Skip to main content
SpringerLink
Log in
Book cover

International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage

SpaCCS 2020: Security, Privacy, and Anonymity in Computation, Communication, and Storage pp 1–18Cite as

Privacy-Preserving and Scalable Data Access Control Based on Self-sovereign Identity Management in Large-Scale Cloud Storage

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 12382))

Abstract

Ciphertext-Policy Attribute-based Encryption (CP-ABE) can realize fine-grain access control by data encryption in an untrusted environment and thus has become the promising data security protection mechanism for outsourced cloud storage. Although CP-ABE scheme with single attribute authority (AA) has been extended to multi-AA and threshold multi-AA schemes to deal with single-point bottleneck on both security and performance in large-scale cloud storage, management of identity attributes still depends on a trusted center, which leaves the scalability of user attribute revocation unresolved in large-scale cloud or cross-cloud access. To solve the above problem, the proposed scheme combines blockchain based self-sovereign identity management (BbSSIM) technology and threshold CP-ABE to achieve access control based on the self-sovereign identity, which removes the trusted intermediaries in a decentralized and trustless environment. Besides good scalability, the attribute revocation, key generation and data access process all keep the user anonymous and thus the user’s privacy is well protected.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    Uport: Open Identity System for The Decentralized Web, https://www.uport.me, last accessed 2020/5/12.

  2. 2.

    Shocard: Secure Enterprise Identity Authentication, https://shocard.com, last accessed 2020/5/12.

  3. 3.

    Sovrin-Identity for All, https://sovrin.org, last accessed 2020/5/12.

References

  1. Sohr, K., Drouineaud, M., Ahn, G.-J.: Analyzing and managing role-based access control policies. IEEE Trans. Knowl. Data Eng. 20(7), 924–939 (2008)

    Article  Google Scholar 

  2. Cameron, K.: The Laws of Identity, vol. 12, pp. 8–11. Microsoft Corp (2005)

    Google Scholar 

  3. Mustafa, A.-B.: SCPKI: a smart contract-based PKI and identity system. In: Proceedings of the ACM Workshop on Blockchain, Cryptocurrencies and Contracts, pp. 35–40. ACM, Abu Dhabi (2017)

    Google Scholar 

  4. Fromknecht, C., Velicanu, D., Yakoubov, S.: A decentralized public key infrastructure with identity retention. IACR Cryptology ePrint Archive 2014, 803 (2014)

    Google Scholar 

  5. Axon, L.: Privacy-awareness in Blockchain-based PKI. CDT Technical Paper Series 21, 15 (2015)

    Google Scholar 

  6. Augot, D., Chabanne, H., Chenevier, T., George, W., Lambert, L.: A user-centric system for verified identities on the bitcoin blockchain. In: Garcia-Alfaro, J., Navarro-Arribas, G., Hartenstein, H., Herrera-Joancomartí, J. (eds.) ESORICS/DPM/CBT -2017. LNCS, vol. 10436, pp. 390–407. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-67816-0_22

    Chapter  Google Scholar 

  7. Al-Dahhan, R.R., Shi, Q., Lee, G.M., Kifayat, K.: Survey on revocation in ciphertext-policy attribute-based encryption. Sensors 19(7), 1695 (2019)

    Article  Google Scholar 

  8. Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 417–426. ACM, Alexandria (2008)

    Google Scholar 

  9. Ibraimi, L., Petkovic, M., Nikova, S., Hartel, P., Jonker, W.: Mediated ciphertext-policy attribute-based encryption and its application. In: Youm, H.Y., Yung, M. (eds.) WISA 2009. LNCS, vol. 5932, pp. 309–323. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10838-9_23

    Chapter  Google Scholar 

  10. Gai, F., Wang, B., Deng, W., Peng, W.: Proof of reputation: a reputation-based consensus protocol for peer-to-peer network. In: Pei, J., Manolopoulos, Y., Sadiq, S., Li, J. (eds.) DASFAA 2018. LNCS, vol. 10828, pp. 666–681. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-91458-9_41

    Chapter  Google Scholar 

  11. Li, W., Xue, K., Xue, Y., Hong, J.: TMACS: a robust and verifiable threshold multi-authority access control system in public cloud storage. IEEE Trans. Parallel Distrib. Syst. 27(5), 1484–1496 (2015)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Computer Science and Technology, Chongqing University of Posts and Telecommunications, Chongqing, 400065, China

    Min Xiao, Zhongyue Ma & Tao Li

Authors
  1. Min Xiao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhongyue Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tao Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Min Xiao .

Editor information

Editors and Affiliations

  1. Guangzhou University, Guangzhou, China

    Guojun Wang

  2. Aeronautics and Astronautics, Nanjing University, Nanjing, China

    Bing Chen

  3. Computer Science, Georgia State University, Atlanta, GA, USA

    Wei Li

  4. College of Science and Engineering, Qatar Foundation Education City, Doha, Qatar

    Roberto Di Pietro

  5. Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Xuefeng Yan

  6. Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Hao Han

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Xiao, M., Ma, Z., Li, T. (2021). Privacy-Preserving and Scalable Data Access Control Based on Self-sovereign Identity Management in Large-Scale Cloud Storage. In: Wang, G., Chen, B., Li, W., Di Pietro, R., Yan, X., Han, H. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2020. Lecture Notes in Computer Science(), vol 12382. Springer, Cham. https://doi.org/10.1007/978-3-030-68851-6_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-68851-6_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-68850-9

  • Online ISBN: 978-3-030-68851-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation