Enforcing dynamic write privileges in data outsourcing

摘要

Users and companies are more and more resorting to external providers for storing their data and making them available to others. Since data sharing is typically selective (i.e., accesses to certain data should be allowed only to authorized users), there is the problem of enforcing authorizations on the outsourced data. Recently proposed approaches based on selective encryption provide convenient enforcement of read privileges, but are not directly applicable for supporting write privileges. In this paper, we extend selective encryption approaches to the support of write privileges. Our proposal enriches the approach based on key derivation of existing solutions and complements it with a hash-based approach for supporting write privileges. Enforcement of write privileges and of possible policy updates relies on the-controlled -cooperation of the external provider. Our solution also allows the data owner and the users to verify the integrity of the outsourced data.