Achieving Secure Role-Based Access Control on Encrypted Data in Cloud Storage

Achieving Secure Role-Based Access Control on Encrypted Data in Cloud Storage

With the rapid developments occurring in cloud computing and services, there has been a growing trend to use the cloud for large-scale data storage. This has raised the important security issue of how to control and prevent unauthorized access to data stored in the cloud. One well known access contr...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on information forensics and security Vol. 8; no. 12; pp. 1947 - 1960
Main Authors: Lan Zhou, Varadharajan, Vijay, Hitchens, Michael
Format: Journal Article
Language:English
Published: New York, NY IEEE 01-12-2013
Institute of Electrical and Electronics Engineers
Subjects:
Access control
Applied sciences
architecture
Cloud computing
Computer architecture
Computer science; control theory; systems
Computer systems and distributed systems. User interface
Cryptography
data storage
Distributed databases
Encryption
Exact sciences and technology
Information, signal and communications theory
Memory
Memory and file management (including protection and security)
Memory organisation. Data processing
Role-based access control
role-based encryption
Signal and communications theory
Software
Telecommunications and information theory
Policy
Access control
Content access
System architecture
Cloud computing
Information organization
Web service
Data storage
Decryption
Role-based access control
Role-based encryption
Cryptanalysis
Licence procedure
Large scale
Cryptography
Private sector
Computer security
architecture
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:With the rapid developments occurring in cloud computing and services, there has been a growing trend to use the cloud for large-scale data storage. This has raised the important security issue of how to control and prevent unauthorized access to data stored in the cloud. One well known access control model is the role-based access control (RBAC), which provides flexible controls and management by having two mappings, users to roles and roles to privileges on data objects. In this paper, we propose a role-based encryption (RBE) scheme that integrates the cryptographic techniques with RBAC. Our RBE scheme allows RBAC policies to be enforced for the encrypted data stored in public clouds. Based on the proposed scheme, we present a secure RBE-based hybrid cloud storage architecture that allows an organization to store data securely in a public cloud, while maintaining the sensitive information related to the organization's structure in a private cloud. We describe a practical implementation of the proposed RBE-based architecture and discuss the performance results. We demonstrate that users only need to keep a single key for decryption, and system operations are efficient regardless of the complexity of the role hierarchy and user membership in the system.
ISSN:1556-6013
1556-6021
DOI:10.1109/TIFS.2013.2286456