Combining Data Owner-side And Cloud-side Access Control For Encrypted Cloud Storage

Combining Data Owner-side and Cloud-side Access Control for Encrypted Cloud Storage

Abstract:

Cloud storage has been in widespread use now days, which makes users burden of local data storage. Meanwhile, how to ensure the security and integrity of the outsourced data stored in a cloud storage server has also attracted enormous attention from researchers. People use support of the great power of cloud computing, but cannot fully trust the cloud providers to host privacy-sensitive data, due to the absence of user-to-cloud controllability. To ensure con?dentiality, data owners outsource encrypted data instead of plaintexts. To share the encrypted ?les with other users, Cipher text-Policy Attribute-based Encryption (CP-ABE) can be utilized to conduct ?ne-grained and owner-centric access control. Many previous schemes did not grant the cloud provider the capability to verify whether a downloader can decrypt. Therefore, these ?les should be available to everyone accessible to the cloud storage. A malicious attacker can download thousands of ?les to launch Economic Denial of Sustainability (EDoS) attacks, which will largely consume the cloud resource. In this project, we propose a solution to secure encrypted cloud storages from EDoS attacks and provide resource consumption accountability. It uses CP-ABE schemes in a black-box manner and complies with arbitrary access policy of CP-ABE. We present two protocols for different settings, followed by performance and security analysis.