The Experts below are selected from a list of 3996 Experts worldwide ranked by ideXlab platform
Robert H. Deng - One of the best experts on this subject based on the ideXlab platform.
-
Secure Fine-Grained Access Control and Data Sharing for Dynamic Groups in the Cloud
IEEE Transactions on Information Forensics and Security, 2018Co-Authors: Shengmin Xu, Guomin Yang, Yi Mu, Robert H. DengAbstract:Cloud computing is an emerging computing paradigm that enables users to store their data in a cloud server to enjoy scalable and on-demand services. Nevertheless, it also brings many security issues, since cloud service providers (CSPs) are not in the same Trusted Domain as users. To protect data privacy against unTrusted CSPs, existing solutions apply cryptographic methods (e.g., encryption mechanisms) and provide decryption keys only to authorized users. However, sharing cloud data among authorized users at a fine-grained level is still a challenging issue, especially when dealing with dynamic user groups. In this paper, we propose a secure and efficient fine-grained access control and data sharing scheme for dynamic user groups by: 1) defining and enforcing access policies based on the attributes of the data; 2) permitting the key generation center to efficiently update user credentials for dynamic user groups; and 3) allowing some expensive computation tasks to be performed by unTrusted CSPs without requiring any delegation key. Specifically, we first design an efficient revocable attribute-based encryption (ABE) scheme with the property of ciphertext delegation by exploiting and uniquely combining techniques of identity-based encryption, ABE, subset-cover framework, and ciphertext encoding mechanism. We then present a fine-grained access control and data sharing system for on-demand services with dynamic user groups in the cloud. The experimental data show that our proposed scheme is more efficient and scalable than the state-of-the-art solution.
Yazhe Wang - One of the best experts on this subject based on the ideXlab platform.
-
self adaptive access control model based on feedback loop
International Conference on Cloud Computing, 2013Co-Authors: Yazhe WangAbstract:Users can utilize powerful computing resources in cloud computing, which brings users great convenience. However, cloud computing is also facing many challenges for data security as the users outsource their sensitive data to clouds, which are generally beyond the same Trusted Domain as data owners. To address this problem, access control, which grants access permissions to an authorized user, is considered as one of critical security mechanisms for data protection in cloud computing environment. However, due to the unpredictability of user identities and access behavior, access control in cloud computing has become a key security problem. In this paper, we propose a self-adaptive access control model based on feedback loop. The feedback loop includes monitor, analyze, plan, execute parts and knowledge base, and the knowledge base is used to make decisions on access requests. We also propose an algorithm of access attributes' relation degree for knowledge base. The self-adaptive access control model based on feedback loop we proposed can be applied to cloud computing environment.
Shengmin Xu - One of the best experts on this subject based on the ideXlab platform.
-
Secure Fine-Grained Access Control and Data Sharing for Dynamic Groups in the Cloud
IEEE Transactions on Information Forensics and Security, 2018Co-Authors: Shengmin Xu, Guomin Yang, Yi Mu, Robert H. DengAbstract:Cloud computing is an emerging computing paradigm that enables users to store their data in a cloud server to enjoy scalable and on-demand services. Nevertheless, it also brings many security issues, since cloud service providers (CSPs) are not in the same Trusted Domain as users. To protect data privacy against unTrusted CSPs, existing solutions apply cryptographic methods (e.g., encryption mechanisms) and provide decryption keys only to authorized users. However, sharing cloud data among authorized users at a fine-grained level is still a challenging issue, especially when dealing with dynamic user groups. In this paper, we propose a secure and efficient fine-grained access control and data sharing scheme for dynamic user groups by: 1) defining and enforcing access policies based on the attributes of the data; 2) permitting the key generation center to efficiently update user credentials for dynamic user groups; and 3) allowing some expensive computation tasks to be performed by unTrusted CSPs without requiring any delegation key. Specifically, we first design an efficient revocable attribute-based encryption (ABE) scheme with the property of ciphertext delegation by exploiting and uniquely combining techniques of identity-based encryption, ABE, subset-cover framework, and ciphertext encoding mechanism. We then present a fine-grained access control and data sharing system for on-demand services with dynamic user groups in the cloud. The experimental data show that our proposed scheme is more efficient and scalable than the state-of-the-art solution.
Yi Mu - One of the best experts on this subject based on the ideXlab platform.
-
Secure Fine-Grained Access Control and Data Sharing for Dynamic Groups in the Cloud
IEEE Transactions on Information Forensics and Security, 2018Co-Authors: Shengmin Xu, Guomin Yang, Yi Mu, Robert H. DengAbstract:Cloud computing is an emerging computing paradigm that enables users to store their data in a cloud server to enjoy scalable and on-demand services. Nevertheless, it also brings many security issues, since cloud service providers (CSPs) are not in the same Trusted Domain as users. To protect data privacy against unTrusted CSPs, existing solutions apply cryptographic methods (e.g., encryption mechanisms) and provide decryption keys only to authorized users. However, sharing cloud data among authorized users at a fine-grained level is still a challenging issue, especially when dealing with dynamic user groups. In this paper, we propose a secure and efficient fine-grained access control and data sharing scheme for dynamic user groups by: 1) defining and enforcing access policies based on the attributes of the data; 2) permitting the key generation center to efficiently update user credentials for dynamic user groups; and 3) allowing some expensive computation tasks to be performed by unTrusted CSPs without requiring any delegation key. Specifically, we first design an efficient revocable attribute-based encryption (ABE) scheme with the property of ciphertext delegation by exploiting and uniquely combining techniques of identity-based encryption, ABE, subset-cover framework, and ciphertext encoding mechanism. We then present a fine-grained access control and data sharing system for on-demand services with dynamic user groups in the cloud. The experimental data show that our proposed scheme is more efficient and scalable than the state-of-the-art solution.
Guomin Yang - One of the best experts on this subject based on the ideXlab platform.
-
Secure Fine-Grained Access Control and Data Sharing for Dynamic Groups in the Cloud
IEEE Transactions on Information Forensics and Security, 2018Co-Authors: Shengmin Xu, Guomin Yang, Yi Mu, Robert H. DengAbstract:Cloud computing is an emerging computing paradigm that enables users to store their data in a cloud server to enjoy scalable and on-demand services. Nevertheless, it also brings many security issues, since cloud service providers (CSPs) are not in the same Trusted Domain as users. To protect data privacy against unTrusted CSPs, existing solutions apply cryptographic methods (e.g., encryption mechanisms) and provide decryption keys only to authorized users. However, sharing cloud data among authorized users at a fine-grained level is still a challenging issue, especially when dealing with dynamic user groups. In this paper, we propose a secure and efficient fine-grained access control and data sharing scheme for dynamic user groups by: 1) defining and enforcing access policies based on the attributes of the data; 2) permitting the key generation center to efficiently update user credentials for dynamic user groups; and 3) allowing some expensive computation tasks to be performed by unTrusted CSPs without requiring any delegation key. Specifically, we first design an efficient revocable attribute-based encryption (ABE) scheme with the property of ciphertext delegation by exploiting and uniquely combining techniques of identity-based encryption, ABE, subset-cover framework, and ciphertext encoding mechanism. We then present a fine-grained access control and data sharing system for on-demand services with dynamic user groups in the cloud. The experimental data show that our proposed scheme is more efficient and scalable than the state-of-the-art solution.
