Framework for securing data in cloud storage services

Nowadays, users rely on cloud storage as it offers cheap and unlimited data storage that is available for use by multiple devices (e.g. smart phones, notebooks, etc.). Although these cloud storage services offer attractive features, many customers are not adopting them, since data stored in these services is under the control of service providers and this makes it more susceptible to security risks. Therefore, in this paper, we addressed the problem of ensuring data confidentiality against cloud and against accesses beyond authorized rights by designing a secure cloud storage system framework that simultaneously achieves data confidentiality and fine-grained access control on encrypted data. This framework is built on a trusted third party (TTP) service that can be employed either locally on users´ machine or premises, or remotely on top of cloud storage services for ensuring data confidentiality. Furthermore, this service combines multi-authority ciphertext policy attribute-based encryption (MA-CP-ABE) and attribute-based Signature (ABS) for achieving many-read-many-write fine-grained data access control on storage services. Last but not least, we validate the effectiveness of our design by carrying out a security analysis.