Dual access control for cloud-based data storage and sharing

Publication Type

Journal Article

Version

acceptedVersion

Publication Date

3-2022

Abstract

Cloud-based data storage service has drawn increasing interests from both academic and industry in the recent years due to its efficient and low cost management. Since it provides services in an open network, it is urgent for service providers to make use of secure data storage and sharing mechanism to ensure data confidentiality and service user privacy. To protect sensitive data from being compromised, the most widely used method is encryption. However, simply encrypting data (e.g., via AES) cannot fully address the practical need of data management. Besides, an effective access control over download request also needs to be considered so that Economic Denial of Sustainability (EDoS) attacks cannot be launched to hinder users from enjoying service. In this article, we consider the dual access control, in the context of cloud-based storage, in the sense that we design a control mechanism over both data access and download request without loss of security and efficiency. Two dual access control systems are designed in this article, where each of them is for a distinct designed setting. The security and experimental analysis for the systems are also presented.

Keywords

Cloud computing, Access control, Encryption, Electronic mail, Servers, Economics, Cloud-based data sharing, access control, cloud storage service, Intel SGX, attribute-based encryption

Discipline

Information Security

Research Areas

Information Systems and Management

Publication

IEEE Transactions on Dependable and Secure Computing

Volume

19

Issue

2

First Page

1036

Last Page

1048

ISSN

1545-5971

Identifier

10.1109/TDSC.2020.3011525

Publisher

IEEE

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1109/TDSC.2020.3011525

This document is currently not available here.

Share

COinS