Enforcing Hidden Access Policy for Supporting Write Access in Cloud Storage Systems

Somchart Fugkeaw; Hiroyuki Sato

doi:10.5220/0006349605580564

Enforcing Hidden Access Policy for Supporting Write Access in Cloud Storage Systems

Somchart Fugkeaw, Hiroyuki Sato

2017

Abstract

Ciphertext Policy Attribute-based Encryption (CP-ABE) is recognized as one of the most effective approaches for data access control solution in cloud computing. This is because it provides efficient key management based on user attributes of multiple users in accessing shared data. However, one of the major drawbacks of CP-ABE is the privacy of policy content. Furthermore, the communication and computation cost at data owner would be very expensive if there are frequent updates of data as those updated data need to be re-encrypted and uploaded back to the cloud. For the policy privacy perspective in CP-ABE based access control, access policy is usually applied to encrypt the plain data and is carried with the ciphertext. In a real-world system, policies may contain sensitive information that must be hidden from untrusted parties or even the users of the system. This paper proposes a flexible and secure policy hiding scheme that is capable to support policy content privacy preserving and secure policy sharing in multi-authority cloud storage systems. To address the policy privacy issue, we introduce randomized hash-based public attribute key validation to cryptographically protect the content of access policy and dynamically enforce hidden policies to collaborative users. In addition, we propose a write access enforcement mechanism based the proxy re-encryption method to enable optimized and secure file re-encryption. Finally, we present the security analysis and compare the access control and policy hiding features of our scheme and related works. The analysis shows that our proposed scheme is secure and efficient in practice and it also provides less complexity of cryptographic formulation for policy hiding compared to the related works.

Download

Paper Citation

in Harvard Style

Fugkeaw S. and Sato H. (2017). Enforcing Hidden Access Policy for Supporting Write Access in Cloud Storage Systems . In Proceedings of the 7th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-758-243-1, pages 558-564. DOI: 10.5220/0006349605580564

in Bibtex Style

@conference{closer17,
author={Somchart Fugkeaw and Hiroyuki Sato},
title={Enforcing Hidden Access Policy for Supporting Write Access in Cloud Storage Systems},
booktitle={Proceedings of the 7th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2017},
pages={558-564},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006349605580564},
isbn={978-989-758-243-1},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 7th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - Enforcing Hidden Access Policy for Supporting Write Access in Cloud Storage Systems
SN - 978-989-758-243-1
AU - Fugkeaw S.
AU - Sato H.
PY - 2017
SP - 558
EP - 564
DO - 10.5220/0006349605580564