Cloud Computing, Security, Privacy in New Computing Environments. 7th International Conference, CloudComp 2016, and First International Conference, SPNCE 2016, Guangzhou, China, November 25–26, and December 15–16, 2016, Proceedings

Research Article

Data Sharing with Fine-Grained Access Control for Multi-tenancy Cloud Storage System

  • @INPROCEEDINGS{10.1007/978-3-319-69605-8_12,
        author={Zhen Li and Minghao Zhao and Han Jiang and Qiuliang Xu},
        title={Data Sharing with Fine-Grained Access Control for Multi-tenancy Cloud Storage System},
        proceedings={Cloud Computing, Security, Privacy in New Computing Environments. 7th International Conference, CloudComp 2016, and First International Conference, SPNCE 2016, Guangzhou, China, November 25--26, and December 15--16, 2016, Proceedings},
        proceedings_a={CLOUDCOMP},
        year={2017},
        month={11},
        keywords={Cloud security Data sharing Fine-gained access control Data reliability and privacy},
        doi={10.1007/978-3-319-69605-8_12}
    }
    
  • Zhen Li
    Minghao Zhao
    Han Jiang
    Qiuliang Xu
    Year: 2017
    Data Sharing with Fine-Grained Access Control for Multi-tenancy Cloud Storage System
    CLOUDCOMP
    Springer
    DOI: 10.1007/978-3-319-69605-8_12
Zhen Li,*, Minghao Zhao1,*, Han Jiang1,*, Qiuliang Xu1,*
  • 1: Shandong University
*Contact email: sdufelizhen@126.com, zhaominghao@hrbeu.edu.cn, jianghan@sdu.edu.cn, xql@sdu.edu.cn

Abstract

Data sharing is one of the most significant applications of cloud computing. For security and privacy concerns, clients generally encrypt their data before upload them to the cloud. The existing data sharing schemes either entirely rely on the cloud to enforce access control or inevitably involve a trusted third party (TTP) to perform secret key distribution. This thesis proposes a secure data sharing scheme without TTP involved. Our scheme allows users to classify their data and achieves a fine-gained access authorization. The key-distribution is integrated with the user authorization and data sharing procedure. In terms of security, except for semi-honest cloud service provider and external adversary, we also take internal adversary into consideration and analysis security in this strong model.