期刊名称:International Journal of Innovative Research in Computer and Communication Engineering
印刷版ISSN:2320-9798
电子版ISSN:2320-9801
出版年度:2015
卷号:3
期号:5
DOI:10.15680/ijircce.2015.0305208
出版社:S&S Publications
摘要:Data Security is an emerging need of information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as p ersonal informatio n could be exposed to those third party servers and to unauthorized parties. To assure the users control over access to their o wn records, it is a promising method to encrypt the records before outsourcing. Yet, issues such as risks of pr ivacy exposure, scalability in key management, flexible access and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to records stored in semi - trusted servers. To achieve fine-grained and scalable data access control for records, we leverage attribute based encryption (ABE) techniques to encryp t each users record file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the record system into multiple security domains that greatly reduces the key management co mplexity for owner s and users. A high degree of user privacy is guaranteed simultaneously b y exploiting multi-authority ABE. Our scheme also enables dynamic modification of access policies or file attributes
关键词:cloud computing; security ; encryption techniques ; attribute based encryption
