A secure and efficient role-based access policy towards cryptographic cloud storage

Authors:
Cheng Hong;Zhiquan lv;Min Zhang;Dengguo Feng
Affiliations:
The State Key Laboratory Of Information Security, Beijing, China;The State Key Laboratory Of Information Security, Beijing, China;The State Key Laboratory Of Information Security, Beijing, China;The State Key Laboratory Of Information Security, Beijing, China
Venue:
WAIM'11 Proceedings of the 12th international conference on Web-age information management
Year:
2011

Citing 13
Cited 0

Role-Based Access Control Models

Computer
Dynamic and efficient key management for access hierarchies

Proceedings of the 12th ACM conference on Computer and communications security
On Key Assignment for Hierarchical Access Control

CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Attribute-based encryption for fine-grained access control of encrypted data

Proceedings of the 13th ACM conference on Computer and communications security
Ciphertext-Policy Attribute-Based Encryption

SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Attribute-based encryption with non-monotonic access structures

Proceedings of the 14th ACM conference on Computer and communications security
Over-encryption: management of access control evolution on outsourced data

VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Trusting the cloud

ACM SIGACT News
DSP RE-Encryption: A Flexible Mechanism for Access Control Enforcement Management in DaaS

CLOUD '09 Proceedings of the 2009 IEEE International Conference on Cloud Computing
Combining Attribute-Based and Access Systems

CSE '09 Proceedings of the 2009 International Conference on Computational Science and Engineering - Volume 03
Attribute based data sharing with attribute revocation

ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Achieving secure, scalable, and fine-grained data access control in cloud computing

INFOCOM'10 Proceedings of the 29th conference on Information communications
Plutus: scalable secure file sharing on untrusted storage

FAST'03 Proceedings of the 2nd USENIX conference on File and storage technologies

Quantified Score

Hi-index	0.01

Visualization

Abstract

Cloud Storage, which provides cost-efficient and scalable storage services, has emerged as a hot paradigm today. As promising as it is, Cloud Storage also brings forth security challenges. Sensitive data may be outsourced for sharing on cloud storage servers, which are not within the same trusted domain as the data owner (DO). To keep the data confidential against unauthorized parties, cryptographic access control must be applied. Existing methods usually require the access policies be fully managed by the DO, which could lead to the DO-side bottleneck. This paper addressed the issue by implementing a cryptographic Role-Based Access Control via CP-ABE. The access policies are divided into two parts: Permission Assignments (PAs) and Role Assignments (RAs), and we develop an approach called propagation to allow RAs to be handled effectively by users besides the DO. Since most of the dynamic policies in the Cloud are triggered by RAs, the bottleneck could be successfully avoided.