Methods and Limitations of Security Policy Reconciliation
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A Unified Scheme for Resource Protection in Automated Trust Negotiation
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Plutus: Scalable Secure File Sharing on Untrusted Storage
FAST '03 Proceedings of the 2nd USENIX Conference on File and Storage Technologies
Automated trust negotiation using cryptographic credentials
Proceedings of the 12th ACM conference on Computer and communications security
Dynamic and efficient key management for access hierarchies
Proceedings of the 12th ACM conference on Computer and communications security
Attribute-based encryption for fine-grained access control of encrypted data
Proceedings of the 13th ACM conference on Computer and communications security
Over-encryption: management of access control evolution on outsourced data
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Enabling public verifiability and data dynamics for storage security in cloud computing
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Privacy-preserving public auditing for data storage security in cloud computing
INFOCOM'10 Proceedings of the 29th conference on Information communications
Hierarchical attribute-based encryption for fine-grained access control in cloud storage services
Proceedings of the 17th ACM conference on Computer and communications security
New identity-based proxy re-encryption schemes to prevent collusion attacks
Pairing'10 Proceedings of the 4th international conference on Pairing-based cryptography
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
A secure and efficient role-based access policy towards cryptographic cloud storage
WAIM'11 Proceedings of the 12th international conference on Web-age information management
A light-weight solution to preservation of access pattern privacy in un-trusted clouds
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Private data indexes for selective access to outsourced data
Proceedings of the 10th annual ACM workshop on Privacy in the electronic society
ESPAC: Enabling Security and Patient-centric Access Control for eHealth in cloud computing
International Journal of Security and Networks
OAuth and ABE based authorization in semi-trusted cloud computing: aauth
Proceedings of the second international workshop on Data intensive computing in the clouds
Poster: temporal attribute-based encryption in clouds
Proceedings of the 18th ACM conference on Computer and communications security
Comparison-based encryption for fine-grained access control in clouds
Proceedings of the second ACM conference on Data and Application Security and Privacy
Towards end-to-end secure content storage and delivery with public cloud
Proceedings of the second ACM conference on Data and Application Security and Privacy
City on the Sky: Extending XACML for Flexible, Secure Data Sharing on the Cloud
Journal of Grid Computing
Access control enforcement delegation for information-centric networking architectures
Proceedings of the second edition of the ICN workshop on Information-centric networking
An efficient and secure data sharing framework using homomorphic encryption in the cloud
Proceedings of the 1st International Workshop on Cloud Intelligence
Knox: privacy-preserving auditing for shared data with large groups in the cloud
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Enforcing subscription-based authorization policies in cloud scenarios
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Additive order preserving encryption based encrypted documents ranking in secure cloud storage
ICSI'12 Proceedings of the Third international conference on Advances in Swarm Intelligence - Volume Part II
Access control enforcement delegation for information-centric networking architectures
ACM SIGCOMM Computer Communication Review - Special october issue SIGCOMM '12
SAPDS: self-healing attribute-based privacy aware data sharing in cloud
The Journal of Supercomputing
Towards privacy enhanced limited image processing in the clouds
Proceedings of the 9th Middleware Doctoral Symposium of the 13th ACM/IFIP/USENIX International Middleware Conference
Small business-oriented index construction of cloud data
ICA3PP'12 Proceedings of the 12th international conference on Algorithms and Architectures for Parallel Processing - Volume Part II
Privacy-aware searching with oblivious term matching for cloud storage
The Journal of Supercomputing
Adaptive data protection in distributed systems
Proceedings of the third ACM conference on Data and application security and privacy
Masque: access control for interactive sharing of encrypted data in social networks
NSS'12 Proceedings of the 6th international conference on Network and System Security
An Approach to Data Confidentiality Protection in Cloud Environments
International Journal of Web Services Research
Towards secure mobile cloud computing: A survey
Future Generation Computer Systems
Privacy-preserving multi-keyword text search in the cloud supporting similarity-based ranking
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Attribute-based fine-grained access control with efficient revocation in cloud storage systems
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
How to use attribute-based encryption to implement role-based access control in the cloud
Proceedings of the 2013 international workshop on Security in cloud computing
PRAM: privacy preserving access management scheme in cloud services
Proceedings of the 2013 international workshop on Security in cloud computing
Enabling secure location-based services in mobile cloud computing
Proceedings of the second ACM SIGCOMM workshop on Mobile cloud computing
Efficient and secure data storage operations for mobile cloud computing
Proceedings of the 8th International Conference on Network and Service Management
Adaptive data management for self-protecting objects in cloud computing systems
Proceedings of the 8th International Conference on Network and Service Management
New methods of secure outsourcing of scientific computations
The Journal of Supercomputing
CloudHKA: a cryptographic approach for hierarchical access control in cloud computing
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Access control requirements for structured document in cloud computing
International Journal of Grid and Utility Computing
Privacy-preserving logistic regression outsourcing in cloud computing
International Journal of Grid and Utility Computing
Fine-grained access control for cloud computing
International Journal of Grid and Utility Computing
Providing a data location assurance service for cloud storage environments
Journal of Mobile Multimedia
Proceedings of the First International Workshop on Middleware for Cloud-enabled Sensing
Streamforce: outsourcing access control enforcement for stream data to the clouds
Proceedings of the 4th ACM conference on Data and application security and privacy
On secure data sharing in cloud environment
Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication
Privacy aware image template matching in clouds using ambient data
The Journal of Supercomputing
Time-based proxy re-encryption scheme for secure data sharing in a cloud environment
Information Sciences: an International Journal
The Journal of Supercomputing
Hi-index | 0.00 |
Cloud computing is an emerging computing paradigm in which resources of the computing infrastructure are provided as services over the Internet. As promising as it is, this paradigm also brings forth many new challenges for data security and access control when users outsource sensitive data for sharing on cloud servers, which are not within the same trusted domain as data owners. To keep sensitive user data confidential against untrusted servers, existing solutions usually apply cryptographic methods by disclosing data decryption keys only to authorized users. However, in doing so, these solutions inevitably introduce a heavy computation overhead on the data owner for key distribution and data management when fine-grained data access control is desired, and thus do not scale well. The problem of simultaneously achieving fine-grainedness, scalability, and data confidentiality of access control actually still remains unresolved. This paper addresses this challenging open issue by, on one hand, defining and enforcing access policies based on data attributes, and, on the other hand, allowing the data owner to delegate most of the computation tasks involved in fine-grained data access control to untrusted cloud servers without disclosing the underlying data contents. We achieve this goal by exploiting and uniquely combining techniques of attribute-based encryption (ABE), proxy re-encryption, and lazy re-encryption. Our proposed scheme also has salient properties of user access privilege confidentiality and user secret key accountability. Extensive analysis shows that our proposed scheme is highly efficient and provably secure under existing security models.