论文信息 - A privacy-preserving access control in outsourced storage services

A privacy-preserving access control in outsourced storage services

In Storage-as-a-Services application,data owner delegates access control enforcement to external storage service privider while storing his data at it so as to free him from much involvement in users' query process. But the delegation of access control enforcement may cause privacy problem since the storage service privider may learn “who is granted access to the data” from access control policies and the indentities of the users who request the data. A privacy-preserving access control mechanism is proposed to solve this problem and its security is analyzed. The security analysis shows that the proposed mechanism guarantees secure access to outsourced data while preserving privacy of access control policies and users' IDs.

Liu Hongxia | Dai Jiazhu | Luo Shuangyan

[1] Hilarie K. Orman,et al. Hidden Credentials , 2003, WPES '03.

[2] Mikhail J. Atallah,et al. Attribute-Based Access Control with Hidden Policies and Hidden Credentials , 2006, IEEE Transactions on Computers.

[3] Bharat K. Bhargava,et al. Secure and efficient access to outsourced data , 2009, CCSW '09.

[4] Sushil Jajodia,et al. Over-encryption: Management of Access Control Evolution on Outsourced Data , 2007, VLDB.

[5] Qin Zhou,et al. A PKI-based mechanism for secure and efficient access to outsourced data , 2010, 2010 International Conference on Networking and Digital Society.

[6] Sushil Jajodia,et al. A data outsourcing architecture combining cryptography and access control , 2007, CSAW '07.

[7] Vijayalakshmi Atluri,et al. Privacy-preserving trust verification , 2010, SACMAT '10.