Preserving Privacy of Public Clouds through Access Control Mechanisms: A Review

Enforcing privacy on public clouds through access control mechanisms are currently based on Single Layer Encryption. Under Single Layer Encryption, data owners should upload data on the cloud after encrypting them and have to re-encrypt the data whenever access policies or user profiles are changed. This could increase the communication and computational costs at data owners. A better approach is to delegate the responsibility of re-encryption to the cloud, while at the same time preserving the privacy of data stored in the cloud. An approach based on two layer encryption, were the data owner performs an encryption based on a primary access control policy and cloud performs a second layer encryption over the owner encrypted data based on the remaining access control policies. It is important to distinguish between the access control policies so that owner level encryption can be performed using a primary condition and the cloud level encryption can be performed using the remaining set of access control policies. Keywords— Access Control Policies, Single Layer Encryption, Two Layer Encryption.