Skip to main content
SpringerLink
Log in

SAPDS: self-healing attribute-based privacy aware data sharing in cloud

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

This paper addresses the issue of data governance in a cloud-based storage system. To achieve fine-grained access control over the outsourced data, we propose Self-Healing Attribute-based Privacy Aware Data Sharing in Cloud (SAPDS). The proposed system delegates the key distribution and management process to a cloud server without seeping out any confidential information. It facilitates data owner to restrain access of the user with whom data has been shared. User revocation is achieved by merely changing one attribute associated with the decryption policy, instead of modifying the entire access control policy. It enables authorized users to update their decryption keys followed by each user revocation, making it self-healing, without ever interacting with the data owner. Computation analysis of the proposed system shows that data owner can revoke n′ users with the complexity of O(n′). Besides this, legitimate users can update their decryption keys with the complexity of O(1).

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Armbrust M et al (2010) A view of cloud computing. Commun ACM 53:50–58

    Article  Google Scholar 

  2. Kondo D, Javadi B, Malecot P, Cappello F, Anderson DP (2009) Cost-benefit analysis of cloud computing versus desktop grids. In: Proceedings of the 2009 IEEE international symposium on parallel&distributed processing. IEEE Computer Society, Washington, DC, pp 1–12

    Chapter  Google Scholar 

  3. Assunção MD, Costanzo A, Buyya R (2010) A cost-benefit analysis of using cloud computing to extend the capacity of clusters. Clust Comput 13:335–347

    Article  Google Scholar 

  4. Amazon Web Services LLC, Amazon Simple Storage Service (2009). http://aws.amazon.com/s3/

  5. Amazon Web Services LLC, Amazon Elastic Compute Cloud (2009). http://aws.amazon.com/ec2/

  6. Wood T, Gerber A, Ramakrishnan KK, Shenoy P, Van der Merwe J (2009) The case for enterprise-ready virtual private clouds. In: Proceedings of the 2009 conference on Hot topics in cloud computing, Berkeley, CA, USA, HotCloud’09, USENIX Association, p 4

  7. Head MR, Sailer A, Shaikh H, Shea DG (2010) Towards self-assisted troubleshooting for the deployment of private clouds. In: Proceedings of the 2010 IEEE 3rd international conference on cloud computing, CLOUD ’10. IEEE Computer Society, Washington, DC, pp 156–163

    Chapter  Google Scholar 

  8. Gartner Rating 2011. http://www.gartner.com/it/page.jsp?id=1454221

  9. Naghshineh M et al (2009) Ibm research division cloud computing initiative. IBM J Res Dev 53:499–508

    Article  Google Scholar 

  10. Pearson S (2009) Taking account of privacy when designing cloud computing services. In: Proceedings of the 2009 ICSE workshop on software engineering challenges of cloud computing, CLOUD ’09. IEEE Computer Society, Washington, DC, pp 44–52

    Chapter  Google Scholar 

  11. Jaeger T, Schiffman J (2010) Outlook: Cloudy with a chance of security challenges and improvements. IEEE Secur Priv 8:77–80

    Google Scholar 

  12. Ristenpart T, Tromer E, Shacham H, Savage S (2009) Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: Proceedings of the 16th ACM conference on computer and communications security, CCS ’09. ACM, New York, pp 199–212

    Chapter  Google Scholar 

  13. Michael B (2009) In clouds shall we trust? IEEE Secur Priv 7:3

    Article  Google Scholar 

  14. Kaufman LM (2009) Data security in the world of cloud computing. IEEE Secur Priv 7:61–64

    Article  Google Scholar 

  15. Pearson S, Charlesworth A (2009) Accountability as a way forward for privacy protection in the cloud. In: Proceedings of the 1st international conference on cloud computing, CloudCom ’09. Springer, Berlin, pp 131–144

    Google Scholar 

  16. U.S. Department of Health and Human Services, http://www.hhs.gov/ocr/privacy/ (2003) Protecting Personal Health Information in Research: Understanding the HIPAA Privacy Rule

  17. Yekhanin S (2010) Private information retrieval. Commun ACM 53:68–73

    Article  Google Scholar 

  18. Goh E-J, Shacham H, Modadugu N, Boneh D (2006) Sirius: Securing remote untrusted storage. In: Proceedings of the fifth workshop on the economics of information security (WEIS 2006)

    Google Scholar 

  19. Geron E, Wool A (2009) Crust: cryptographic remote untrusted storage without public keys. Int J Inf Secur 8:357–377

    Article  Google Scholar 

  20. Fu K, Kamara S, Kohno T (2006) Key regression: Enabling efficient key distribution for secure distributed storage. In: Proc. network and distributed systems security symposium (NDSS)

    Google Scholar 

  21. Backes M, Oprea A (2005) Lazy revocation in cryptographic file systems. In: Proceedings of the third IEEE international security in storage workshop. IEEE Computer Society, Washington, DC, pp 1–11

    Chapter  Google Scholar 

  22. Benaloh J, Chase M, Horvitz E, Lauter K (2009) Patient controlled encryption: ensuring privacy of electronic medical records. In: Proceedings of the 2009 ACM workshop on cloud computing security, CCSW ’09. ACM, New York, pp 103–114

    Chapter  Google Scholar 

  23. Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: Proceedings of the 2007 IEEE symposium on security and privacy, SP ’07. IEEE Computer Society, Washington, DC, pp 321–334

    Google Scholar 

  24. Ateniese G, Fu K, Green M, Hohenberger S (2006) Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans Inf Syst Secur 9:1–30

    Article  Google Scholar 

  25. Yu S, Wang C, Ren K, Lou W (2010) Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proceedings of the 29th conference on information communications, INFOCOM’10. IEEE Press, Piscataway, pp 534–542

    Google Scholar 

  26. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on computer and communications security, CCS ’06. ACM, New York, pp 89–98

    Chapter  Google Scholar 

  27. Kallahalla M, Riedel E, Swaminathan R, Wang Q, Fu K (2003) Plutus: Scalable secure file sharing on untrusted storage. In: Proceedings of the 2nd USENIX conference on file and storage technologies. USENIX Association, Berkeley, pp 29–42

    Google Scholar 

  28. di Vimercati SDC, Foresti S, Jajodia S, Paraboschi S, Samarati P (2007) Over-encryption: management of access control evolution on outsourced data. In: Proceedings of the 33rd international conference on very large data bases, VLDB Endowment, VLDB ’07, pp. 123–134

  29. Yu S, Wang C, Ren K, Lou W (2010) Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM symposium on information, computer and communications security, ASIACCS ’10. ACM, New York, pp 261–270

    Chapter  Google Scholar 

  30. Brickell E, Li J (2007) Enhanced privacy id: a direct anonymous attestation scheme with enhanced revocation capabilities. In: Proceedings of the 2007 ACM workshop on privacy in electronic society, WPES ’07. ACM, New York, pp 21–30

    Chapter  Google Scholar 

  31. Jingmin He MW (2001) Cryptography and relational database management systems. In: Proceedings of the 2001 international symposium on database engineering & applications. IEEE Computer Society, Washington, DC, pp 273–284

    Google Scholar 

  32. Bethencourt J, Waters B, Sahai A Ciphertext-policy attribute-based encryption. http://acsc.cs.utexas.edu/cpabe/, accessed on Dec 10, 2010

  33. Menezes AJ, Oorschot PCV, Vanstone SA, Rivest RL (1997) Handbook of applied cryptography

    MATH  Google Scholar 

  34. Google App Engine—Run your web applications on Google’s infrastructure. http://code.google.com/appengine/

  35. Adams C, Farrell S (1999) Internet x.509 public key infrastructure certificate management protocols

  36. Shamir A (1979) How to share a secret. Commun ACM 22:612–613

    Article  MathSciNet  MATH  Google Scholar 

  37. Interpolating Polynomial The Wolfram Demonstrations Project. http://demonstrations.wolfram.com/InterpolatingPolynomial/

  38. Guo H, Viktor H, Paquet E (2011) Privacy disclosure and preservation in learning with multi-relational databases. J Comput Sci Eng 5(3):183–196

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Ubiquitous Computing Lab, Department of Computer Engineering, Kyung Hee University, Seocheon-dong, Giheung-gu, Yongin-si, Gyeonggi-do, 446-701, Republic of Korea

    Zeeshan Pervez, Asad Masood Khattak, Sungyoung Lee & Young-Koo Lee

Authors
  1. Zeeshan Pervez
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Asad Masood Khattak
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sungyoung Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Young-Koo Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sungyoung Lee.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Pervez, Z., Khattak, A.M., Lee, S. et al. SAPDS: self-healing attribute-based privacy aware data sharing in cloud. J Supercomput 62, 431–460 (2012). https://doi.org/10.1007/s11227-011-0727-9

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-011-0727-9

Keywords

Search

Navigation