A dynamic cryptographic access control scheme in cloud storage services

The cloud storage services is a technology in cloud computing, which provides the online storage services for data owners over the Internet. It enables data owners to remotely store their data into a cloud so that to enjoy scalable services pay-on-demand. However, allowing the cloud servers to take care of the confidential data, which may bring many challenges for data security and access control. In order to achieve security, fine-grained and flexible access control for cloud storage services, we present a cryptographic access control scheme called CS-CACS based on encryption (CP-ABE), which is implemented based on the HDFS workstation. Meanwhile, we combine the proxy re-encryption and lazy re-encryption to make the cloud servers do most of re-encryption computing when the user's permission is revoked, which greatly reduces the computation cost of data owners. Our scheme has prominent properties of user access permission confidentiality and user secret key accountability. Performance analysis shows that the proposed scheme is efficient and security when the more users access data in the cloud storage.

[1]  Milan Petkovic,et al.  An encryption scheme for a secure policy updating , 2010, 2010 International Conference on Security and Cryptography (SECRYPT).

[2]  Ali Miri,et al.  Combining Attribute-Based and Access Systems , 2009, 2009 International Conference on Computational Science and Engineering.

[3]  Lv Zhiquan Cryptographic Access Control Scheme for Cloud Storage , 2011 .

[4]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[5]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[6]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[7]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[8]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[9]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[10]  Ming Gu,et al.  Hierarchical Attribute-Set Based Encryption for Scalable, Flexible and Fine-Grained Access Control in Cloud Computing , 2011, ISPEC.