Flexible, Secure, and Reliable Data Sharing Service Based on Collaboration in Multicloud Environment

Due to the abundant storage resources and high reliability data service of cloud computing, more individuals and enterprises are motivated to outsource their data to public cloud platform and enable legal data users to search and download what they need in the outsourced dataset. However, in “Paid Data Sharing” model, some valuable data should be encrypted before outsourcing for protecting owner’s economic benefits, which is an obstacle for flexible application. Specifically, if the owner does not know who (user) will download which data files in advance and even does not know the attributes of user, he/she has to either remain online all the time or import a trusted third party (TTP) to distribute the file decryption key to data user. Obviously, making the owner always remain online is too inflexible, and wholly depending on the security of TTP is a potential risk. In this paper, we propose a flexible, secure, and reliable data sharing scheme based on collaboration in multicloud environment. For securely and instantly providing data sharing service even if the owner is offline and without TTP, we distribute all encrypted split data/key blocks together to multiple cloud service providers (CSPs), respectively. An elaborate cryptographic protocol we designed helps the owner verify the correctness of data exchange bills, which is directly related to the owner’s economic benefits. Besides, in order to support reliable data service, the erasure-correcting code technic is exploited for tolerating multiple failures among CSPs, and we offer a secure keyword search mechanism that makes the system more close to reality. Extensive security analyses and experiments on real-world data show that our scheme is secure and efficient.

[1]  AtenieseGiuseppe,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006 .

[2]  Robert H. Deng,et al.  Efficient Unidirectional Proxy Re-Encryption , 2010, AFRICACRYPT.

[3]  Jonathan Katz,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[4]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[5]  Mukesh Singhal,et al.  Collaboration in multicloud computing environments: Framework and security issues , 2013, Computer.

[6]  Zibin Zheng,et al.  Cloud Service Reliability Enhancement via Virtual Machine Placement Optimization , 2017, IEEE Transactions on Services Computing.

[7]  Shujun Lian,et al.  Smoothing of the lower-order exact penalty function for inequality constrained optimization , 2016 .

[8]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[9]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[10]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[11]  Xinwen Zhang,et al.  CL-PRE: a certificateless proxy re-encryption scheme for secure data sharing with public cloud , 2012, ASIACCS '12.

[12]  Wen-Guey Tzeng,et al.  Identity-Based Proxy Re-encryption Without Random Oracles , 2007, ISC.

[13]  Yunlei Zhao,et al.  On the Security of a Bidirectional Proxy Re-encryption Scheme from PKC 2010 , 2011, Public Key Cryptography.

[14]  Naihua Xiu,et al.  Some projection-like methods for the generalized Nash equilibria , 2010, Comput. Optim. Appl..

[15]  Guo-Liang Tian,et al.  SCAD-Penalized Least Absolute Deviation Regression in High-Dimensional Models , 2015 .

[16]  Yi Mu,et al.  Identity-based data storage in cloud computing , 2013, Future Gener. Comput. Syst..

[17]  Peihe Wang,et al.  Some geometrical properties of convex level sets of minimal graph on 2-dimensional Riemannian manifolds , 2016 .

[18]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[19]  Eiji Okamoto,et al.  Identity-Based Proxy Cryptosystems with Revocability and Hierarchical Confidentialities , 2012 .

[20]  Matthew Green,et al.  Identity-Based Proxy Re-encryption , 2007, ACNS.

[21]  G. Manoj Someswar,et al.  Time-Based Proxy Re-encryption Scheme for Secure Data Sharing in a Cloud Environment , 2015 .

[22]  David Cash,et al.  Leakage-Abuse Attacks Against Searchable Encryption , 2015, IACR Cryptol. ePrint Arch..

[23]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[24]  Ryo Nishimaki,et al.  CCA Proxy Re-Encryption without Bilinear Maps in the Standard Model , 2010, Public Key Cryptography.

[25]  R.T.Subhalakshmi,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing using Attribute-Based Encryption , 2016 .

[26]  Yaping Lin,et al.  Secure Ranked Multi-keyword Search for Multiple Data Owners in Cloud Computing , 2014, 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[27]  Liang Zhong,et al.  Iterative Distributed Minimum Total MSE Approach for Secure Communications in MIMO Interference Channels , 2016, IEEE Transactions on Information Forensics and Security.

[28]  Zhihua Xia,et al.  A Secure and Dynamic Multi-Keyword Ranked Search Scheme over Encrypted Cloud Data , 2016, IEEE Transactions on Parallel and Distributed Systems.

[29]  Cong Wang,et al.  Privacy-Preserving Multi-Keyword Ranked Search over Encrypted Cloud Data , 2014 .

[30]  Ying Ding,et al.  Note: Correction to the 1997 tutorial on Reed–Solomon coding , 2005, Softw. Pract. Exp..

[31]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[32]  Cong Wang,et al.  Security Challenges for the Public Cloud , 2012, IEEE Internet Computing.

[33]  Yang Ming,et al.  An Efficient Attribute Based Encryption Scheme with Revocation for Outsourced Data Sharing Control , 2011, 2011 First International Conference on Instrumentation, Measurement, Computer, Communication and Control.

[34]  Ching-Hsien Hsu,et al.  Provision of Data-Intensive Services Through Energy- and QoS-Aware Virtual Machine Placement in National Cloud Data Centers , 2016, IEEE Transactions on Emerging Topics in Computing.

[35]  Cong Wang,et al.  Efficient verifiable fuzzy keyword search over encrypted data in cloud computing , 2013, Comput. Sci. Inf. Syst..

[36]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[37]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.