Publication Type
Journal Article
Version
acceptedVersion
Publication Date
2-2018
Abstract
Cloud computing is an emerging computing paradigm that enables users to store their data in a cloud server to enjoy scalable and on-demand services. Nevertheless, it also brings many security issues, since cloud service providers (CSPs) are not in the same trusted domain as users. To protect data privacy against untrusted CSPs, existing solutions apply cryptographic methods (e.g., encryption mechanisms) and provide decryption keys only to authorized users. However, sharing cloud data among authorized users at a fine-grained level is still a challenging issue, especially when dealing with dynamic user groups. In this paper, we propose a secure and efficient fine-grained access control and data sharing scheme for dynamic user groups by: 1) defining and enforcing access policies based on the attributes of the data; 2) permitting the key generation center to efficiently update user credentials for dynamic user groups; and 3) allowing some expensive computation tasks to be performed by untrusted CSPs without requiring any delegation key. Specifically, we first design an efficient revocable attribute-based encryption (ABE) scheme with the property of ciphertext delegation by exploiting and uniquely combining techniques of identity-based encryption, ABE, subset-cover framework, and ciphertext encoding mechanism. We then present a fine-grained access control and data sharing system for on-demand services with dynamic user groups in the cloud. The experimental data show that our proposed scheme is more efficient and scalable than the state-of-the-art solution.
Keywords
Cloud storage, data sharing, access control, revocation, dynamic group
Discipline
Information Security
Research Areas
Cybersecurity
Publication
IEEE Transactions on Information Forensics and Security
Volume
13
Issue
8
First Page
2101
Last Page
2103
ISSN
1556-6013
Identifier
10.1109/TIFS.2018.2810065
Publisher
Institute of Electrical and Electronics Engineers (IEEE)
Citation
XU, Shengmin; YANG, Guomin; MU, Yi; and DENG, Robert H..
Secure fine-grained access control and data sharing for dynamic groups in the cloud. (2018). IEEE Transactions on Information Forensics and Security. 13, (8), 2101-2103.
Available at: https://ink.library.smu.edu.sg/sis_research/3985
Copyright Owner and License
Authors
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
https://doi.org/10.1109/TIFS.2018.2810065