Protecting data in cloud environment with attribute-based encryption

Traditional file systems cannot satisfy the recent requirements in the cloud environment. Meanwhile, current file systems designed for cloud computing cannot provide enough flexibility, fine-grained access control and access security. In this paper, a novel secure file sharing scheme based on attribute control is presented. In order to design a practical cloud file system with attribute based encryption, we give a systematic definition of attribute computing in cloud computing environment. Based on the definition, we present a secure and practical attribute based encryption scheme without pairings CP-ABE-WP under cloud computing scenarios. Then we design a secure cloud file system applying our CP-ABE-WP to provide data management and secure data sharing. According to our analysis and test, the scheme is chosen plaintext secure in selective ID model with acceptable performance and can satisfy the file sharing application in cloud computing.

[1]  Robert Latham,et al.  A next-generation parallel file system for Linux cluster. , 2004 .

[2]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[3]  Brent Waters,et al.  Secure attribute-based systems , 2006, CCS '06.

[4]  Brent Waters,et al.  Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption , 2012, IACR Cryptol. ePrint Arch..

[5]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[6]  Brent Waters,et al.  Attribute-Based Encryption for Circuits from Multilinear Maps , 2012, CRYPTO.

[7]  Jianfeng Ma,et al.  Access control requirements for structured document in cloud computing , 2013, Int. J. Grid Util. Comput..

[8]  Matt Blaze,et al.  A cryptographic file system for UNIX , 1993, CCS '93.

[9]  Jianfeng Ma,et al.  New Algorithms for Secure Outsourcing of Modular Exponentiations , 2014, IEEE Trans. Parallel Distributed Syst..

[10]  Jie Wu,et al.  Hierarchical attribute-based encryption for fine-grained access control in cloud storage services , 2010, CCS '10.

[11]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[12]  Javier Herranz,et al.  Constant Size Ciphertexts in Threshold Attribute-Based Encryption , 2010, Public Key Cryptography.

[13]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[14]  Jin Li,et al.  Efficient Fair Conditional Payments for Outsourcing Computations , 2012, IEEE Transactions on Information Forensics and Security.

[15]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[16]  Zhonghai Wu,et al.  Securing data services: a security architecture design for private storage cloud based on HDFS , 2013, Int. J. Grid Util. Comput..

[17]  GhemawatSanjay,et al.  The Google file system , 2003 .