ENHANCING DATA SECURITY: SECURE AND EXPRESSIVE ACCESS CONTROL FOR CLOUD STORAGE
Main Article Content
Abstract
In order to ensure the classification of reappropriated information while also providing adaptable information access to cloud clients whose information is not under their physical control, secure distributed storage is a growing cloud administration trend. One of the most promising methods for verifying the administration's certification is cypher text-policy attribute-based encryption (CP-ABE). Due to the inherent "win big or bust" unscrambling feature of CP-ABE, the adoption of CP-ABE may result in an inescapable security breach known as the abuse of access accreditation (for example, decoding privileges). Here, we focus on two key cases in which a cloud client's access qualification is abused by a semi-believed specialist. CryptCloud+, a distributed storage platform with white-box discernibility and review, is proposed as a way to limit the exploitation of the system. Additionally, we demonstrate the framework's usefulness by conducting studies.
Downloads
Metrics
Article Details
This work is licensed under a Creative Commons Attribution 4.0 International License.
You are free to:
- Share — copy and redistribute the material in any medium or format for any purpose, even commercially.
- Adapt — remix, transform, and build upon the material for any purpose, even commercially.
- The licensor cannot revoke these freedoms as long as you follow the license terms.
Under the following terms:
- Attribution — You must give appropriate credit , provide a link to the license, and indicate if changes were made . You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
- No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
Notices:
You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation .
No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.
References
KaipingXue ”RAAC: Robust and Auditable Access Control with Multiple Attribute Authorities for Public
Cloud Storage”, IEEE2016.
Z. Fu, K. Ren, J. Shu, X. Sun, and F. Huang, “Enabling personalized search over encrypted outsourced data
with efficiency improvement,” IEEE Transactions on Parallel & Distributed Systems, vol. 27, no. 9, pp. 2546–
, 2016.
Z. Fu, X. Sun, S. Ji, and G. Xie, “Towards efficient content-aware search over encrypted outsourced data in
cloud,” in in Proceedings of 2016 IEEE Conference on Computer Communications (INFOCOM 2016). IEEE,
, pp. 1–9.
K. Xue and P. Hong, “A dynamic secure group sharing framework in public cloud computing,” IEEE
Transactions on Cloud Computing, vol. 2, no. 4, pp. 459–470, 2014.
Y. Wu, Z. Wei, and H. Deng, “Attributebased access to scalable media in cloudassisted content sharing,” IEEE
Transactions on Multimedia, vol. 15, no. 4, pp. 778–788, 2013.
J. Hur, “Improving security and efficiency in attributebased data sharing,” IEEE Transactions on Knowledge
and Data Engineering, vol. 25, no. 10, pp. 2271– 2282, 2013.
J. Hur and D. K. Noh, “Attribute-based access control with efficient revocation in data outsourcing systems,”
IEEE Transactions on Parallel and Distributed Systems, vol. 22, no. 7, pp. 1214–1221, 2011.
J. Hong, K. Xue, W. Li, and Y. Xue, “TAFC: Time and attribute factors combined access control on
timesensitive data in public cloud,” in Proceedings of 2015 IEEE Global Communications Conference
(GLOBECOM 2015). IEEE, 2015, pp. 1–6.
Y. Xue, J. Hong, W. Li, K. Xue, and P. Hong, “LABAC: A location-aware attributebased access control
scheme for cloud storage,” in Proceedings of 2016 IEEE Global Communications Conference (GLOBECOM
. IEEE, 2016, pp. 1–6.
A. Lewko and B. Waters, “Decentralizing attribute based encryption,” in Advances in Cryptology–
EUROCRYPT 2011. Springer, 2011, pp. 568–588