Sanitizable access control system for secure cloud storage against malicious data publishers
Cloud computing is considered as one of the most prominent paradigms in the information technology industry, since it can significantly reduce the costs of hardware and software resources in computing infrastructure. This convenience has enabled corporations to efficiently use the cloud storage as a...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2022
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/7302 https://ink.library.smu.edu.sg/context/sis_research/article/8305/viewcontent/09351678.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-8305 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-83052023-04-21T00:57:09Z Sanitizable access control system for secure cloud storage against malicious data publishers SUSILO, Willy JIANG, Peng LAI, Jianchang GUO, Fuchun YANG, Guomin DENG, Robert H. Cloud computing is considered as one of the most prominent paradigms in the information technology industry, since it can significantly reduce the costs of hardware and software resources in computing infrastructure. This convenience has enabled corporations to efficiently use the cloud storage as a mechanism to share data among their employees. At the first sight, by merely storing the shared data as plaintext in the cloud storage and protect them using an appropriate access control would be a nice solution. This is assuming that the cloud is fully trusted for not leaking any information, which is impractical as the cloud is owned by a third party. Therefore, encryption is mandatory, and the shared data will need to be stored as a ciphertext using an appropriate access control. However, in practice, some of these employees may be malicious and may want to deviate from the required sharing policy. The existing protection in the literature has been explored to allow only legitimate recipients to decrypt the contents stored in the cloud storage, but unfortunately, no existing work deals with issues raised due to the presence of malicious data publishers. Malicious data publishers construct data following the given policy, but the ciphertexts can actually be decrypted by unauthorized users without valid keys, or simply, anyone else who is unauthorized. The impact of the involvement of malicious data publishers is detrimental, as it may damage intellectual properties from the corporations. Therefore, it remains an elusive research problem on how to enable a sound approach to resolve the issue when malicious data publishers are involved in the system, which is a very practical question. In this work, we present a new direction of research that can cope with the presence of malicious data publishers. We resolve the aforementioned problem by proposing the notion of Sanitizable Access Control System (SACS), which is designed for a secure cloud storage that can also resist against malicious data publishers. We define the threat model and its formal security model, as well as its design and scheme which is based on q-Parallel Bilinear Diffie-Hellman Exponent Assumption. We provide the security proof of our construction as well as its performance analysis. We believe that this work has opened a new area of research which has never been explored before, even though it is very practical. Therefore, this work will enhance the adoption of secure cloud storage in practice. 2022-05-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/7302 info:doi/10.1109/TDSC.2021.3058132 https://ink.library.smu.edu.sg/context/sis_research/article/8305/viewcontent/09351678.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Secure cloud storage access control sanitizable malicious data publishers Information Security Theory and Algorithms |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Secure cloud storage access control sanitizable malicious data publishers Information Security Theory and Algorithms |
| spellingShingle |
Secure cloud storage access control sanitizable malicious data publishers Information Security Theory and Algorithms SUSILO, Willy JIANG, Peng LAI, Jianchang GUO, Fuchun YANG, Guomin DENG, Robert H. Sanitizable access control system for secure cloud storage against malicious data publishers |
| description |
Cloud computing is considered as one of the most prominent paradigms in the information technology industry, since it can significantly reduce the costs of hardware and software resources in computing infrastructure. This convenience has enabled corporations to efficiently use the cloud storage as a mechanism to share data among their employees. At the first sight, by merely storing the shared data as plaintext in the cloud storage and protect them using an appropriate access control would be a nice solution. This is assuming that the cloud is fully trusted for not leaking any information, which is impractical as the cloud is owned by a third party. Therefore, encryption is mandatory, and the shared data will need to be stored as a ciphertext using an appropriate access control. However, in practice, some of these employees may be malicious and may want to deviate from the required sharing policy. The existing protection in the literature has been explored to allow only legitimate recipients to decrypt the contents stored in the cloud storage, but unfortunately, no existing work deals with issues raised due to the presence of malicious data publishers. Malicious data publishers construct data following the given policy, but the ciphertexts can actually be decrypted by unauthorized users without valid keys, or simply, anyone else who is unauthorized. The impact of the involvement of malicious data publishers is detrimental, as it may damage intellectual properties from the corporations. Therefore, it remains an elusive research problem on how to enable a sound approach to resolve the issue when malicious data publishers are involved in the system, which is a very practical question. In this work, we present a new direction of research that can cope with the presence of malicious data publishers. We resolve the aforementioned problem by proposing the notion of Sanitizable Access Control System (SACS), which is designed for a secure cloud storage that can also resist against malicious data publishers. We define the threat model and its formal security model, as well as its design and scheme which is based on q-Parallel Bilinear Diffie-Hellman Exponent Assumption. We provide the security proof of our construction as well as its performance analysis. We believe that this work has opened a new area of research which has never been explored before, even though it is very practical. Therefore, this work will enhance the adoption of secure cloud storage in practice. |
| format |
text |
| author |
SUSILO, Willy JIANG, Peng LAI, Jianchang GUO, Fuchun YANG, Guomin DENG, Robert H. |
| author_facet |
SUSILO, Willy JIANG, Peng LAI, Jianchang GUO, Fuchun YANG, Guomin DENG, Robert H. |
| author_sort |
SUSILO, Willy |
| title |
Sanitizable access control system for secure cloud storage against malicious data publishers |
| title_short |
Sanitizable access control system for secure cloud storage against malicious data publishers |
| title_full |
Sanitizable access control system for secure cloud storage against malicious data publishers |
| title_fullStr |
Sanitizable access control system for secure cloud storage against malicious data publishers |
| title_full_unstemmed |
Sanitizable access control system for secure cloud storage against malicious data publishers |
| title_sort |
sanitizable access control system for secure cloud storage against malicious data publishers |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2022 |
| url |
https://ink.library.smu.edu.sg/sis_research/7302 https://ink.library.smu.edu.sg/context/sis_research/article/8305/viewcontent/09351678.pdf |
| _version_ |
1770576307861585920 |