Skip to main content
SpringerLink
Log in

Secure Data Access and Sharing Scheme for Cloud Storage

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Cloud storage is a new storage mode emerged along with the development of cloud computing paradigm. By migrating the data to cloud storage, the consumers can be liberated from building and maintaining the private storage infrastructure, and they can enjoy the data storage service at anywhere and anytime with high reliability and a relatively low cost. However, the security and privacy risks, especially the confidentiality and integrity of data seem to be the biggest hurdle to the adoption of the cloud storage applications. In this paper, we consider the secure data access and sharing issues for cloud storage services. Based on the intractability of the discrete logarithm problem, we design a secure data access and data sharing scheme for cloud storage, where we utilize the user authentication scheme to deal with the data access problem. According to our analysis, through our scheme, only valid user with the correct password and biometric can access to the cloud storage provider. Besides, the authorized users can access the rightful resources and verify the validity of the shared data, but cannot transfer the permission to any other party. At the same time, the confidentiality and integrity of data can be guaranteed.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Mell, P., & Grance, T. (2011). The NIST definition of cloud computing. US National Institute of Standards and Technology. http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf.

  2. Reese, G. (2009). Cloud application architectures: Building applications and infrastructure in the cloud. O’Reilly Media, Inc. ISBN: 0596156367.

  3. Buyya, R., Yeo, C. S., Venugopal, S., Broberg, J., & Brandic, I. (2009). Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility. Future Generation Computer Systems, 25(6), 599–616.

    Article  Google Scholar 

  4. Twinstrata. http://www.twinstrata.com. 10 May 2012.

  5. Xia, Z., Wang, X., Sun, X., & Wang, Q. (2015). A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Transactions on Parallel and Distributed Systems, 27(2), 340–352.

    Article  Google Scholar 

  6. Fu, Z., Ren, K., Shu, J., Sun, X., & Huang, F. (2015). Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Transactions on Parallel and Distributed Systems. doi:10.1109/TPDS.2015.2506573.

  7. Fu, Z., Sun, X., Liu, Q., Zhou, L., & Shu, J. (2015). Achieving efficient cloud search services: Multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Transactions on Communications, E98(B(1)), 190–200.

    Article  Google Scholar 

  8. Ren, Y., Shen, J., Wang, J., Han, J., & Lee, S. (2015). Mutual verifiable provable data auditing in public cloud storage. Journal of Internet Technology, 16(2), 317–323.

    Google Scholar 

  9. Green, M., & Ateniese, G. (2007). Identity-based proxy re-encryption. In Applied cryptography and network security (pp. 288–306). Berlin: Springer.

  10. Shao, J., & Cao, Z. (2009). CCA-secure proxy re-encryption without pairings. In Public Key CryptographyCPKC 2009 (pp. 357–376). Berlin: Springer.

  11. Deng, R. H., Weng, J., Liu, S., & Chen, K. (2008). Chosen-ciphertext secure proxy re-encryption without pairings. In Cryptology and network security (pp. 1–17). Berlin: Springer.

  12. Wang, H., Cao, Z., & Wang, L. (2010). Multi-use and unidirectional identity-based proxy re-encryption schemes. Information Sciences, 180(20), 4042–4059.

    Article  MathSciNet  MATH  Google Scholar 

  13. Libert, B., & Vergnaud, D. (2011). Unidirectional chosen-ciphertext secure proxy re-encryption. IEEE Transactions onInformation Theory, 57(3), 1786–1802.

    Article  MathSciNet  MATH  Google Scholar 

  14. Liu, Q., Wang, G., & Wu, J. (2014). Time-based proxy re-encryption scheme for secure data sharing in a cloud environment. Information Sciences, 258, 355–370.

    Article  Google Scholar 

  15. Hur, J., & Noh, D. K. (2011). Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Transactions on Parallel and Distributed Systems, 22(7), 1214–1221.

    Article  Google Scholar 

  16. Attrapadung, N., Herranz, J., Laguillaumie, F., Libert, B., De Panafieu, E., & Rafols, C. (2012). Attribute-based encryption schemes with constant-size ciphertexts. Theoretical Computer Science, 422, 15–38.

    Article  MathSciNet  MATH  Google Scholar 

  17. Li, M., Yu, S., Zheng, Y., Ren, K., & Lou, W. (2013). Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Transactions on Parallel and Distributed Systems, 24(1), 131–143.

    Article  Google Scholar 

  18. Lai, J., Deng, R. H., Guan, C., & Weng, J. (2013). Attribute-based encryption with verifiable outsourced decryption. IEEE Transactions on Information Forensics and Security, 8(8), 1343–1354.

    Article  Google Scholar 

  19. Gentry, C. (2009). A fully homomorphic encryption scheme. Doctoral dissertation, Stanford University.

  20. Gentry, C. (2009, May). Fully homomorphic encryption using ideal lattices. In In Proceedings of the 41st annual ACM symposium on Theory of computing, STOC 09, Vol. 9, pp. 169–178.

  21. Van Dijk, M., Gentry, C., Halevi, S., & Vaikuntanathan, V. (2010). Fully homomorphic encryption over the integers. In Advances in cryptology CEUROCRYPT 2010 (pp. 24–43). Berlin: Springer.

  22. Brakerski, Z., & Vaikuntanathan, V. (2014). Efficient fully homomorphic encryption from (standard) LWE. SIAM Journal on Computing, 43(2), 831–871.

    Article  MathSciNet  MATH  Google Scholar 

  23. Boneh, D., Gentry, C., Gorbunov, S., Halevi, S., Nikolaenko, V., Segev, G., Vaikuntanathan V., & Vinayagamurthy, D. (2014). Fully key-homomorphic encryption, arithmetic circuit ABE and compact garbled circuits. In Advances in cryptology CEUROCRYPT 2014 (pp. 533–556). Berlin: Springer.

  24. Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., & Song, D. (2007, October). Provable data possession at untrusted stores. In Proceedings of the 14th ACM conference on computer and communications security, Acm, pp. 598–609.

  25. Juels, A., & Kaliski Jr, B. S. (2007, October). PORs: Proofs of retrievability for large files. In Proceedings of the 14th ACM conference on Computer and communications security, Acm, pp. 584–597.

  26. Chen, L. (2013). Using algebraic signatures to check data possession in cloud storage. Future Generation Computer Systems, 29(7), 1709–1715.

    Article  Google Scholar 

  27. Chen, L., Zhou, S., Huang, X., & Xu, L. (2013). Data dynamics for remote data possession checking in cloud storage. Computers & Electrical Engineering, 39(7), 2413–2424.

    Article  Google Scholar 

  28. Yu, Y., Ni, J., Au, M. H., Liu, H., Wang, H., & Xu, C. (2014). Improved security of a dynamic remote data possession checking protocol for cloud storage. Expert Systems with Applications, 41(17), 7789–7796.

    Article  Google Scholar 

  29. Wang, Q., Wang, C., Li, J., Ren, K., & Lou, W. (2009). Enabling public verifiability and data dynamics for storage security in cloud computing. In Computer security CESORICS 2009 (pp. 355–370). Berlin: Springer.

  30. Zhu, Y., Wang, H., Hu, Z., Ahn, G. J., Hu, H., & Yau, S. S. (2011, March). Dynamic audit services for integrity verification of outsourced storages in clouds. In Proceedings of the 2011 ACM symposium on applied computing, ACM, pp. 1550–1557.

  31. Wang, C., Wang, Q., Ren, K., & Lou, W. (2010, March). Privacy-preserving public auditing for data storage security in cloud computing. In Proceedings of IEEE INFOCOM 2010, IEEE, pp. 1–9.

  32. Wang, B., Li, B., & Li, H. (2014). Oruta: Privacy-preserving public auditing for shared data in the cloud. IEEE Transactions on Cloud Computing, 2(1), 43–56.

    Article  Google Scholar 

  33. Zhao, G., Rong, C., Li, J., Zhang, F., & Tang, Y. (2010, November). Trusted data sharing over untrusted cloud storage providers. In 2010 IEEE second international conference on cloud computing technology and science (CloudCom), IEEE, pp. 97–103.

  34. Dodis, Y., Reyzin, L., & Smith, A. (2004, May). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In Advances in cryptology-eurocrypt 2004 (pp. 523–540). Berlin: Springer.

  35. Huang, X., Xiang, Y., Chonka, A., Zhou, J., & Deng, R. H. (2011). A generic framework for three-factor authentication: Preserving security and privacy in distributed systems. IEEE Transactions on Parallel and Distributed Systems, 22(8), 1390–1397.

    Article  Google Scholar 

  36. Jiang, Q., Ma, J., Lu, X., & Tian, Y. (2015). An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-Peer Networking and Applications, 8(6), 1070–1081.

    Article  Google Scholar 

  37. Jiang, Q., Ma, J., Li, G., & Yang, L. (2013). An enhanced authentication scheme with privacy preservation for roaming service in global mobility networks. Wireless Personal Communications, 68(4), 1477–1491.

    Article  Google Scholar 

  38. Wang, D., & Wang, P. (2014). On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions. Computer Networks, 73, 41–57.

    Article  Google Scholar 

  39. Wang, D., He, D., Wang, P., & Chu, C. (2015). Anonymous two-factor authentication in distributed systems: Certain goals are beyond attainment. IEEE Transactions on Dependable and Secure Computing, 12(4), 228–244.

    Article  Google Scholar 

  40. He, D., Zeadally, S., Kumar, N., & Lee, J. H. (2016). Anonymous authentication for wireless body area networks with provable security. IEEE Systems Journal. doi:10.1109/JSYST.2016.2544805.

  41. He, D., Zeadally, S., & Wu, L. (2015). Certificatelesspublic auditing scheme for cloud-assisted wireless body area networks. IEEE Systems Journal. doi:10.1109/JSYST.2015.2428620.

  42. He, D., Kumar, N., Shen, H., & Lee, J. H. (2016). One-to-many authentication for access controlin mobile pay-TV systems. Science China-Information Sciences, 59, 052108. doi:10.1007/s11432-015-5469-5.

    Article  MathSciNet  Google Scholar 

  43. Li, X., Niu, J., Wang, Z., & Chen, C. (2014). Applying biometrics to design three-factor remote user authentication scheme with key agreement. Security and Communication Networks, 7(10), 1488–1497.

    Google Scholar 

  44. Li, X., Niu, J., Liao, J., & Liang, W. (2015). Cryptanalysis of a dynamic identity-based remote user authentication scheme with verifiable password update. International Journal of Communication Systems, 28(2), 374–382.

    Article  Google Scholar 

  45. Li, X., Niu, J., Khan, M. K., & Liao, J. (2013). An enhanced smart card based remote user password authentication scheme. Journal of Network and Computer Applications, 36(5), 1365–1371.

    Article  Google Scholar 

  46. Guo, P., Wang, J., Li, B., & Lee, S. Y. (2014). A variable threshold-value authentication architecture for wireless mesh networks. Journal of Internet Technology, 15(6), 929–936.

    Google Scholar 

  47. Burrows, M., Abadi, M., & Needham, R. M. (1989). A logic of authentication. In Proceedings of the royal society of London A: Mathematical, physical and engineering sciences (Vol. 426, No. 1871, pp. 233–271). London: The Royal Society.

  48. Li, X., Niu, J., Kumari, S., Liao, J., & Liang, W. (2015). An enhancement of a smart card authentication scheme for multi-server architecture. Wireless Personal Communications, 80(1), 175–192.

    Article  Google Scholar 

Download references

Acknowledgments

This work was supported by the National Natural Science Foundation of China under Grant Nos. 61300220, 61572013, 61572188, 61402528, and 61672295, the Scientific Research Fund of Hunan Provincial Education Department under Grant no. 16B089, and the China Postdoctoral Science Foundation Funded Project under Grant Nos. 2014M550590 and 2015T80035. Author Fan Wu is also is supported by Fujian Education and Scientific Research Program for Young and Middle-aged Teachers under Grant No. JA14369 and University Distinguished Young Research Talent Training Program of Fujian Province (Year 2016).

Author information

Authors and Affiliations

  1. School of Computer Science and Engineering, Hunan University of Science and Technology, Xiangtan, 411201, China

    Xiong Li

  2. School of Computer and Software, Nanjing University of Information Science and Technology, Nanjing, 210044, China

    Xiong Li & Jian Shen

  3. State Key Laboratory of Software Development Environment, Beihang University, Beijing, 100191, China

    Xiong Li

  4. Department of Mathematics, Ch. Charan Singh University, Meerut, Uttar Pradesh, India

    Saru Kumari

  5. Department of Computer Science and Engineering, Xiamen Institute of Technology, Xiamen, 361021, China

    Fan Wu

  6. Ministry of Science Research, The Academy of Armored Forces Engineering, Beijing, 100072, China

    Caisen Chen

  7. Department of Computer Science and Engineering, Indian Institute of Information Technology, Kalyani, Kalyani, West Bengal, 741235, India

    SK Hafizul Islam

Authors
  1. Xiong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Saru Kumari
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jian Shen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Fan Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Caisen Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. SK Hafizul Islam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jian Shen.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Li, X., Kumari, S., Shen, J. et al. Secure Data Access and Sharing Scheme for Cloud Storage. Wireless Pers Commun 96, 5295–5314 (2017). https://doi.org/10.1007/s11277-016-3742-6

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-016-3742-6

Keywords

Search

Navigation