Publication Type

Journal Article

Version

publishedVersion

Publication Date

1-2017

Abstract

Attribute-based encryption (ABE) has been widely used in cloud computing where a data provider outsources his/herencrypted data to a cloud service provider, and can share the data with users possessing specific credentials (or attributes). However,the standard ABE system does not support secure deduplication, which is crucial for eliminating duplicate copies of identical data inorder to save storage space and network bandwidth. In this paper, we present an attribute-based storage system with securededuplication in a hybrid cloud setting, where a private cloud is responsible for duplicate detection and a public cloud manages thestorage. Compared with the prior data deduplication systems, our system has two advantages. Firstly, it can be used to confidentiallyshare data with users by specifying access policies rather than sharing decryption keys. Secondly, it achieves the standard notion ofsemantic security for data confidentiality while existing systems only achieve it by defining a weaker security notion. In addition, we putforth a methodology to modify a ciphertext over one access policy into ciphertexts of the same plaintext but under other access policieswithout revealing the underlying plaintext.

Keywords

ABE, Storage, Deduplication

Discipline

Information Security | Software Engineering

Research Areas

Cybersecurity

Publication

IEEE Transactions on Big Data

Volume

PP

Issue

99

First Page

1

Last Page

13

Identifier

10.1109/TBDATA.2017.2656120

Publisher

Institute of Electrical and Electronics Engineers

Additional URL

https://doi.org/10.1109/TBDATA.2017.2656120

Download

Share

COinS