SAPDS: self-healing attribute-based privacy aware data sharing in cloud

Zeeshan Pervez, Asad Masood Khattak, Sungyoung Lee, Young-Koo Lee

Research output: Contribution to journalArticle

Abstract

This paper addresses the issue of data governance in a cloud-based storage system. To achieve fine-grained access control over the outsourced data, we propose Self-Healing Attribute-based Privacy Aware Data Sharing in Cloud (SAPDS). The proposed system delegates the key distribution and management process to a cloud server without seeping out any confidential information. It facilitates data owner to restrain access of the user with whom data has been shared. User revocation is achieved by merely changing one attribute associated with the decryption policy, instead of modifying the entire access control policy. It enables authorized users to update their decryption keys followed by each user revocation, making it self-healing, without ever interacting with the data owner. Computation analysis of the proposed system shows that data owner can revoke n′ users with the complexity of O(n′). Besides this, legitimate users can update their decryption keys with the complexity of O(1).
Original languageUndefined/Unknown
Pages (from-to)431-460
Number of pages30
JournalThe Journal of Supercomputing
Volume62
Issue number1
Publication statusPublished - 2012

Keywords

  • Cloud storage
  • Data privacy
  • Remote storage

Cite this

Pervez, Zeeshan ; Khattak, Asad Masood ; Lee, Sungyoung ; Lee, Young-Koo. / SAPDS: self-healing attribute-based privacy aware data sharing in cloud. In: The Journal of Supercomputing. 2012 ; Vol. 62, No. 1. pp. 431-460.
@article{bd344c81f5dc4c978f52f1b62141aca0,
title = "SAPDS: self-healing attribute-based privacy aware data sharing in cloud",
abstract = "This paper addresses the issue of data governance in a cloud-based storage system. To achieve fine-grained access control over the outsourced data, we propose Self-Healing Attribute-based Privacy Aware Data Sharing in Cloud (SAPDS). The proposed system delegates the key distribution and management process to a cloud server without seeping out any confidential information. It facilitates data owner to restrain access of the user with whom data has been shared. User revocation is achieved by merely changing one attribute associated with the decryption policy, instead of modifying the entire access control policy. It enables authorized users to update their decryption keys followed by each user revocation, making it self-healing, without ever interacting with the data owner. Computation analysis of the proposed system shows that data owner can revoke n′ users with the complexity of O(n′). Besides this, legitimate users can update their decryption keys with the complexity of O(1).",
keywords = "Cloud storage, Data privacy, Remote storage",
author = "Zeeshan Pervez and Khattak, {Asad Masood} and Sungyoung Lee and Young-Koo Lee",
year = "2012",
language = "Undefined/Unknown",
volume = "62",
pages = "431--460",
journal = "The Journal of Supercomputing",
issn = "0920-8542",
publisher = "Springer International Publishing AG",
number = "1",

}

SAPDS: self-healing attribute-based privacy aware data sharing in cloud. / Pervez, Zeeshan; Khattak, Asad Masood; Lee, Sungyoung; Lee, Young-Koo.

In: The Journal of Supercomputing, Vol. 62, No. 1, 2012, p. 431-460.

Research output: Contribution to journalArticle

TY - JOUR

T1 - SAPDS: self-healing attribute-based privacy aware data sharing in cloud

AU - Pervez, Zeeshan

AU - Khattak, Asad Masood

AU - Lee, Sungyoung

AU - Lee, Young-Koo

PY - 2012

Y1 - 2012

N2 - This paper addresses the issue of data governance in a cloud-based storage system. To achieve fine-grained access control over the outsourced data, we propose Self-Healing Attribute-based Privacy Aware Data Sharing in Cloud (SAPDS). The proposed system delegates the key distribution and management process to a cloud server without seeping out any confidential information. It facilitates data owner to restrain access of the user with whom data has been shared. User revocation is achieved by merely changing one attribute associated with the decryption policy, instead of modifying the entire access control policy. It enables authorized users to update their decryption keys followed by each user revocation, making it self-healing, without ever interacting with the data owner. Computation analysis of the proposed system shows that data owner can revoke n′ users with the complexity of O(n′). Besides this, legitimate users can update their decryption keys with the complexity of O(1).

AB - This paper addresses the issue of data governance in a cloud-based storage system. To achieve fine-grained access control over the outsourced data, we propose Self-Healing Attribute-based Privacy Aware Data Sharing in Cloud (SAPDS). The proposed system delegates the key distribution and management process to a cloud server without seeping out any confidential information. It facilitates data owner to restrain access of the user with whom data has been shared. User revocation is achieved by merely changing one attribute associated with the decryption policy, instead of modifying the entire access control policy. It enables authorized users to update their decryption keys followed by each user revocation, making it self-healing, without ever interacting with the data owner. Computation analysis of the proposed system shows that data owner can revoke n′ users with the complexity of O(n′). Besides this, legitimate users can update their decryption keys with the complexity of O(1).

KW - Cloud storage

KW - Data privacy

KW - Remote storage

M3 - Article

VL - 62

SP - 431

EP - 460

JO - The Journal of Supercomputing

JF - The Journal of Supercomputing

SN - 0920-8542

IS - 1

ER -