Authors:
Mai Dahshan
1
and
Sherif Elkassas
2
Affiliations:
1
American University in Cairo, Egypt
;
2
American University In Cairo, Egypt
Keyword(s):
Cloud Storage, Cloud Security, Data Confidentiality, Fine Grained Access Control, Trusted Third Party.
Related
Ontology
Subjects/Areas/Topics:
Access Control
;
Data and Application Security and Privacy
;
Data Engineering
;
Data Protection
;
Databases and Data Security
;
Information and Systems Security
;
Internet Technology
;
Security and Privacy in the Cloud
;
Web Information Systems and Technologies
Abstract:
Nowadays, users rely on cloud storage as it offers cheap and unlimited data storage that is available for use by multiple devices (e.g. smart phones, notebooks, etc.). Although these cloud storage services offer attractive features, many customers are not adopting them, since data stored in these services is under the control of service providers and this makes it more susceptible to security risks. Therefore, in this paper, we addressed the problem of ensuring data confidentiality against cloud and against accesses beyond authorized rights by designing a secure cloud storage system framework that simultaneously achieves data confidentiality and fine-grained access control on encrypted data. This framework is built on a trusted third party (TTP) service that can be employed either locally on users' machine or premises, or remotely on top of cloud storage services for ensuring data confidentiality. Furthermore, this service combines multi-authority ciphertext policy attribute-based en
cryption (MA-CP-ABE) and attribute-based Signature (ABS) for achieving many-read-many-write fine-grained data access control on storage services. Last but not least, we validate the effectiveness of our design by carrying out a security analysis.
(More)