A Scalable Attribute-Based Access Control Scheme with Flexible Delegation cum Sharing of Access Privileges for Cloud Storage

摘要

Nowadays cloud servers have become the primary choice to store and share data with multiple users across the globe. The major challenge in sharing data using cloud servers is to protect data against untrusted cloud service provider and illegitimate users. Attribute-Based Encryption (ABE) has emerged as a useful cryptographic technique to securely share data with legitimate recipients in fine-grained manner. Several solutions employing ABE have been proposed to securely share data using cloud servers. However, most of the solutions are data owner-centric and focus on providing data owner complete control on his outsourced data. The existing solutions in cloud computing fail to provide shared access privileges among users and to enable cloud users to delegate their access privileges in a flexible manner. In order to simultaneously achieve the notion of fine-grained access control, scalability and to provide cloud users shared access privileges and flexibility on delegation of their access privileges, we propose a scalable attribute-based access control scheme for cloud storage. The scheme extends the ciphertext policy attribute-based encryption to achieve flexible delegation of access privileges and shared access privileges along with scalability and fine-grained access control. The scheme achieves scalability by employing hierarchical structure of users. Furthermore, we formally prove the security of our proposed scheme based on security of the ciphertext-policy attribute-based encryption. We also implement the algorithm to show its scalability and efficiency.