期刊名称:International Journal of Computer Science & Technology
印刷版ISSN:2229-4333
电子版ISSN:0976-8491
出版年度:2012
卷号:3
期号:1Ver 3
出版社:Ayushmaan Technologies
摘要:Cloud Computing is the sum of SaaS and Utility Computing. This paradigm also brings forth many new challenges for data security and access control mechanisms, when users outsource sensitive data for sharing on Cloud systems, which are not within the same trusted domain as data owners. Storing data on untrusted storage makes secure data sharing a challenge issue. To keep sensitive user data confidential against untrusted Cloud systems, on one hand, data access policies should be enforced on these storage servers; on the other hand, confidentiality of sensitive data should be well protected against them. The existing solutions usually apply cryptographic methods by disclosing data decryption keys only to authorized users. However, in doing so, these solutions inevitably introduce a heavy computation overhead on the data owner for key distribution and data management when fine-grained data access control is desired, and thus do not scale well. The main challenges for cryptographic methods include simultaneously achieving system scalability and fine-grained data access control, efficient key or user management, user accountability, data security, computational overhead and etc. To address these challenge issues, in this paper we defined and enforcing access policies based on data attributes and enabling the data owner to delegate most computation-intensive tasks pertained to user revocation to untrusted servers without disclosing data content to them. We achieve this goal by exploiting and uniquely combining techniques of Ciphertext policy attribute based encryption system and proxy re-encryption and re-encryption. Our proposed scheme also has salient features of user access privilege confidentiality and user secret key accountability.
关键词:Cloud Computing; Data Confidentiality; Accountability; Untrusted;Storagesuda
