DocumentCode :
1756623
Title :
Fuzzy Authorization for Cloud Storage
Author :
Shasha Zhu ; Guang Gong
Author_Institution :
Dept. of R&D Team, UXP Syst. Inc., Toronto, ON, Canada
Volume :
2
Issue :
4
fYear :
2014
fDate :
Oct.-Dec. 1 2014
Firstpage :
422
Lastpage :
435
Abstract :
By leveraging and modifying ciphertext-policy attribute based encryption (CP-ABE) and OAuth, we propose a new authorization scheme, called fuzzy authorization, to facilitate an application registered with one cloud party to access data residing in another cloud party. The new proposed scheme enables the fuzziness of authorization to enhance the scalability and flexibility of file sharing by taking advantage of the one-to-one correspondence between linear secret-sharing scheme (LSSS) and generalized Reed Solomon (GRS) code. Furthermore, by conducting attribute distance checking and distance adjustment, operations like sending attribute sets and satisfying an access tree are eliminated. In addition, the automatic revocation is realized with update of TimeSlot attribute when data owner modifies the data. The security of the fuzzy authorization is proved under the d-BDHE assumption. In order to measure and estimate the performance of our scheme, we have implemented the protocol flow of fuzzy authorization with OMNET++ 4.2.2 and realized the cryptographic part with pairing-based cryptography (PBC) library. Experimental results show that fuzzy authorization can achieve fuzziness of authorization among heterogeneous clouds with security and efficiency.
Keywords :
Reed-Solomon codes; authorisation; cloud computing; cryptography; fuzzy set theory; peer-to-peer computing; CP-ABE; GRS code; OAuth; OMNET++ 4.2.2; TimeSlot attribute; attribute distance adjustment; attribute distance checking; ciphertext-policy attribute based encryption; cloud storage; d-BDHE; file sharing; fuzzy authorization; generalized Reed Solomon code; linear secret-sharing scheme; pairing-based cryptography; Authorization; Cloud computing; Data storage; Encryption; Fuzzy methods; Scalability; Access control; attribute based encryption; ciphertext-policy; cloud storage; fuzzy authorization; generalized Reed-Solomon code; privacy; security;
fLanguage :
English
Journal_Title :
Cloud Computing, IEEE Transactions on
Publisher :
ieee
ISSN :
2168-7161
Type :
jour
DOI :
10.1109/TCC.2014.2338324
Filename :
6853321
Link To Document :
بازگشت