期刊
IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS
卷 33, 期 2, 页码 476-488出版社
IEEE COMPUTER SOC
DOI: 10.1109/TPDS.2021.3094126
关键词
Cloud computing; Access control; Receivers; Encryption; Servers; Cryptography; Search problems; Cloud computing; data sharing; access control; encryption; edge computing
资金
- National Natural Science Foundation of China [U1936220, 62011530046, 61872001]
- Special Fund for Key Program of Science and Technology of Anhui Province, China [202003A05020043]
- Open Fund for Discipline Construction, Institute of Physical Science and Information Technology, Anhui University
This article presents a bidirectional fine-grained access control scheme for cloud data sharing, which can restrict the capabilities of both senders and receivers. By combining the cloud side and the edge side in a data sharing framework, and utilizing attribute-based encryption and proxy re-encryption algorithms, efficient access control is achieved.
The cloud computing paradigm provides numerous tempting advantages, enabling users to store and share their data conveniently. However, users are naturally resistant to directly outsourcing their data to the cloud since the data often contain sensitive information. Although several fine-grained access control schemes for cloud-data sharing have been proposed, most of them focus on the access control of the encrypted data (e.g., restricting the decryption capabilities of the receivers). Distinct from the existing work, this article aims to address this challenging problem by developing a more practical bidirectional fine-grained access control scheme that can restrict the capabilities of both senders and receivers. To this end, we systematically investigate the access control for cloud data sharing. Inspired by the access control encryption (ACE), we propose a novel data sharing framework that combines the cloud side and the edge side. The edge server is located in the middle of all the communications, checking and preventing illegal communications according to the predefined access policy. Next, we develop an efficient access control algorithm by exploiting the attribute-based encryption and proxy re-encryption for the proposed framework. The experimental results show that our scheme exhibits superior performance in the encryption and decryption compared to the prior work.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据