Abstract
As cloud storage becomes more common, data security is an increasing concern. In this paper, we propose a new approach to control access to the user’s data stored in the cloud with the state-of-the-arts decentralized blockchain technology. In general, an access control solution for cloud data involves three components: authentication, authorization and auditing. It is expensive for the cloud server to ensure authentication, authorization and auditing for access control of the user’s data in cloud computing environment. In addition, it is hard to prevent the malicious cloud server from access to the user’s data and disclose the user’s privacy. Our approach distributes the access control tasks for authentication, authorization and auditing to a network of nodes like bitcoin. In particular, we keep the auditing records in the transparent blockchain. In addition, we employ the Shamir secret sharing scheme to manage the encryption key for cloud users.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Crypto++ 6.0.0 Benchmarks. https://www.cryptopp.com/benchmarks.html
Daemen, J., Rijmen, V.: Rijndael, the advanced encryption standard. Dr. Dobb’s J. 26(3), 137–139 (2001)
Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1(1), 36–63 (2001)
Freier, A., Karlton, P., Kocher, P.: The secure sockets layer (SSL) protocol version 3.0, No. RFC 6101 (2011). https://tools.ietf.org/html/rfc6101
Mega Homepage. https://mega.nz
Ouaddah, A., Abou Elkalam, A., Ait Ouahman, A.: FairAccess: a new Blockchain-based access control framework for the Internet of Things. Secur. Commun. Netw. 9(18), 5943–5964 (2016)
Ouaddah, A., Elkalam, A.A., Ouahman, A.A.: Towards a novel privacy-preserving access control model based on blockchain technology in IoT. In: Rocha, Á., Serrhini, M., Felgueiras, C. (eds.) Europe and MENA Cooperation Advances in Information and Communication Technologies. Advances in Intelligent Systems and Computing, vol. 520, pp. 523–533. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-46568-5_53
National Institute of Standards and Technology (NIST). FIPS 180–2: Secure Hash Standard (SHS), Current version of the Secure Hash Standard (SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512) (2004)
Sandhu, R.S., Samarati, P.: Access control: principle and practice. IEEE Commun. Mag. 32(9), 40–48 (1994)
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Spideroak Homepage. https://spideroak.com
Swan, M.: Blockchain: Blueprint for a New Economy. O’Reilly Media Inc., Sebastopol (2015)
Zheng, Z., Xie, S., Dai, H.N., Wang, H.: Blockchain challenges and opportunities: A survey. Work Pap. (2016). http://inpluslab.sysu.edu.cn/?les/blockchain/blockchain.pdf
Zyskind, G., Nathan, O.: Decentralizing privacy: using blockchain to protect personal data. In: Security and Privacy Workshops (SPW), 2015 IEEE, pp. 180–184. IEEE (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Guo, J., Yang, W., Lam, KY., Yi, X. (2019). Using Blockchain to Control Access to Cloud Data. In: Guo, F., Huang, X., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2018. Lecture Notes in Computer Science(), vol 11449. Springer, Cham. https://doi.org/10.1007/978-3-030-14234-6_15
Download citation
DOI: https://doi.org/10.1007/978-3-030-14234-6_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-14233-9
Online ISBN: 978-3-030-14234-6
eBook Packages: Computer ScienceComputer Science (R0)