted domain as users. To protect data pr...

Full description

Saved in:
Bibliographic Details
Main Authors: XU, Shengmin, YANG, Guomin, MU, Yi, DENG, Robert H.
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2018
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/3985
https://ink.library.smu.edu.sg/context/sis_research/article/4987/viewcontent/secure_fine.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-4987
record_format dspace
spelling sg-smu-ink.sis_research-49872020-01-15T02:15:17Z Secure fine-grained access control and data sharing for dynamic groups in the cloud XU, Shengmin YANG, Guomin MU, Yi DENG, Robert H. Cloud computing is an emerging computing paradigm that enables users to store their data in a cloud server to enjoy scalable and on-demand services. Nevertheless, it also brings many security issues, since cloud service providers (CSPs) are not in the same trusted domain as users. To protect data privacy against untrusted CSPs, existing solutions apply cryptographic methods (e.g., encryption mechanisms) and provide decryption keys only to authorized users. However, sharing cloud data among authorized users at a fine-grained level is still a challenging issue, especially when dealing with dynamic user groups. In this paper, we propose a secure and efficient fine-grained access control and data sharing scheme for dynamic user groups by: 1) defining and enforcing access policies based on the attributes of the data; 2) permitting the key generation center to efficiently update user credentials for dynamic user groups; and 3) allowing some expensive computation tasks to be performed by untrusted CSPs without requiring any delegation key. Specifically, we first design an efficient revocable attribute-based encryption (ABE) scheme with the property of ciphertext delegation by exploiting and uniquely combining techniques of identity-based encryption, ABE, subset-cover framework, and ciphertext encoding mechanism. We then present a fine-grained access control and data sharing system for on-demand services with dynamic user groups in the cloud. The experimental data show that our proposed scheme is more efficient and scalable than the state-of-the-art solution. 2018-02-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/3985 info:doi/10.1109/TIFS.2018.2810065 https://ink.library.smu.edu.sg/context/sis_research/article/4987/viewcontent/secure_fine.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Cloud storage data sharing access control revocation dynamic group Information Security
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Cloud storage
data sharing
access control
revocation
dynamic group
Information Security
spellingShingle Cloud storage
data sharing
access control
revocation
dynamic group
Information Security
XU, Shengmin
YANG, Guomin
MU, Yi
DENG, Robert H.
Secure fine-grained access control and data sharing for dynamic groups in the cloud
description Cloud computing is an emerging computing paradigm that enables users to store their data in a cloud server to enjoy scalable and on-demand services. Nevertheless, it also brings many security issues, since cloud service providers (CSPs) are not in the same trusted domain as users. To protect data privacy against untrusted CSPs, existing solutions apply cryptographic methods (e.g., encryption mechanisms) and provide decryption keys only to authorized users. However, sharing cloud data among authorized users at a fine-grained level is still a challenging issue, especially when dealing with dynamic user groups. In this paper, we propose a secure and efficient fine-grained access control and data sharing scheme for dynamic user groups by: 1) defining and enforcing access policies based on the attributes of the data; 2) permitting the key generation center to efficiently update user credentials for dynamic user groups; and 3) allowing some expensive computation tasks to be performed by untrusted CSPs without requiring any delegation key. Specifically, we first design an efficient revocable attribute-based encryption (ABE) scheme with the property of ciphertext delegation by exploiting and uniquely combining techniques of identity-based encryption, ABE, subset-cover framework, and ciphertext encoding mechanism. We then present a fine-grained access control and data sharing system for on-demand services with dynamic user groups in the cloud. The experimental data show that our proposed scheme is more efficient and scalable than the state-of-the-art solution.
format text
author XU, Shengmin
YANG, Guomin
MU, Yi
DENG, Robert H.
author_facet XU, Shengmin
YANG, Guomin
MU, Yi
DENG, Robert H.
author_sort XU, Shengmin
title Secure fine-grained access control and data sharing for dynamic groups in the cloud
title_short Secure fine-grained access control and data sharing for dynamic groups in the cloud
title_full Secure fine-grained access control and data sharing for dynamic groups in the cloud
title_fullStr Secure fine-grained access control and data sharing for dynamic groups in the cloud
title_full_unstemmed Secure fine-grained access control and data sharing for dynamic groups in the cloud
title_sort secure fine-grained access control and data sharing for dynamic groups in the cloud
publisher Institutional Knowledge at Singapore Management University
publishDate 2018
url https://ink.library.smu.edu.sg/sis_research/3985
https://ink.library.smu.edu.sg/context/sis_research/article/4987/viewcontent/secure_fine.pdf
_version_ 1770574111913803776