The Research and Prospect of Secure Data Access Control in Cloud Storage Environment

  title={The Research and Prospect of Secure Data Access Control in Cloud Storage Environment},
  author={Tengfei Li and Liang Hu and Yan Li and Jian-feng Chu and Hongtu Li and Hongying Han},
  journal={J. Commun.},
—With the rapid development of cloud computing, users are becoming to move their data to the cloud server to avoid troublesome data management at local machines and enjoy convenient service, which might cause security and privacy protection issues of users’ data. To protect data security and user privacy, access control is an effective method. Generally, access control could be realized by cryptographic methods, with which users are able to access data in cloud only when they possess a certain… 

Figures and Tables from this paper

Attributes-based Encryption Scheme with Policy Revocation
Sensitive parts of personal health records (PHRs) are encrypted by ABE with the help of CP-ABE and an attributes-based policy revocation case is considered as well as user revocation and it needs to generate a new secret key.
A Policy Revocation Scheme for Attributes-based Encryption
In this paper, sensitive parts of personal health records (PHRs) are encrypted with the help of CP-ABE and policy revocation is considered to add in CP- ABE and generates a new secret key for authorized users.
A Hierarchical Access Control Encryption Scheme Based on Partially Ordered Set
A hierarchical access control encryption scheme (HACE), which, while maintaining the three properties of ACE, enjoys the newly defined No-Leaking Hierarchy Rule under CPA attack in the random oracle model.
A Model-Driven Framework for Ensuring Role Based Access Control in IoT Devices
Results prove, that the proposed Meta-Model is capable to be transformed into a reliable system that ensures RBAC in IoT devices.
SSL transmission delay optimization in multi-core processor based on network path delay prediction
A novel SSL transmission delay optimization algorithm based on network path delay prediction is introduced and a locally weighted linear regression prediction algorithms based on sliding window and singular spectrum analysis is proposed to better adapt to the characteristics of network time-delay sequence.


Ensure Data Security in Cloud Storage
In this paper, a framework to ensure data security in cloud storage system is presented, which uses SLA as the common standard between user and provider and discusses several technologies to make the data stored in cloud safe.
Ciphertext-Policy Attribute-Based Encryption
A system for realizing complex access control on encrypted data that is conceptually closer to traditional access control methods such as role-based access control (RBAC) and secure against collusion attacks is presented.
CP-ABE Based Access Control for Cloud Storage
This work extended CP-ABE to support XACML (eXtensible Access Control Markup Language) based policy transformation and to support logical NOT in policies through De Morgan’s Laws and applied it to a secure overlay cloud storage system called FADE to deploy access control for Amazon S3 cloud storage service.
Preserving confidentiality of security policies in data outsourcing
An approach to protect the privacy of the tokens published in the public catalog by combining cryptography and transitive closure information and is an efficient solution allowing token release and traversal of the key derivation structure only to those users authorized to access the underlying resources.
Over-encryption: Management of Access Control Evolution on Outsourced Data
A novel solution to the enforcement of access control and the management of its evolution is presented, based on the application of selective encryption as a means to enforce authorizations.
Security threats in cloud computing
  • F. Shaikh, S. Haider
  • Computer Science
    2011 International Conference for Internet Technology and Secured Transactions
  • 2011
This study aims to identify the most vulnerable security threats in cloud computing, which will enable both end users and vendors to know about the key security threats associated with cloud computing.
Attribute-based encryption for fine-grained access control of encrypted data
This work develops a new cryptosystem for fine-grained sharing of encrypted data that is compatible with Hierarchical Identity-Based Encryption (HIBE), and demonstrates the applicability of the construction to sharing of audit-log information and broadcast encryption.
A cryptographic solution to implement access control in a hierarchy and more
This work proposes a new solution that addresses the problem of access control in a hierarchy and is a scheme similar to the RSAcryptosystem and can be easily incorporated in existing systems.
Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization
  • Brent Waters
  • Computer Science, Mathematics
    Public Key Cryptography
  • 2011
We present a new methodology for realizing Ciphertext-Policy Attribute Encryption (CP-ABE) under concrete and noninteractive cryptographic assumptions in the standard model. Our solutions allow any
Identity-Based Cryptosystems and Signature Schemes
  • A. Shamir
  • Computer Science, Mathematics
  • 1984
A novel type of cryptographic scheme, which enables any pair of users to communicate securely and to verify each other’s signatures without exchanging private or public keys, without keeping key directories, and without using the services of a third party.