Multi-level on-demand access control for flexible data sharing in cloud

PDF / 2,284,339 Bytes
24 Pages / 595.276 x 790.866 pts Page_size
24 Downloads / 191 Views

(0123456789().,-volV) (0123456789().,-volV)

Multi-level on-demand access control for flexible data sharing in cloud S. Sabitha1

•

M. S. Rajasree2

Received: 29 July 2019 / Revised: 4 October 2020 / Accepted: 13 October 2020 Ó Springer Science+Business Media, LLC, part of Springer Nature 2020

Abstract The exponential growth of data storage and sharing in cloud demands an efficient access control mechanism for flexible data sharing. Attribute-Based Encryption (ABE) is a promising cryptographic solution to share data among users in the cloud. But it suffers from user revocation, attribute revocation, forward secrecy and backward secrecy issues. Communication and computation overhead is more due to the linear variation in the size of ciphertext and the secret key with respect to the number of attributes. In this paper, we investigate an on-demand access control for flexible sharing of secure data among randomly selected users. It is a tunable access control mechanism for the flexible sharing of ciphertext classes in the cloud. It delegates the decryption rights of any set of ciphertext classes among the users only if their attributes are satisfied with the access policy associated with ciphertext and if they should possess a compact key corresponding to the intended set of ciphertext classes. It produces a constant size ciphertext and a compact secret key to efficiently utilize the storage space and reduce the communication cost. The compact key aggregates the power of secret keys used to encrypt the outsourced data. This method flexibly shares the ciphertext classes among the randomly selected users with a specific set of attributes. All other ciphertext classes outside the set remain confidential. It allows dynamic data updates by verifying the data manipulation privilege of users with the help of claim policy. The proposed scheme provides access control of varying granularity, at user-level, at file-level, and attribute-level. Granularity levels can be chosen based on applications and user demands. Hence, it is a multi-level, tunable access control over the shared data. It is very useful for secure data storage. This scheme tackles user revocation and attribute revocation problems so that, it allows the data owner to revoke a specific user or a group of users. It prevents forward and backward secrecy issues. Keywords Cloud computing Attribute-based encryption Access control Key-aggregate cryptosystem Data sharing

1 Introduction Cloud computing is a modern computing paradigm, which supplies resources as services over the Internet. It allows the use of computing resources as of low cost and ondemand basis. With the rapid growth of cloud computing, the process of data outsourcing and sharing have increased drastically. But, the management of data in the cloud is delegated to an untrusted cloud server. Outsourced data in

& S. Sabitha [email protected] 1

Computer Science and Engineering, College of Engineering Trivandrum, Thiruvananthapuram, India

2

APJ Abdul Kalam Technological University, Thiruvanantha

Data Loading...

Multi-level on-demand access control for flexible data sharing in cloud

Recommend Documents

Flexible Access Control over Privacy-Preserving Cloud Data Processing

Privacy Preservation for Data Sharing with Multi-party Access Control in Cloud Computing: A Review Paper

Distributed Access Control for Cross-Organizational Healthcare Data Sharing Scenarios

Modified Chebyshev polynomial-based access control mechanism for secured data access in cloud computing environment

Access Control Management in Cloud Environments

A flexible fine-grained dynamic access control approach for cloud computing environment

Privacy Enforced Access Control Model for Secured Data Handling in Cloud-Based Pervasive Health Care System

A Blockchain-Based Access Control System for Cloud Storage

Qos Based Data Access Control Method in the Campus Cloud Storage System

Flexible Parameter Sharing Networks

Data Sharing Over the Cloud Based on Ring Signature

Improved Access Control Model Under Cloud Computing Environment