Design and Implementation of Collaborative Ciphertext-Policy Attribute-Role based

In a real-world collaborative data sharing scenario in cloud computing, there are multiple users who can access the resource shared by multiple data owners anytime and anywhere. The evolution of user status, roles, and privilege in the federated data sharing environment become even more and more complex to handle. Efficiently managing multiple access control policies and providing appropriate access control to different groups of user are crucially needed in such collaborative and federated environment. This paper presents the design and implementation of our proposed access control model called Collaborative-Ciphertext Policy-Attribute Role based Encryption (C-CP-ARBE). An administrative tool called CLOUDCAT is designed and developed to facilitate a flexible, secure, and efficient management of multiple user accesses and multiple access control policies in multi-owner cloud computing environment. CLOUD-CAT is designed and developed based on the integration of Ciphertext Policy-Attribute-based Encryption (CP-ABE) and Role-based Access Control Model (RBAC) access control model. To support policy management, the tool provides secure channel for several data owners to update and administer their access control policies resided at the cloud server. Finally, we present implementation details to demonstrate advanced features and performance analysis of the prototype system.