Abstract
Cloud-based data storage service has drawn increasing interests from both academic and industry in the recent years due to its efficient and low cost management. Since it provides services in an open network, it is urgent for service providers to make use of secure data storage and sharing mechanism to ensure data confidentiality and service user privacy. To protect sensitive data from being compromised, the most widely used method is encryption. However, simply encrypting data (e.g., via AES) cannot fully address the practical need of data management. Besides, an effective access control over download request also needs to be considered so that Economic Denial of Sustainability (EDoS) attacks cannot be launched to hinder users from enjoying service. In this article, we consider the dual access control, in the context of cloud-based storage, in the sense that we design a control mechanism over both data access and download request without loss of security and efficiency. Two dual access control systems are designed in this article, where each of them is for a distinct designed setting. The security and experimental analysis for the systems are also presented.
Original language | English |
---|---|
Pages (from-to) | 1036-1048 |
Number of pages | 13 |
Journal | IEEE Transactions on Dependable and Secure Computing |
Volume | 19 |
Issue number | 2 |
DOIs | |
Publication status | Published - 2022 |
Bibliographical note
Green Open Access added to TU Delft Institutional Repository 'You share, we take care!' - Taverne project https://www.openaccess.nl/en/you-share-we-take-careOtherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.
Keywords
- access control
- attribute-based encryption
- cloud storage service
- Cloud-based data sharing
- Intel SGX