Secure fine-grained access control and data sharing for dynamic groups in the cloud

Author

Shengmin XU, University of Wollongong
Guomin YANG, University of Wollongong
Yi MU, University of Wollongong
Robert H. DENG, Singapore Management UniversityFollow

Publication Type

Journal Article

Version

acceptedVersion

Publication Date

2-2018

Abstract

Cloud computing is an emerging computing paradigm that enables users to store their data in a cloud server to enjoy scalable and on-demand services. Nevertheless, it also brings many security issues, since cloud service providers (CSPs) are not in the same trusted domain as users. To protect data privacy against untrusted CSPs, existing solutions apply cryptographic methods (e.g., encryption mechanisms) and provide decryption keys only to authorized users. However, sharing cloud data among authorized users at a fine-grained level is still a challenging issue, especially when dealing with dynamic user groups. In this paper, we propose a secure and efficient fine-grained access control and data sharing scheme for dynamic user groups by: 1) defining and enforcing access policies based on the attributes of the data; 2) permitting the key generation center to efficiently update user credentials for dynamic user groups; and 3) allowing some expensive computation tasks to be performed by untrusted CSPs without requiring any delegation key. Specifically, we first design an efficient revocable attribute-based encryption (ABE) scheme with the property of ciphertext delegation by exploiting and uniquely combining techniques of identity-based encryption, ABE, subset-cover framework, and ciphertext encoding mechanism. We then present a fine-grained access control and data sharing system for on-demand services with dynamic user groups in the cloud. The experimental data show that our proposed scheme is more efficient and scalable than the state-of-the-art solution.

Keywords

Cloud storage, data sharing, access control, revocation, dynamic group

Discipline

Information Security

Research Areas

Cybersecurity

Publication

IEEE Transactions on Information Forensics and Security

Volume

13

Issue

8

First Page

2101

Last Page

2103

ISSN

1556-6013

Identifier

10.1109/TIFS.2018.2810065

Publisher

Institute of Electrical and Electronics Engineers (IEEE)

Citation

XU, Shengmin; YANG, Guomin; MU, Yi; and DENG, Robert H.. Secure fine-grained access control and data sharing for dynamic groups in the cloud. (2018). IEEE Transactions on Information Forensics and Security. 13, (8), 2101-2103.
Available at: https://ink.library.smu.edu.sg/sis_research/3985

Copyright Owner and License

Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1109/TIFS.2018.2810065