A Practical Client Application Based on Attribute-based Access Control for Untrusted Cloud Storage
نویسندگان
چکیده
One of widely used cryptographic primitives for the cloud application is Attribute Based Encryption (ABE) where users can have their own attributes and a ciphertext encrypted by an access policy. Though ABE provides many benefits, the novelty often only exists in an academic world and it is often difficult to find a practical use of ABE for a real application. In this paper, we discuss the design and implementation of a cloud storage client application which supports the concept of ABE. Our proposed client provides an effective access control mechanism where it allows different types of access policy to be defined thus allowing large datasets to be shared by multiple users. Using different access policy, each user only needs to access only a small part of the big data. The goal of our experiment is to explore the right set of strategies for developing a practical ABE-based system. Through the implementation and evaluation, we have determined the various characteristics and issues associated with developing a practical ABEbased application.
منابع مشابه
Attribute-based Access Control for Cloud-based Electronic Health Record (EHR) Systems
Electronic health record (EHR) system facilitates integrating patients' medical information and improves service productivity. However, user access to patient data in a privacy-preserving manner is still challenging problem. Many studies concerned with security and privacy in EHR systems. Rezaeibagha and Mu [1] have proposed a hybrid architecture for privacy-preserving accessing patient records...
متن کاملDoS-Resistant Attribute-Based Encryption in Mobile Cloud Computing with Revocation
Security and privacy are very important challenges for outsourced private data over cloud storages. By taking Attribute-Based Encryption (ABE) for Access Control (AC) purpose we use fine-grained AC over cloud storage. In this paper, we extend previous Ciphertext Policy ABE (CP-ABE) schemes especially for mobile and resource-constrained devices in a cloud computing environment in two aspects, a ...
متن کاملK2C: Cryptographic Cloud Storage with Lazy Revocation and Anonymous Access
Security and privacy concerns hinder the adoption of cloud storage and computing in sensitive environments. We present a user-centric privacypreserving cryptographic access control protocol called K2C (Key To Cloud) that enables end-users to securely store, share, and manage their sensitive data in an untrusted cloud storage anonymously. K2C is scalable and supports the lazy revocation. It can ...
متن کاملOAuth and ABE based Authorization in Semi-Trusted Cloud Computing
In cloud computing, inter-operations between data-storage and web-application providers can protect users from locking their data and applications into a single cloud provider. Currently, web-based access control standards are applicable only when data owners and cloud service providers are in the same trusted domain. Unfortunately, this condition cannot be satisfied in untrusted clouds, where ...
متن کاملImproving the Security and Usability of Cloud Services with User-centric Security Models by Saman Zarandioon
OF THE DISSERTATION Improving the security and usability of cloud services with user-centric security models by Saman Zarandioon Dissertation Director: Danfeng Yao and Vinod Ganapathy Cloud computing is a paradigm shift in the way we define software and hardware, and architect our IT solutions. The emerging cloud technologies, due to their various unique and attractive properties, are evolving ...
متن کامل