ACAFD: Secure and Scalable Access Control with Assured File Deletion for Outsourced Data in Cloud

Sudha Senthilkumar, Madhu Viswanatham

Abstract


Cloud storage has emerged as a popular paradigm to outsource data to third party and share it with the collaborators. While this new paradigm enables users to outsource their sensitive data and reduces data management costs, it brings forth the new challenges to the user to keep their data secure. Data storage security and access control in the cloud is one of the challenging ongoing research works to alleviate the data leakage problem from unauthorized users. Existing solutions that use pure cryptographic techniques suffers from heavy computation work with respect to key management and key distribution.  Attribute based encryption is an alternative solution that map the user access structure with the data file attributes to control the data access. However any of the existing schemes doesn’t address the access control with assured deletion of the files upon revocation of user access. This article addresses this open issue using a trusted authority that manages the access control list and takes care of key management and key distribution and file deletion upon user revocation. The prototype of model has been presented and analyzed the security features over existing scheme.

Full Text:

PDF

References


ZipCloud, http://www.zipcloud.com (1 November 2013).

Amazon Simple Storage Service, http://aws.amazon.com/s3 (1 November 2013).

MyAsiaCloud, http://www.myasiacloud.com/ (1 September 2013).

GoogleDrive, https://drive.google.com (1 September 2013).

di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S. & Samarati, P., A Data Outsourcing Architecture Combining Cryptography and Access Control, Proc. ACM Workshop on Computer Security Architecture (CSAW’07), USA, Nov 2007.

Thomas, K., PCWorld, Microsoft Cloud Data Breach Heralds Things to Come, http://www.pcworld.com/article/214775/microsoft_cloud_data_ breach_sign_of_future.html (1 November 2013).

Deltcheva, R., Apple, AT&T Data Leak Protection Issues Latest in Cloud Failures, http://www.messagingarchitects.com/resources/security-compli ance-news/email-security/apple-att-data-leak-protection-issues-latest-in-cloud-failures19836720.html (1 November 2013).

Yu, S., Wang, C., Ren, K., Lou, W., Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing, in Proc. IEEE INFOCOM 2010, San Diego, CA, pp. 534-542, 2010.

Wan, Z., Liu, J. & Deng, R.H., HASBE: A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing, In Proc. IEEE Transcations on Information Forensics and Security, 7(2), April 2012.

Hota, C., Sanka, S., Rajarajan, M. & Nair, S.K., Capability-based Cryptographic Data Access Control in Cloud Computing, International Journal of Advanced Networking and Applications, 3(3), pp. 1152-1161, 2011.

Tang, Y., Lee, P.P.C, Lui, J.C.S. & Perlman, R., FADE: Secure Overlay Cloud Storage with File Assured Deletion, IEEE Transcations Dependable on Secure Computing, 9(6), 2012.

Blaze, M., Bleumer, G. & Strauss, M., Divertible Protocols and Atomic Proxy Cryptography, in Proc. of EUROCRYPT ’98, 1998.

Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q. & Fu, K., Scalable Secure File Sharing on Untrusted Storage, in Proc. of FAST ’03, 2003.

Yun, A., Shi, C. & Kim, Y., On Protecting Integrity and Confidentiality of Cryptographic File System for Outsourced Storage, In ACM Cloud Computing Security Workshop (CCSW), Chicago, Illinois, USA, Nov. 2009

Goh, E., Shacham, H., Modadugu, N. & Boneh, D., Sirius: Securing Remote Untrusted Storage, Proc. Network and Distributed Systems Security Symposium (NDSS’03), San Diego, California, USA, pp. 131-145, 2003

di Vimercati, S.D.C., Foresti, S., Jajodia, S., Samarati, P. & Paraboschi, S., Over-encryption: Management of Access Control Evoluation on Outsourced Data, Proc. 33rd International Conference on Very Large Databases (VLDB’07), Vienna, Austria, pp. 123-134, 2007

William Stallings, Cryptography and Network Security, Prentice Hall Upper Saddle River, N.J., 2006.

Perlman, R., File System Design with Assured Delete, In ISOC NDSS, 2007.

Shamir, A., How to Share a Secret, Communication of the ACM, 22(11), pp. 612-613, Nov 1979.




DOI: http://dx.doi.org/10.5614%2Fitbj.ict.res.appl.2014.8.1.2

Refbacks

  • There are currently no refbacks.


Contact Information:

ITB Journal Publisher, LPPM – ITB, 

Center for Research and Community Services (CRCS) Building Floor 7th, 
Jl. Ganesha No. 10 Bandung 40132, Indonesia,

Tel. +62-22-86010080,

Fax.: +62-22-86010051;

e-mail: jictra@lppm.itb.ac.id.