Multi-authority trust access control for cloud storage

The collusion of different users to get access permissions more than each of those users can get by himself is a serious problem in the ciphertext-policy attribute-based encryption. The trust notation can provide security against the users' collusion attack. In this paper, we have introduced the attributes' trust semi-formal definition. Also, a new Multi-Authority Trust Access Control (MA-TAC) model for cloud storage multi-authority systems has been proposed which is based on user's attributes for trust calculation. Our MA-TAC model ensures granting access for trusted users, while protecting the users' identity. Also, the users' permissions are dynamically changing based on the current trust level of the user. MA-TAC ensures both security and stability for user's collusion attack. Finally, the experimental results have indicated that the user's permission set is dynamically changing based on the user's trust level, which is decaying over time.

[1]  Aaas News,et al.  Book Reviews , 1893, Buffalo Medical and Surgical Journal.

[2]  Gail-Joon Ahn,et al.  AR-ABAC: A New Attribute Based Access Control Model Supporting Attribute-Rules for Cloud Computing , 2015, 2015 IEEE Conference on Collaboration and Internet Computing (CIC).

[3]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[5]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[6]  Thomas Beth,et al.  Valuation of Trust in Open Networks , 1994, ESORICS.

[7]  Rosario Gennaro,et al.  Public Key Cryptography - PKC 2011 - 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, Italy, March 6-9, 2011. Proceedings , 2011, Public Key Cryptography.

[8]  J. van Leeuwen,et al.  Advances in Cryptology — EUROCRYPT 2001 , 2001, Lecture Notes in Computer Science.

[9]  Kenneth G. Paterson Advances in Cryptology - EUROCRYPT 2011 - 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Tallinn, Estonia, May 15-19, 2011. Proceedings , 2011, EUROCRYPT.

[10]  Hai Jin,et al.  CloudAC: a cloud-oriented multilayer access control system for logic virtual domain , 2013, IET Inf. Secur..

[11]  Henri Gilbert,et al.  Advances in Cryptology - EUROCRYPT 2010, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco / French Riviera, May 30 - June 3, 2010. Proceedings , 2010, EUROCRYPT.

[12]  Nora Cuppens-Boulahia,et al.  Data and Applications Security and Privacy XXVI , 2012, Lecture Notes in Computer Science.

[13]  Young-Koo Lee,et al.  A trust model for ubiquitous systems based on vectors of trust values , 2005, Seventh IEEE International Symposium on Multimedia (ISM'05).

[14]  Salil P. Vadhan Proceedings of the 4th conference on Theory of cryptography , 2007 .

[15]  Zhu Yan,et al.  EAR-ABAC: An Extended AR-ABAC Access Control Model for SDN-Integrated Cloud Computing , 2015 .

[16]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[17]  Junping Du,et al.  Adaptive and attribute-based trust model for service level agreement guarantee in cloud computing , 2013, IET Inf. Secur..

[18]  Yingjiu Li,et al.  Data and Applications Security and Privacy XXV , 2011 .

[19]  Kent E. Seamons,et al.  Concealing complex policies with hidden credentials , 2004, CCS '04.

[20]  A. Jøsang Artificial Reasoning with Subjective Logic , 2008 .

[21]  Eric Horvitz,et al.  Patient controlled encryption: ensuring privacy of electronic medical records , 2009, CCSW '09.

[22]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[23]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.