Abstract
With analyzing cloud storage data security requirements, in this paper we focus on data privacy protection in cloud storage, and proposed a measure to optimize the efficiency of access control in cryptographic cloud storage. For the main users that use cloud storage services are enterprise and the community users, they have the characteristics in common that they manage their data access rights by the mode of hierarchical classification. Because of this, combined ciphertext policy attribute-based encryption (CP-ABE) algorithm and hierarchical identity-based encryption (HIBE) algorithm, we proposed to identify users by both precise identity and attribute in the process of making data access control strategy, and use hierarchy when generate keys. The advantage of this is that it can effectively protect the data privacy in cloud storage, and support precise identity and attribute access control, and fine-grained access. Furthermore, for the purpose of reducing cost of access cloud storage, we proposed an efficiency access control optimizing technique based on local agency, which can replace users to complete the ciphertext access control related operations, and cache frequently accessed data, effectively reduce the impact of using the ciphertext access control mechanisms. Experiments show that the scheme can reduce additional cost of cloud storage data protection, and suitable for using in actual scenes of cloud storage.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
iResearch: China Cloud Storage Industry and User Behavior Research Report. http://report.iresearch.cn/1763.html
Borgmann, M., Hahn, T., Herfert, M.: On the security of cloud storage services. http://www.sit.fraunhofer.de/content/dam/sit/en/studies/Cloud-Storage-ecurity_a4.pdf
Shi, X.: The Core of Cloud Storage is Information Security, pp. 107–108. China Information Security, Beijing (2013)
Mather, T., Kumaraswamy, S., Latif, S.: Cloud Security and Privcy. O’Reilly, Media, Inc., Houston (2009)
Kamara, S., Lauter, K.: Cryptographic cloud storage. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) RLCPS, WECSR, and WLC 2010. LNCS, vol. 6054, pp. 136–149. Springer, Heidelberg (2010)
Zhang, R., Chen, P.: A dynamic cryptographic access control scheme in cloud storage services. In: Proceedings of the 8th International Conference on Computing and Networking Technology, pp. 50–55. IEEE Press, New York (2012)
Lv, Z., Zhang, M., Feng, D.: Cryptographic access control scheme for cloud storage. Jisuanji Kexue yu Tansuo, pp. 835–844. Computer Research and Development, Beijing (2011)
Chase, M.: Multi-authority attribute based encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 515–534. Springer, Heidelberg (2007)
Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient and provably secure realization. In: Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography, pp. 53–70. Taormina, Italy (2011)
Goyal, V., Pandey, O., Sahai, A.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 89–98. ACM Press, New York (2006)
Yu, S., Wang, C., Ren, K.: Achieving secure, scalable and fine-grained data access control in cloud computing. In: Proceedings of the IEEE INFOCOM 2010, pp. 19. IEEE Press, New York (2010)
SNIA: Cloud Data Management Interface (CDMI). http://snia.org/sites/default/files/CDMI%20v1.0.2.pdf
Bethencourt, J., Sahai, A., Waters, B.: Advanced crypto software collection ciphertext–policy attribute–based encryption. http://acsc.cs.utexas.edu/cpabe/
Plank, J.S., Simmerman, S., Schuman, C.D.: Jerasure: A library in C/C++ facilitating erasure coding for storage applications – version 1.2. http://web.eecs.utk.edu/~plank/plank/papers/CS-08-627.html
Acknowledgments
This research was financially supported by the Science Foundation of Education Department of Liaoning Province (No. L2014533). We thank for their support.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Zhu, S., Jiang, L., Zhou, Z. (2015). An Efficient Access Control Optimizing Technique Based on Local Agency in Cryptographic Cloud Storage. In: Huang, Z., Sun, X., Luo, J., Wang, J. (eds) Cloud Computing and Security. ICCCS 2015. Lecture Notes in Computer Science(), vol 9483. Springer, Cham. https://doi.org/10.1007/978-3-319-27051-7_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-27051-7_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-27050-0
Online ISBN: 978-3-319-27051-7
eBook Packages: Computer ScienceComputer Science (R0)