Decentralized access control with anonymous authentication of data stored in clouds

IEEE Transactions on Parallel and Distributed Systems

Volumn 25, Issue 2, 2014, Pages 384-394

  Ruj, Sushmita ^a   Stojmenovic, Milos ^b   Nayak, Amiya ^c  

^a INDIAN STATISTICAL INSTITUTE   (India)

^b SINGIDUNUM UNIVERSITY   (Serbia)

^c UNIVERSITY OF OTTAWA   (Canada)

Author keywords

Access control; attribute based encryption; attribute based signatures; authentication; cloud storage

Indexed keywords

CLOUD STORAGE; CRYPTOGRAPHY;

ACCESS CONTROL SCHEMES; ANONYMOUS AUTHENTICATION; ATTRIBUTE-BASED ENCRYPTIONS; ATTRIBUTE-BASED SIGNATURES; AUTHENTICATION OF DATA; CLOUD STORAGES; DECENTRALIZED ACCESS CONTROL; SECURE DATA STORAGE; STORAGE IN CLOUDS; USER IDENTITY;

AUTHENTICATION;

EID: 84891761004     PISSN: 10459219     EISSN: None     Source Type: Journal    
DOI: 10.1109/TPDS.2013.38     Document Type: Article

References (39)

1. S. Ruj, M. Stojmenovic, and A. Nayak, Privacy Preserving Access Control with Authentication for Securing Data in Clouds, Proc. IEEE/ACM Int'l Symp. Cluster, Cloud and Grid Computing, pp. 556-563, 2012.
2. C. Wang, Q. Wang, K. Ren, N. Cao, and W. Lou, Toward Secure and Dependable Storage Services in Cloud Computing, IEEE Trans. Services Computing, vol. 5, no. 2, pp. 220-232, Apr.-June 2012.
3. J. Li, Q. Wang, C. Wang, N. Cao, K. Ren, and W. Lou, Fuzzy Keyword Search Over Encrypted Data in Cloud Computing, Proc. IEEE INFOCOM, pp. 441-445, 2010.
4. S. Kamara and K. Lauter, Cryptographic Cloud Storage, Proc. 14th Int'l Conf. Financial Cryptography and Data Security, pp. 136-149, 2010.
5. H. Li, Y. Dai, L. Tian, and H. Yang, Identity-Based Authentication for Cloud Computing, Proc. First Int'l Conf. Cloud Computing (CloudCom), pp. 157-166, 2009.
6. C. Gentry, A Fully Homomorphic Encryption Scheme, PhD dissertation, Stanford Univ., http://www.crypto.stanford.edu/craig, 2009.
7. A.-R. Sadeghi, T. Schneider, and M. Winandy, Token-Based Cloud Computing, Proc. Third Int'l Conf. Trust and Trustworthy Computing (TRUST), pp. 417-429, 2010.
8. R.K.L. Ko, P. Jagadpramana, M. Mowbray, S. Pearson, M. Kirchberg, Q. Liang, and B.S. Lee, Trustcloud: A Framework for Accountability and Trust in Cloud Computing, HP Technical Report HPL-2011-38, http://www.hpl.hp.com/ techreports/2011/HPL-2011-38.html, 2013.
9. R. Lu, X. Lin, X. Liang, and X. Shen, Secure Provenance: The Essential of Bread and Butter of Data Forensics in Cloud Computing, Proc. Fifth ACM Symp. Information, Computer and Comm. Security (ASIACCS), pp. 282-292, 2010.
10. D.F. Ferraiolo and D.R. Kuhn, Role-Based Access Controls, Proc. 15th Nat'l Computer Security Conf., 1992.
11. D.R. Kuhn, E.J. Coyne, and T.R. Weil, Adding Attributes to Role-Based Access Control, IEEE Computer, vol. 43, no. 6, pp. 79-81, June 2010.
12. M. Li, S. Yu, K. Ren, and W. Lou, Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-Owner Settings, Proc. Sixth Int'l ICST Conf. Security and Privacy in Comm. Networks (SecureComm), pp. 89-106, 2010.
13. S. Yu, C. Wang, K. Ren, and W. Lou, Attribute Based Data Sharing with Attribute Revocation, Proc. ACM Symp. Information, Computer and Comm. Security (ASIACCS), pp. 261-270, 2010.
14. G. Wang, Q. Liu, and J. Wu, Hierarchical Attribute-Based Encryption for Fine-Grained Access Control in Cloud Storage Services, Proc. 17th ACM Conf. Computer and Comm. Security (CCS), pp. 735-737, 2010.
15. F. Zhao, T. Nishide, and K. Sakurai, Realizing Fine-Grained and Flexible Access Control to Outsourced Data with Attribute-Based Cryptosystems, Proc. Seventh Int'l Conf. Information Security Practice and Experience (ISPEC), pp. 83-97, 2011.
16. S. Ruj, A. Nayak, and I. Stojmenovic, DACC: Distributed Access Control in Clouds, Proc. IEEE 10th Int'l Conf. Trust, Security and Privacy in Computing and Communications (TrustCom), 2011.
17. http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-cs-01-en.pdf, 2013.
18. http://securesoftwaredev.com/2012/08/20/xacml-in-the-cloud, 2013.
19. S. Jahid, P. Mittal, and N. Borisov, EASiER: Encryption-Based Access Control in Social Networks with Efficient Revocation, Proc. ACM Symp. Information, Computer and Comm. Security (ASIACCS), 2011.
20. R.L. Rivest, A. Shamir, and Y. Tauman, How to Leak a Secret, Proc. Seventh Int'l Conf. Theory and Application of Cryptology and Information Security (ASIACRYPT), pp. 552-565, 2001. (Pubitemid 33371206)
21. X. Boyen, Mesh Signatures, Proc. 26th Ann. Int'l Conf. Advances in Cryptology (EUROCRYPT), pp. 210-227, 2007.
22. D. Chaum and E.V. Heyst, Group Signatures, Proc. Ann. Int'l Conf. Advances in Cryptology (EUROCRYPT), pp. 257-265, 1991.
23. H.K. Maji, M. Prabhakaran, and M. Rosulek, Attribute-Based Signatures: Achieving Attribute-Privacy and Collusion-Resistance, IACR Cryptology ePrint Archive, 2008.
24. H.K. Maji, M. Prabhakaran, and M. Rosulek, Attribute-Based Signatures, Topics in Cryptology-CT-RSA, vol. 6558, pp. 376-392, 2011.
25. A. Beimel, Secure Schemes for Secret Sharing and Key Distribution, PhD thesis, Technion, Haifa, 1996.
26. A. Sahai and B. Waters, Fuzzy Identity-Based Encryption, Proc. Ann. Int'l Conf. Advances in Cryptology (EUROCRYPT), pp. 457-473, 2005. (Pubitemid 41313969)
27. V. Goyal, O. Pandey, A. Sahai, and B. Waters, Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data, Proc. ACM Conf. Computer and Comm. Security, pp. 89-98, 2006. (Pubitemid 47131359)
28. J. Bethencourt, A. Sahai, and B. Waters, Ciphertext-Policy Attribute-Based Encryption, Proc. IEEE Symp. Security and Privacy, pp. 321-334, 2007. (Pubitemid 47432538)
29. X. Liang, Z. Cao, H. Lin, and D. Xing, Provably Secure and Efficient Bounded Ciphertext Policy Attribute Based Encryption, Proc. ACM Symp. Information, Computer and Comm. Security (ASIACCS), pp 343-352, 2009.
30. M. Chase, Multi-Authority Attribute Based Encryption, Proc. Fourth Conf. Theory of Cryptography (TCC), pp. 515-534, 2007.
31. H. Lin, Z. Cao, X. Liang, and J. Shao, Secure Threshold Multi-Authority Attribute Based Encryption without a Central Authority, Proc. Progress in Cryptology Conf. (INDOCRYPT), pp. 426-436, 2008.
32. M. Chase and S.S.M. Chow, Improving Privacy and Security in Multi-Authority Attribute-Based Encryption, Proc. ACM Conf. Computer and Comm. Security, pp. 121-130, 2009.
33. M. Green, S. Hohenberger, and B. Waters, Outsourcing the Decryption of ABE Ciphertexts, Proc. USENIX Security Symp., 2011.
34. K. Yang, X. Jia, and K. Ren, DAC-MACS: Effective Data Access Control for Multi-Authority Cloud Storage Systems, IACR Cryptology ePrint Archive, p. 419, 2012.
35. A.B. Lewko and B. Waters, Decentralizing Attribute-Based Encryption, Proc. Ann. Int'l Conf. Advances in Cryptology (EUROCRYPT), pp. 568-588, 2011.
36. http://crypto.stanford.edu/pbc/, 2013.
37. Libfenc: The Functional Encryption Library,http://code. google.com/p/libfenc/, 2013.
38. W. Wang, Z. Li, R. Owens, and B. Bhargava, Secure and Efficient Access to Outsourced Data, Proc. ACM Cloud Computing Security Workshop (CCSW), 2009.
39. J. Hur and D. Kun Noh, Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems, IEEE Trans. Parallel and Distributed Systems, vol. 22, no. 7, pp. 1214-1221, July 2011. Canada