The Research and Prospect of Secure Data Access Control in Cloud Storage Environment

—With the rapid development of cloud computing, users are becoming to move their data to the cloud server to avoid troublesome data management at local machines and enjoy convenient service, which might cause security and privacy protection issues of users’ data. To protect data security and user privacy, access control is an effective method. Generally, access control could be realized by cryptographic methods, with which users are able to access data in cloud only when they possess a certain corresponding set of credentials or attributes. In this paper, we mainly discuss the cryptographybased secure data access control for cloud storage, as well as the future prospect. Firstly, we introduce the research background of data access control. Then we study the currently existing ABE-Based schemes of data access control which are state of the art, and make some comparisons of these schemes in detail. Finally, we list some unsolved issues of these existing access control schemes for cloud storage to provide some future development direction about the further improvement.

[1]  Kai Zhao,et al.  Towards an Approach of Semantic Access Control for Cloud Computing , 2009, CloudCom.

[2]  Yi Lin,et al.  Ensure Data Security in Cloud Storage , 2011, 2011 International Conference on Network Computing and Information Security.

[3]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[4]  Sabrina De Capitani di Vimercati,et al.  Access Control Policies, Models, and Mechanisms , 2011, Encyclopedia of Cryptography and Security.

[5]  Paz Morillo,et al.  Extensions of access structures and their cryptographic applications , 2010, Applicable Algebra in Engineering, Communication and Computing.

[6]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[7]  Xiao-Feng Wang,et al.  Attribute-Based Encryption Schemes: Attribute-Based Encryption Schemes , 2011 .

[8]  Nishant Doshi,et al.  Hidden Access Structure Ciphertext Policy Attribute Based Encryption with Constant Length Ciphertext , 2011, ADCONS.

[9]  G. Patil Privacy-Preserving Decentralized Key Policy Attribute-Based Encryption , 2014 .

[10]  Ming Li,et al.  CP-ABE Based Access Control for Cloud Storage , 2015, ITITS.

[11]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[12]  Lianfu Yin The Analysis of Critical Technology on Cloud Storage Security , 2013, 2013 International Conference on Computer Sciences and Applications.

[13]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[14]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[15]  Clifford C. Cocks An Identity Based Encryption Scheme Based on Quadratic Residues , 2001, IMACC.

[16]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[17]  Yingjie Xia,et al.  A Hierarchical Access Control Scheme in Cloud using HHECC , 2010 .

[18]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[19]  Jonathan Katz,et al.  Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products , 2008, Journal of Cryptology.

[20]  Indrajit Ray,et al.  A cryptographic solution to implement access control in a hierarchy and more , 2002, SACMAT '02.

[21]  Rajkumar Buyya,et al.  Article in Press Future Generation Computer Systems ( ) – Future Generation Computer Systems Cloud Computing and Emerging It Platforms: Vision, Hype, and Reality for Delivering Computing as the 5th Utility , 2022 .

[22]  Sushil Jajodia,et al.  Over-encryption: Management of Access Control Evolution on Outsourced Data , 2007, VLDB.

[23]  Sushil Jajodia,et al.  Flexible support for multiple access control policies , 2001, TODS.

[24]  Sajjad Haider,et al.  Security threats in cloud computing , 2011, 2011 International Conference for Internet Technology and Secured Transactions.

[25]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[26]  Cong Wang,et al.  Enhancing attribute-based encryption with attribute hierarchy , 2009, ICC 2009.

[27]  Yi Mu,et al.  Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption , 2012, IEEE Trans. Parallel Distributed Syst..

[28]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[29]  Sushil Jajodia,et al.  Preserving confidentiality of security policies in data outsourcing , 2008, WPES '08.

[30]  Amit Sahai,et al.  Bounded Ciphertext Policy Attribute Based Encryption , 2008, ICALP.