Privacy-preserved access control for cloud computing

Miao Zhou, Yi Mu, Willy Susilo, Man Ho Allen Au, Jun Yan

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

24 Citations (Scopus)

Abstract

The problem of access control on outsourced data to "honest but curious" cloud servers has received considerable attention, especially in scenarios involving potentially huge sets of data files, where re-encryption and re-transmission by the data owner may not be acceptable. Considering the user privacy and data security in cloud environment, in this paper, we propose a solution to achieve flexible and fine-grained access control on outsourced data files. In particular, we look at the problem of defining and assigning keys to users based on different attribute sets, and hiding access policies as well as users information to the third-party cloud servers. Our proposed scheme is partially based on our observation that, in practical application scenarios each user can be associated with a set of attributes which are meaningful in the access policy and data file context. The access policy can thus be defined as a logical expression formula over different attribute sets to reflect the scope of data file that the kind of users is allowed to access. As any access policy can be represented as such a logical expression formula, fine-grained access control can be accomplished.
Original languageEnglish
Title of host publicationProc. 10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. FCST 2011
Pages83-90
Number of pages8
DOIs
Publication statusPublished - 1 Dec 2011
Externally publishedYes
Event10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on Frontier of Computer Science and Technology, FCST 2011 - Changsha, China
Duration: 16 Nov 201118 Nov 2011

Conference

Conference10th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications, TrustCom 2011, 8th IEEE Int. Conf. on Embedded Software and Systems, ICESS 2011, 6th Int. Conf. on Frontier of Computer Science and Technology, FCST 2011
CountryChina
CityChangsha
Period16/11/1118/11/11

Keywords

  • Access Control
  • Cloud Computing
  • Encryption

ASJC Scopus subject areas

  • Hardware and Architecture
  • Software

Cite this