Enforcing Location and Time-Based Access Control on Cloud-Stored Data

Recent incidents of data-breaches from the cloud suggest that users should not trust the cloud provider to enforce access control on their data. We focus on mitigating trust to the cloud in scenarios where granting access to data not only considers user identities (as in conventional access policies), but also contextual information such as the user's location and time of access. Previous work in this context assumes a fully trusted cloud that is further capable of locating users. We introduce LoTAC, a novel framework that seamlessly integrates the operation of a cloud provider and a localization infrastructure to enforce location- and time-based access control to cloud-stored data. In LoTAC, the two entities operate independently and are only trusted to offer their basic services: the cloud provider is used and trusted only to reliably store data, the localization infrastructure is used and trusted only to accurately locate users. Furthermore, neither the cloud provider nor the localization infrastructure can access the data, even if they collude. LoTAC protocols require no changes to the cloud provider and minimal changes to the localization infrastructure. We evaluate our protocols using a cellular network as the localization infrastructure and show that they incur in low communication and computation costs and scale well with a large number of users and policies.

[1]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[2]  Srdjan Capkun,et al.  Distance Hijacking Attacks on Distance Bounding Protocols , 2012, 2012 IEEE Symposium on Security and Privacy.

[3]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[4]  David Chaum,et al.  Distance-Bounding Protocols (Extended Abstract) , 1994, EUROCRYPT.

[5]  Indrakshi Ray,et al.  LRBAC: A Location-Aware Role-Based Access Control Model , 2006, ICISS.

[6]  Dorothy E. Denning,et al.  Location-based authentication: Grounding cyberspace for better security , 1996 .

[7]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[8]  Yonggang Wen,et al.  Towards end-to-end secure content storage and delivery with public cloud , 2012, CODASPY '12.

[9]  Eike Kiltz,et al.  The Group of Signed Quadratic Residues and Applications , 2009, CRYPTO.

[10]  Mihir Bellare,et al.  The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES , 2001, CT-RSA.

[11]  Bharat K. Bhargava,et al.  Secure and efficient access to outsourced data , 2009, CCSW '09.

[12]  Bruce Schneier,et al.  A Performance Comparison of the Five AES Finalists , 2000, AES Candidate Conference.

[13]  Didier Chincholle,et al.  Lost or Found? A Usability Evaluation of a Mobile Navigation and Location-Based Service , 2002, Mobile HCI.

[14]  Elisa Bertino,et al.  TRBAC , 2001, ACM Trans. Inf. Syst. Secur..

[15]  Elisa Bertino,et al.  GEO-RBAC: a spatially aware RBAC , 2005, SACMAT '05.

[16]  Ernesto Damiani,et al.  Supporting location-based conditions in access control policies , 2006, ASIACCS '06.

[17]  Urs Hengartner,et al.  Proving your location without giving up your privacy , 2010, HotMobile '10.

[18]  Ronald Cramer,et al.  Signature schemes based on the strong RSA assumption , 2000, TSEC.

[19]  Elisa Bertino,et al.  A generalized temporal role-based access control model , 2005, IEEE Transactions on Knowledge and Data Engineering.

[20]  Alec Wolman,et al.  Enabling new mobile applications with location proofs , 2009, HotMobile '09.

[21]  Eike Kiltz,et al.  Chosen-Ciphertext Security from Tag-Based Encryption , 2006, TCC.

[22]  Michael K. Reiter,et al.  Alternatives to Non-malleability: Definitions, Constructions, and Applications (Extended Abstract) , 2004, TCC.

[23]  Radu Sion,et al.  The Shy Mayor: Private Badges in GeoSocial Networks , 2012, ACNS.