• DocumentCode
    1760764
  • Title

    DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems

  • Author

    Kan Yang ; Xiaohua Jia ; Kui Ren ; Bo Zhang ; Ruitao Xie

  • Author_Institution
    Dept. of Comput. Sci., Univ. of Sci. & Technol. of China, Hefei, China
  • Volume
    8
  • Issue
    11
  • fYear
    2013
  • fDate
    Nov. 2013
  • Firstpage
    1790
  • Lastpage
    1801
  • Abstract
    Data access control is an effective way to ensure data security in the cloud. However, due to data outsourcing and untrusted cloud servers, the data access control becomes a challenging issue in cloud storage systems. Existing access control schemes are no longer applicable to cloud storage systems, because they either produce multiple encrypted copies of the same data or require a fully trusted cloud server. Ciphertext-policy attribute-based encryption (CP-ABE) is a promising technique for access control of encrypted data. However, due to the inefficiency of decryption and revocation, existing CP-ABE schemes cannot be directly applied to construct a data access control scheme for multiauthority cloud storage systems, where users may hold attributes from multiple authorities. In this paper, we propose data access control for multiauthority cloud storage (DAC-MACS), an effective and secure data access control scheme with efficient decryption and revocation. Specifically, we construct a new multiauthority CP-ABE scheme with efficient decryption, and also design an efficient attribute revocation method that can achieve both forward security and backward security. We further propose an extensive data access control scheme (EDAC-MACS), which is secure under weaker security assumptions.
  • Keywords
    authorisation; cloud computing; cryptography; storage management; CP-ABE schemes; DAC-MACS; EDAC-MACS; backward security; ciphertext-policy attribute-based encryption; data access control for multiauthority cloud storage system; efficient attribute revocation method; extensive data access control scheme; forward security; trusted cloud server; Access control; Cloud computing; Encryption; Public key; Servers; Access control; CP-ABE; attribute revocation; decryption outsourcing; multiauthority cloud;
  • fLanguage
    English
  • Journal_Title
    Information Forensics and Security, IEEE Transactions on
  • Publisher
    ieee
  • ISSN
    1556-6013
  • Type

    jour

  • DOI
    10.1109/TIFS.2013.2279531
  • Filename
    6585778