Elsevier

Computers & Security

Volume 42, May 2014, Pages 151-164
Computers & Security

Achieving an effective, scalable and privacy-preserving data sharing service in cloud computing

https://doi.org/10.1016/j.cose.2013.12.002Get rights and content

Abstract

Data sharing in the cloud, fueled by favorable trends in cloud technology, is emerging as a promising technique for allowing users to conveniently access data. However, the growing number of enterprises and customers who stores their data in cloud servers is increasingly challenging users' privacy and the security of data. This paper focuses on providing a dependable and secure cloud data sharing service that allows users dynamic access to their data. In order to achieve this, we propose an effective, scalable and flexible privacy-preserving data policy with semantic security, by utilizing ciphertext policy attribute-based encryption (CP-ABE) combined with identity-based encryption (IBE) techniques. In addition to ensuring robust data sharing security, our policy succeeds in preserving the privacy of cloud users and supports efficient and secure dynamic operations including, but not limited to, file creation, user revocation and modification of user attributes. Security analysis indicates that the proposed policy is secure under the generic bilinear group model in the random oracle model and enforces fine-grained access control, full collusion resistance and backward secrecy. Furthermore, performance analysis and experimental results show that the overheads are as light as possible.

Introduction

Cloud computing (Armbrust et al., 2009) is currently emerging as a technology in which cloud service providers (CSP) offer efficient data storage and computing facilities to a global client base. The only requirement for a user is a connected terminal. By employing a combination of virtualization techniques, service-oriented computing and other emerging technologies, cloud computing can be categorized into three types of “X as a service (XaaS)” pay-as-you-go services: the Platform as a Service (PaaS) model, e.g. Microsoft Azure (Mic), where users can deploy their own applications and tools to the cloud; Infrastructure as a Service (IaaS), e.g. Amazon EC2 (Ama), where users can utilize cloud services provided by the CSP to deploy arbitrary software; and Software as a Service (SaaS), e.g. Google App Engine (Goo), where users use applications provided by the CSP that run on the cloud infrastructure.

Storing data in the cloud offers users the convenience of access without requiring direct knowledge of the deployment and management of the hardware or infrastructure. Although cloud computing is much more powerful than personal computing, it brings new privacy and security challenges, as users relinquish control by outsourcing their data they no longer having physical possession of it. By having full access to cloud services, users' data are exposed to a variety of threats and malicious attacks and cases of security breaches occur frequently (Arrington, 2006). For example, some clouds may be unfaithful to data confidentiality for monetary reasons; confidential information may be disclosed to business competitors; or the CSP may conceal data loss to maintain their reputation (Shah et al., 2007). In summary, although cloud computing is economically attractive to consumers and enterprises by offering users large-scale data sharing, it does not guarantee users privacy and data security.

Data owners demand high levels of security and confidentiality when they outsource their data to a cloud; although they usually encrypt their data when storing it in a cloud server, they still want control over it, for example, if they frequently update it (Erway et al., 2009, Ateniese et al., 2008). Direct employment of traditional cryptographic primitives cannot achieve the data security required. Thus, a considerable amount of work has recently been directed towards ensuring the privacy and security of remotely stored shared data using a variety of systems and security models (Yu et al., 2010a, Wang et al., 2010). These have mainly focused on preserving users' privacy while realizing desired security goals, without introducing excessively high levels of complexity to the users at the decryption stage. To solve these issues, researchers have either utilized key-policy attribute-based encryption (KP-ABE) for secure access control or employed hierarchical identity-based encryption (HIBE) for data security. Yu et al. (2010a) were the first team to achieve secure data access control with provable security in cloud computing using KP-ABE. However, by revealing some of the users' attributes to cloud, these systems were unable to fully preserve users' privacy. Conversely, the HIBE-based scheme (Wang et al., 2010) utilizes hierarchical encryption to ensure data security in a cloud, but this introduces too many private keys for each user to be managed efficiently. In summary, these schemes either have privacy flaws or provide security at the expense of performance; therefore, the challenge of achieving the dual goals of privacy-preserving with effective cloud data sharing remains unresolved.

To realize an effective, scalable and privacy-preserving data sharing service in cloud computing, the following challenges need to be met: firstly, data owners should be able to assign other cloud users with different access privileges to their data; secondly, the cloud needs to be able to support dynamic requests so that data owners can add or revoke access privileges to other users allowing them to create or delete their data; thirdly, the users' privacy must be protected against the cloud so that they can conceal their private information while accessing the cloud; finally, users should be able to access shared data in the cloud through connected technologies with low computing ability, such as smartphones and tablets. To date, solving these important areas in cloud computing remains elusive.

In this paper, we propose an effective, scalable and flexible privacy-preserving data sharing scheme in the cloud, that ensures both semantic security and effective availability of user data. To preserve privacy and guarantee data confidentiality against the cloud, the scheme employs a cryptographic primitive, named cipher-text policy attribute-based encryption (CP-ABE) and combines it with an identity-based encryption (IBE) technique; each data file is described by a set of meaningful attributes, allowing each user to be assigned an access structure that defines the scope of data files they can have access to. To enforce these access structures, this scheme defines a public-private key pair for each attribute. For each user' secret key, it is a combination of user's ID (i.e., user's public key) and the attribute's secret key, thereby ensuring that each attribute presents a different key to each user. Data files are encrypted by public key components and access matrices converted from the access structure; user secret keys are defined to reflect their access privileges so that a user can only decrypt a ciphertext if they have the matched attributes to satisfy the ciphertext. To resolve the challenging issues of collusion resistance, our scheme provides users with a public key fitted to their secret keys; we use user's ID (public key) to “tie” together the attributes belonging to this user so that they cannot be successfully combined with another's user's attributes. To protect user privacy, our scheme does not need to update user secret key so that it prevents cloud access user access structure. To reduce the key management issue, the data owner simply assigns secret keys to users via the cloud.

Compared to previous schemes, our proposed scheme provides the benefits of security and efficiency: 1) the cloud can learn nothing about a user's privacy or access structure, as such the scheme is fully collusion resistant; 2) all extended operations, including user revocation, can only affect the current file or user without involving key updates. Therefore, the main contributions of this paper can be summarized as follows:

  • 1.

    Our scheme proposes effective, scalable encryption for a cloud data sharing service that simultaneously achieves full privacy-preserving, collusion resistance and data confidentiality.

  • 2.

    We prove that the proposed scheme provides semantic security for data sharing in cloud computing through the random oracle under the generic bilinear group model (Boneh et al., 2005). Furthermore, our scheme simultaneously enforces fine-grandness, backward secrecy and access privilege confidentiality.

  • 3.

    The performance analysis indicates that our scheme only incurs a small overhead compared to existing schemes; meanwhile, the experimental results demonstrate that the overheads are as light as possible.

The remainder of this paper is organized as follows: Section 2 discusses related works; Section 3 introduces the system model, adversary model, security requirements and our design goal; Section 4 provides the details of our scheme; Section 5 shows how our scheme can support file creation/deletion, user addition/revocation and modification of user attributes; Sections 6 Security analysis, 7 Performance analysis analyze the security and performance of our scheme, respectively; finally, Section 8 provides the concluding remarks of the paper.

Section snippets

Related work

The concept of identity-based encryption (IBE) was proposed by Shamir (1985); however, a full IBE scheme was not developed until 2001 (Boneh and Franklin, 2001, Cocks, 2001). IBE is a public-key cryptosystem (PKC) in which the public key assigned to each unique user is an arbitrary string similar to a user ID or email address; and a trusted third party, called the private key generator (PKG), calculates the corresponding private key. Compared to a traditional PKC, the IBE scheme eliminates the

System model

Our system model, as shown in Fig. 1, necessitates four parties in a network: The data owner; who has data stored in the cloud and depends on the cloud for data maintenance. Data owner can be enterprises or individual customers. The data consumer; who accesses the data shared by the data owner, downloads data of interest and decrypts it using his secret keys (for brevity, data consumers are referred to as users in this paper). The cloud server (CS); provides a high-quality service utilizing a

The proposed scheme

In order to improve privacy and security for data sharing in cloud computing, we propose a scheme that combines CP-ABE (Bethencourt et al., 2007) and IBE (Shamir, 1985). Based on ABE, we choose two random exponents for every attribute, while the proposed scheme introduces a hash function that maps user IDs to group elements in the algorithm of key generation and decryption. Table 1 shows the symbols used in our scheme.

Dynamic operations

Our scheme is appropriate for some static application scenarios like libraries. However, there are many cloud data sharing scenarios where the cloud data is dynamically changing. Since the data owner stores the data into cloud server, rather than physically possing it, the dynamic data and user operations are quite challenging. The secret keys should not be known by the cloud server while processing the dynamics request. The dynamic operations such as file creation/deletion and user addition

Security analysis

We analyze the proposed scheme in term of security. The security analysis focuses on the security requirements defined in Section 3. In our scheme, we assign flexible and different access privileges for each user to achieve fine-grained access control. Meanwhile, our scheme achieves fully collusion secure which is important when several users collude and share their secret keys to access the unauthorized data. Our scheme can also achieve user access privilege confidentiality. In this section,

Performance analysis

In this section, the performance of our scheme is analyzed by comparing with other data sharing schemes that rely on KP-ABE like Yu et al. (2010a). We first evaluate the computation and communication overhead, and then give the detailed about the ciphertext size in the proposed scheme.

Conclusion

In this paper, we present a privacy-preserving and secure data sharing scheme in cloud computing by exploiting CP-ABE and combining it with technique of IBE. The proposed scheme ensures fine-grained data access control, backward secrecy and security against collusion of users with the cloud and supports user addition, revocation and attribute modifications which are not provided by current works. Moreover, our scheme does not disclose any attribute of users to the cloud so that keeps the

Acknowledgments

This work was supported in part by the National Basic Research Program of China under Grants 2012CB316100, 2013CB338004, and the Research Fund for the Doctoral Program of Higher Education of China (NO. 20100073110016 and NO. 20120073120034).

Xin Dong is a Ph.D. candidate in Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai, China. His research interests include networking, information security and privacy, mobile computing and cloud computing. He received his Bachelor degree in computer science and engineering from South China University of Technology (SCUT), Guangzhou, China, in 2010.

References (33)

  • Amazon web services. Retrieved online from,...
  • M. Armbrust et al.

    Above the clouds: a berkeley view of cloud computing

    (2009)
  • M. Arrington

    Gmail disaster: reports of mass email deletions

    (2006)
  • G. Ateniese et al.

    Scalable and efficient provable data possession

  • A. Beimel

    Secure schemes for secret sharing and key distribution

    (1996)
  • J. Bethencourt et al.

    Ciphertext-policy attribute-based encryption

  • D. Boneh et al.

    Identity-based encryption from the weil pairing

  • D. Boneh et al.

    Hierarchical identity based encryption with constant size ciphertext

  • M. Chase

    Multi-authority attribute based encryption

  • M. Chase et al.

    Improving privacy and security in multi-authority attribute-based encryption

  • C. Cocks

    An identity based encryption scheme based on quadratic residues

  • S. De Capitani di Vimercati et al.

    Over-encryption: management of access control evolution on outsourced data

  • S. De Capitani di Vimercati et al.

    Encryption policies for regulating access to outsourced data

    ACM Trans Database Syst (TODS)

    (2010)
  • C. Erway et al.

    Dynamic provable data possession

  • Google app engine. Retrieved online from,...
  • V. Goyal et al.

    Attribute-based encryption for fine-grained access control of encrypted data

  • Cited by (91)

    View all citing articles on Scopus

    Xin Dong is a Ph.D. candidate in Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai, China. His research interests include networking, information security and privacy, mobile computing and cloud computing. He received his Bachelor degree in computer science and engineering from South China University of Technology (SCUT), Guangzhou, China, in 2010.

    Jiadi Yu is an assistant professor in Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai, China. He obtained the PhD degree in Computer Science from Shanghai Jiao Tong University, Shanghai, China, in 2007 and the MS degree in computer science from Xi'an Technological University, Xi'an, China, in 2003. In the past, he has worked as a postdoc at Stevens Institute of Technology, USA, from 2009 to 2011. His research interests include networking, mobile computing, cloud computing and wireless sensor networks.

    Yuan Luo received the B.S., M.S., and Ph.D. degrees in applied mathematics from Nankai University, Tianjin, China, in 1993, 1996, and 1999, respectively. From July 1999 to April 2001, he held a postdoctoral position at the Institute of Systems Science, Chinese Academy of Sciences, Beijing, China. From May 2001 to April 2003, he held a postdoctoral position at the Institute for Experimental Mathematics, University of Duisburg-Essen, Essen, Germany. Since June 2003, he has been with the Computer Science and Engineering Department, Shanghai Jiao Tong University, Shanghai, China. His current research interests include coding theory and information theory.

    Yingying Chen received the PhD degree in computer science from Rutgers University. She is working as an assistant professor in the Department of Electrical and Computer Engineering at Stevens Institute of Technology. Her research interests include cyber security and privacy, wireless embedded systems, wireless and sensor networks, mobile social networks, and pervasive computing. She was the recipient of the US National Science Foundation CAREER award in 2010. She was the recipient of the Google Research Award in 2010 and the Best Paper Award from the ACM International Conference on Mobile Computing and Networking (MobiCom) in 2011.

    Guangtao Xue received his Ph.D. in Computer Science from Shanghai Jiao Tong University in 2004. He is an associate professor in the Department of Computer Science and Engineering at the Shanghai Jiao Tong University. His research interests include mobile networks, social networks, sensor networks, vehicular networks and distributed computing. He is a member of the IEEE Computer Society and the Communication Society.

    Minglu Li received his PHD in Computer Software from Shanghai Jiao Tong University in 1996. He is a Full Professor at the Department of Computer Science and Engineering of Shanghai Jiao Tong University. Currently, his research interests include grid computing, services computing, and cloud computing. He has published over 100 papers in important academic journals and international conferences.

    View full text