Robert H. Deng
ABSTRACT
Traditionally, access controls to data are enforced by employing trusted servers to store data and mediate access control. However, services are increasingly storing data across many servers shared with other data owners. An example of this is cloud computing which has the great potential of providing various services to the society at significantly reduced cost due to aggregated management of elastic resources. Since software systems are not guaranteed to be bug-free and hardware platforms are not under direct control of data owners in such distributed systems, security risks are abundant. To mitigate users' privacy concern about their data, a common solution is to outsource data in encrypted form so that it will remain private even if data servers are not trusted or compromised. The encrypted data, however, must be amenable to sharing and access control. In this keynote, I will discuss various security issues related to outsourced data storage and provide an overview of emerging solutions for realizing secure access to encrypted data in untrusted servers.
- V. Goyal, O. Pandey, A. Sahai, and B. Waters. Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of ACM Conference on Computer and Communications Security, pages 89--98, 2006. Google Scholar
Digital Library
- J. Katz, A. Sahai, and B. Waters. Predicate encryption supporting disjunctions, polynomial equations, and inner products. In Proceedings of EUROCRYPT, pages 146--162, 2008. Google ScholarDigital Library
- J. Lai, R. H. Deng, and Y. Li. Fully secure cipertext-policy hiding CP-ABE. In Proceedings of ISPEC, pages 24--39, 2011. Google ScholarDigital Library
- A. B. Lewko, T. Okamoto, A. Sahai, K. Takashima, and B. Waters. Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In Proceedings of EUROCRYPT, pages 62--91, 2010. Google ScholarDigital Library
- J. Li, K. Ren, B. Zhu, and Z. Wan. Privacy-aware attribute based encryption with user accountability. In Proceedings of ISC, pages 347--362, 2009. Google ScholarDigital Library
- T. Nishide, K. Yoneyama, and K. Ohta. Attribute-based encryption with partially hidden encryptor-specifed access structures. In Proceedings of ACNS, pages 111--129, 2008. Google ScholarDigital Library
- M. Green, S. Hohenberger, B. Waters. Outsourcing the decryption of ABE ciphertexts. In Proceedings of USENIX Security Symposium, pages 523--538, 2011. Google ScholarDigital Library
- J. Lai, R. H. Deng and Y. Li, Expressive CP-ABE with partially hidden access structures. In Proceedings of AsiaCCS, 2012. Google ScholarDigital Library
Index Terms
- Secure access to outsourced data
Recommendations
Secure and efficient access to outsourced data
CCSW '09: Proceedings of the 2009 ACM workshop on Cloud computing securityProviding secure and efficient access to large scale outsourced data is an important component of cloud computing. In this paper, we propose a mechanism to solve this problem in owner-write-users-read applications. We propose to encrypt every data block ...
CCA-secure ABE with outsourced decryption for fog computing
Fog computing is not a replacement but an extension of cloud computing for the prevalence of the Internet of Things (IoT) applications. In particular, fog computing inserts a middle layer named fog into the infrastructure of cloud computing to obtain ...
One enhanced secure access scheme for outsourced data
AbstractThe popularity of apps makes smart phones rapidly become the most widespread form of communication. Due to the impact of resource constraints in mobile phones, users prefer to outsource data from the local device to the cloud. Access ...
Comments