CloudaSec: A novel public-key based framework to handle data sharing security in clouds

Recent years have witnessed the trend of leveraging cloud-based services for large scale content storage, processing, and distribution. Data security and privacy are among top concerns for the public cloud environments. Towards these security challenges, we propose and implement CloudaSec framework for securely sharing outsourced data via the public cloud. CloudaSec ensures the confidentiality of content in the public cloud environments with flexible access control policies for subscribers and efficient revocation mechanisms. CloudaSec proposes several cryptographic tools for data owners, based on a novel content hash keying system, by leveraging the Elliptic Curve Cryptography (ECC). The separation of subscription-based key management and confidentiality-oriented asymmetric encryption policies uniquely enables flexible and scalable deployment of the solution as well as strong security for outsourced data in cloud servers. Through experimental evaluation, we demonstrate the efficiency and scalability of CloudaSec, build upon OpenStack Swift testbed.

[1]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[2]  Dan Boneh,et al.  On the Impossibility of Efficiently Combining Collision Resistant Hash Functions , 2006, CRYPTO.

[3]  Kenneth W. Regan Minimum-Complexity Pairing Functions , 1992, J. Comput. Syst. Sci..

[4]  Somchart Fugkeaw,et al.  Achieving privacy and security in multi-owner data outsourcing , 2012, Seventh International Conference on Digital Information Management (ICDIM 2012).

[5]  Yuqing Zhang,et al.  Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud , 2013, IEEE Transactions on Parallel and Distributed Systems.

[6]  Jing Peng,et al.  A novel encryption scheme for data deduplication system , 2010, 2010 International Conference on Communications, Circuits and Systems (ICCCAS).

[7]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[8]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[9]  Yvo Desmedt,et al.  A secure and scalable Group Key Exchange system , 2005, Inf. Process. Lett..

[10]  Ratna Dutta,et al.  Pairing-Based Cryptographic Protocols : A Survey , 2004, IACR Cryptol. ePrint Arch..

[11]  John Gantz,et al.  The Digital Universe in 2020: Big Data, Bigger Digital Shadows, and Biggest Growth in the Far East , 2012 .

[12]  Yonggang Wen,et al.  Towards end-to-end secure content storage and delivery with public cloud , 2012, CODASPY '12.

[13]  Vijay Varadharajan,et al.  Enforcing Role-Based Access Control for Secure Data Storage in the Cloud , 2011, Comput. J..

[14]  Elisa Bertino,et al.  An Efficient Certificateless Encryption for Secure Data Sharing in Public Clouds , 2014, IEEE Transactions on Knowledge and Data Engineering.

[15]  Vinod Ganapathy,et al.  K2C: Cryptographic Cloud Storage with Lazy Revocation and Anonymous Access , 2011, SecureComm.

[16]  Ben Lynn,et al.  On the implementation of pairing-based cryptosystems , 2007 .

[17]  AtenieseGiuseppe,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006 .