Abstract
Cloud computing offers a new way of service provision and will play an important role in the next generation mobile networks and services (in short 5G). Cloud data privacy and security protection is a crucial issue that impacts the success of cloud computing and may impede the development of 5G. Literature has proposed a number of cloud data access control schemes. However, existing solutions suffer from high computation complexity and cost and therefore few of them have been really deployed in practice. In this paper, we propose a practical scheme to securely access cloud data and effectively reduce access risk according to the reputations of cloud computing entities by applying proxy re-encryption in the situation that the data owner is not available online or does not know how to control the access. The advantages, security and performance of the proposed scheme are evaluated and justified through extensive analysis, security proof and implementation. The results show the efficiency and effectiveness of our scheme for practical deployment.
Similar content being viewed by others
References
Chow R et al (2009) Controlling data in the cloud: outsourcing computation without outsourcing control. Proc. of the ACM Workshop on Cloud Computing Security (CCS), pp 85–90
Kamara S, Lauter K (2010) Cryptographic cloud storage. Proc. of the International Conference on Financial Cryptograpy and Data Security (FC), pp 136–149
Liu Q, Tan C, Wu J, Wang G (2012) Efficient information retrieval for ranked queries in cost-effective cloud environments. Proc. of the IEEE International Conference on Computer Communications (INFOCOM), pp 2581–2585
Kallahalla M, Riedel E, Swaminathan R, Wang Q, Fu K (2003) Plutus: scalable secure file sharing on untrusted storage. Proc. of the USENIX Conference on File and Storage Technologies (FAST), pp 29–42
Goh E, Shacham H, Modadugu N, Boneh D (2003) Sirius, securing remote untrusted storage. Proc. of Network and Distributed Systems Security Symposium (NDSS), pp 131–145
Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute based encryption. Proc. of the 2007 I.E. Symposium on Security and Privacy, pp 321–334
Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. Proc. of the 13th ACM Conference on Computer and Communications Security, pp 89–98
Muller S, Katzenbeisser S, Eckert C (2008) Distributed attribute-based encryption. Proc. of the 11th Annual International Conference on Information Security and Cryptology, pp 20–36
Sahai A, Waters B (2005) Fuzzy identity-based encryption. in Proc. of 24th International Conference on the Theory and Application of Cryptographic Techniques, pp 457–473
Pirretti M, Traynor P, McDaniel P, Waters B (2010) Secure attribute based systems. J Comput Secur 18(5):799–837
Blaze M, Bleumer G, Strauss M (1998) Divertible protocols and atomic proxy cryptography. Proc. of International Conference on the Theory and Application of Cryptographic Techniques (EUROCRYPT), pp 127–144
Green M, Ateniese G (2007) Identity-based proxy re-encryption. Proc. of the International Conference on Applied Cryptography and Network Security (ACNS), pp 288–306
Yu S, Wang C, Ren K, Lou W (2010) Achieving secure, scalable, and fine-grained data access control in cloud computing. Proc. of the IEEE International Conference on Computer Communications (INFOCOM), pp 534–542
Wang G, Liu Q, Wu J, Guo M (2011) Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers. Comput Secur 30(5):320–331
Yu S, Wang C, Ren K, Lou W (2010) Attribute based data sharing with attribute revocation. Proc. of the ACM Symposium on Information, Computer and Communications Security (ASIACCS), pp 261–270
Yan Z (ed) (2010) Trust modeling and management in digital environments: from social concept to system development. IGI Global, USA
Yan Z (2008) A comprehensive trust model for component software. SecPerU’08, held in conjunction with International Conference on Pervasive Services, pp 1–6
Wang G, Liu Q, Wu J (2010) Hierarchical attribute-based encryption for fine-grained access control in cloud storage services. Proc. of the 17th ACM Conference on Computer and Communications Security (Poster), pp 735–737
Zhou M, Mu Y, Susilo W, Yan J (2011) Piracy-preserved access control for cloud computing. Proc TrustCom 11:83–90
Ateniese G, Fu K, Green M, Hohenberger S (2005) Improved proxy re-encryption schemes with applications to secure distributed storage. Proc. of the 12th Annual Network and Distributed System Security Symposium, pp 29–43
Yan Z, Wang M, Niemi V, Kantola R (2013) Secure pervasive social networking based on multi-dimensional trust levels. Proc. of IEEE CNS2013, pp 100–108
Li M, Yu S, Zheng Y, Ren K, Lou W (2013) Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans Parallel Distrib Syst 24(1):131–143
Yan Z, Zhang P, Deng RH (2012) TruBeRepec: a trust-behavior-based reputation and recommender system for mobile applications. J Pers Ubiquit Comput Springer 16(5):485–506
Wan Z, Liu J, Deng RH (2012) HASBE: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE Tran Info Forensics Secur 7(2):743–754
Yan Z (2013) Trust management in mobile environments – usable and autonomic models. IGI Global, USA
Reza Rahimi M, Ren J, Liu CH, Vasilakos AV, Venkatasubramanian N (2014) Mobile cloud computing: a survey, state of art and future directions. ACM/Springer MONET 19(2):133–143
Kumar K, Liu J, Lu Y-H, Bhargava B (2013) A survey of computation offloading for mobile systems. ACM/Springer MONET 18:129–140
Yan Z, Chen Y, Shen Y (2014) PerContRep: a practical reputation system for pervasive content services. Supercomputing, Springer 70(3):1051–1074
Acknowledgments
This work is sponsored by the PhD grant (JY0300130104) of Chinese Educational Ministry, the initial grant of Chinese Educational Ministry for researchers from abroad (JY0600132901), the grant of Shaanxi Province for excellent researchers from abroad (680 F1303) and Aalto University.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Yan, Z., Li, X. & Kantola, R. Controlling Cloud Data Access Based on Reputation. Mobile Netw Appl 20, 828–839 (2015). https://doi.org/10.1007/s11036-015-0591-6
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11036-015-0591-6