By Topic

Privacy preserving delegated access control in the storage as a service model

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Mohamed Nabeel ; Dept. of Comput. Sci., Purdue Univ., West Lafayette, IN, USA ; Bertino, E.

Current approaches for enforcing fine-grained access control and confidentiality to sensitive data hosted in the cloud are based on selectively encrypting the data before uploading it to the cloud. In such an approach, organizations have to enforce authorization policies through encryption. They thus incur high communication and computation cost to manage keys and encryptions whenever user credentials or organizational authorization policies change. Ideally, organizations should use encryption only in order to hide the data from the cloud, whereas the cloud should be in charge of enforcing authorization policies on the hidden data in order to minimize the overhead at organizations. In this paper, we propose a novel approach for delegating privacy-preserving fine-grained access enforcement to the cloud. Our approach is based on a recent key management scheme that allows users whose attributes satisfy a certain policy to derive the data encryption keys only for the content they are allowed to access from the cloud. Our approach preserves the confidentiality of the data and the user privacy from the cloud, while delegating most of the access control enforcement to the cloud. Further, in order to reduce the cost of re-encryption required whenever the access control policies changes, our approach uses incremental encryption techniques.

Published in:

Information Reuse and Integration (IRI), 2012 IEEE 13th International Conference on

Date of Conference:

8-10 Aug. 2012