CloudaSec: A Novel Public-key Based Framework to Handle Data Sharing Security in Clouds

Nesrine Kaaniche, Maryline Laurent, Mohammed El Barbori

2014

Abstract

Recent years have witnessed the trend of leveraging cloud-based services for large scale content storage, processing, and distribution. Data security and privacy are among top concerns for the public cloud environments. Towards these security challenges, we propose and implement CloudaSec framework for securely sharing outsourced data via the public cloud. CloudaSec ensures the confidentiality of content in the public cloud environments with flexible access control policies for subscribers and efficient revocation mechanisms. CloudaSec proposes several cryptographic tools for data owners, based on a novel content hash keying system, by leveraging the Elliptic Curve Cryptography (ECC). The separation of subscription-based key management and confidentiality-oriented asymmetric encryption policies uniquely enables flexible and scalable deployment of the solution as well as strong security for outsourced data in cloud servers. Through experimental evaluation, we demonstrate the efficiency and scalability of CloudaSec, build upon OpenStack Swift testbed.

References

  1. Ateniese, G., Fu, K., Green, M., and Hohenberger, S. Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur., 9:1-30.
  2. Ben, L. (2007). On the implementation of pairing-based cryptosystems.
  3. Boneh, D. and Boyen, X. (2006). On the impossibility of efficiently combining collision resistant hash functions. In In Proc. Crypto 06, pages 570-583.
  4. Burmester, M. and Desmedt, Y. (2005). A secure and scalable group key exchange system. Inf. Process. Lett., 94(3).
  5. Dierks, T. and Rescorla, E. (2008). RFC 5246 - The Transport Layer Security (TLS) Protocol Version 1.2. Technical report.
  6. et al., T. G. (2002). GNU multiple precision arithmetic library 4.1.2.
  7. Fugkeaw, S. (2012). Achieving privacy and security in multi-owner data outsourcing. pages 239-244. IEEE.
  8. Gantz, B. J. and Reinsel, D. (2012). The digital universe in 2020: Big data, bigger digital shadows, and biggest growth in the far east. IDC iView, (December):1-16.
  9. Goyal, V., Pandey, O., Sahai, A., and Waters, B. (2006). Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM conference on Computer and communications security, CCS 7806, pages 89-98. ACM.
  10. Liu, X., Zhang, Y., Wang, B., and Yan, J. (2013). Mona: Secure multi-owner data sharing for dynamic groups in the cloud. IEEE Trans. Parallel Distrib. Syst., 24(6).
  11. Ratna, D., Rana, B., and Palash, S. (2004). Pairing-based cryptographic protocols : A survey.
  12. Seo, S.-H., Nabeel, M., Ding, X., and Bertino, E. (2013). An efficient certificateless encryption for secure data sharing in public clouds. IEEE Transactions on Knowledge and Data Engineering, 99:1.
  13. The OpenSSL Project (2003).
  14. Wang, C., guang Qin, Z., Peng, J., and Wang, J. (2010). A novel encryption scheme for data deduplication system. pages 265-269.
  15. Xiong, H., Zhang, X., Yao, D., Wu, X., and Wen, Y. (2012). Towards end-to-end secure content storage and delivery with public cloud. CODASPY 7812, pages 257- 266. ACM.
  16. Yu, S., Wang, C., Ren, K., and Lou, W. (2010). Achieving secure, scalable, and fine-grained data access control in cloud computing. INFOCOM'10, pages 534-542.
  17. Zarandioon, S., Yao, D. D., and Ganapathy, V. (2011). K2c: Cryptographic cloud storage with lazy revocation and anonymous access. In SecureComm, volume 96, pages 59-76. Springer.
  18. Zhou, L., Varadharajan, V., and Hitchens, M. (2011). Enforcing role-based access control for secure data storage in the cloud. Comput. J., 54.
Download


Paper Citation


in Harvard Style

Kaaniche N., Laurent M. and El Barbori M. (2014). CloudaSec: A Novel Public-key Based Framework to Handle Data Sharing Security in Clouds . In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 5-18. DOI: 10.5220/0005010600050018


in Bibtex Style

@conference{secrypt14,
author={Nesrine Kaaniche and Maryline Laurent and Mohammed El Barbori},
title={CloudaSec: A Novel Public-key Based Framework to Handle Data Sharing Security in Clouds},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={5-18},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005010600050018},
isbn={978-989-758-045-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - CloudaSec: A Novel Public-key Based Framework to Handle Data Sharing Security in Clouds
SN - 978-989-758-045-1
AU - Kaaniche N.
AU - Laurent M.
AU - El Barbori M.
PY - 2014
SP - 5
EP - 18
DO - 10.5220/0005010600050018