CryptCloud+
Secure and Expressive Data Access Control for Cloud Storage
Jianting Ning (National University of Singapore)
Zhenfu Cao (East China Normal University)
Xiaolei Dong (East China Normal University)
Kaitai Liang (Manchester Metropolitan University)
Lifei Wei (Shanghai Ocean University)
Kim Kwang Raymond Choo (The University of Texas at San Antonio)
More Info
expand_more
Abstract
Secure cloud storage, an emerging cloud service, guarantees the confidentiality of outsourced data while providing flexible data access control for cloud users whose data are out of their physical control. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is one of the promising secure mechanisms to support fine-grained access control on encrypted data in cloud settings. However, due to its inherent "all-or-nothing" decryption control characteristic, there is a risk for the misuse of access credentials. In this paper, we consider the two main types of access credential misuse, namely: semi-trusted authority's illegal access credential (re-)distribution, and cloud user's illegal access credential leakage. To mitigate these two types of access credential misuse, we propose the first accountable authority revokable CP-ABE based cloud storage system with white-box traceability and auditing, referred to as CryptCloud+. We also prove the security of our system and present the experimental results to demonstrate the utility of our system.
No files available
Metadata only record. There are no files for this record.