期刊名称:International Journal of Computer Science & Technology
印刷版ISSN:2229-4333
电子版ISSN:0976-8491
出版年度:2012
卷号:3
期号:1
页码:494-499
语种:English
出版社:Ayushmaan Technologies
摘要:Cloud Computing is the sum of SaaS and Utility Computing. Thisparadigm also brings forth many new challenges for data securityand access control mechanisms, when users outsource sensitivedata for sharing on Cloud systems, which are not within the sametrusted domain as data owners. Storing data on untrusted storagemakes secure data sharing a challenge issue. To keep sensitive userdata confdential against untrusted Cloud systems, on one hand,data access policies should be enforced on these storage servers;on the other hand, confdentiality of sensitive data should bewell protected against them. The existing solutions usually applycryptographic methods by disclosing data decryption keys only toauthorized users. However, in doing so, these solutions inevitablyintroduce a heavy computation overhead on the data owner forkey distribution and data management when fne-grained dataaccess control is desired, and thus do not scale well. The mainchallenges for cryptographic methods include simultaneouslyachieving system scalability and fine-grained data accesscontrol, effcient key or user management, user accountability,data security, computational overhead and etc. To address thesechallenge issues, in this paper we defned and enforcing accesspolicies based on data attributes and enabling the data ownerto delegate most computation-intensive tasks pertained to userrevocation to untrusted servers without disclosing data content tothem. We achieve this goal by exploiting and uniquely combiningtechniques of Ciphertext policy attribute based encryption systemand proxy re-encryption and re-encryption. Our proposed schemealso has salient features of user access privilege confdentialityand user secret key accountability.
