Privacy preserving cloud data access with multi-authorities

Cloud computing is a revolutionary computing paradigm which enables flexible, on-demand and low-cost usage of computing resources. Those advantages, ironically, are the causes of security and privacy problems, which emerge because the data owned by different users are stored in some cloud servers instead of under their own control. To deal with security problems, various schemes based on the Attribute-Based Encryption have been proposed recently. However, the privacy problem of cloud computing is yet to be solved. This paper presents an anonymous privilege control scheme AnonyControl to address not only the data privacy problem in a cloud storage, but also the user identity privacy issues in existing access control schemes. By using multiple authorities in cloud computing system, our proposed scheme achieves anonymous cloud data access and fine-grained privilege control. Our security proof and performance analysis shows that AnonyControl is both secure and efficient for cloud computing environment.

[1]  Cong Wang,et al.  Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[2]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[3]  Cong Wang,et al.  Secure and practical outsourcing of linear programming in cloud computing , 2011, 2011 Proceedings IEEE INFOCOM.

[4]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[5]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[6]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[7]  Jie Wu,et al.  Hierarchical attribute-based encryption for fine-grained access control in cloud storage services , 2010, CCS '10.

[8]  Taeho Jung,et al.  Search me if you can: Privacy-preserving location query service , 2012, 2013 Proceedings IEEE INFOCOM.

[9]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[10]  Kazuki Yoneyama,et al.  Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures , 2008, ACNS.

[11]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[12]  Wenjing Lou,et al.  Attribute-based content distribution with hidden policy , 2008, 2008 4th Workshop on Secure Network Protocols.

[13]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[14]  Cong Wang,et al.  Secure Ranked Keyword Search over Encrypted Cloud Data , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems.

[15]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[16]  Ben Lynn,et al.  Toward Hierarchical Identity-Based Encryption , 2002, EUROCRYPT.

[17]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[18]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[19]  Yunhao Liu,et al.  Verifiable private multi-party computation: Ranging and ranking , 2013, 2013 Proceedings IEEE INFOCOM.

[20]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[21]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[22]  Ming Gu,et al.  Hierarchical Attribute-Set Based Encryption for Scalable, Flexible and Fine-Grained Access Control in Cloud Computing , 2011, ISPEC.

[23]  Shaojie Tang,et al.  Privacy-preserving data aggregation without secure channel: Multivariate polynomial evaluation , 2013, 2013 Proceedings IEEE INFOCOM.

[24]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[25]  Yunhao Liu,et al.  Rumor Riding: Anonymizing Unstructured Peer-to-Peer Systems , 2011, IEEE Trans. Parallel Distributed Syst..

[26]  Sean W. Smith,et al.  Attribute-Based Publishing with Hidden Credentials and Hidden Policies , 2007, NDSS.

[27]  Vipul Goyal,et al.  Identity-based encryption with efficient revocation , 2008, IACR Cryptol. ePrint Arch..

[28]  Yunhao Liu,et al.  Message in a Sealed Bottle: Privacy Preserving Friending in Social Networks , 2012, 2013 IEEE 33rd International Conference on Distributed Computing Systems.