Abstract:

Cloud computing offers many benefits for efficient utilization of computing resources. However, for many potential users and organizations security concerns, and in particular confidentiality of data and access control issues, outweigh such benefits. Some of these concerns relate to traditional network security issues, like confidentiality of data in transit to the cloud server. Some other cases are more relevant to the nature of cloud itself. An example of such a case is when the user desires that data access authorizations remain under their control, without revealing them to the cloud server. In both situations, the challenge is to provide the required solutions with minimal computational and storage overheads. This paper takes up that challenge to provide some solutions that have such characteristics. Our reported solutions are based on the Chines Remainder Theorem and allow for tailored enforcement and updating of access control parameters by the data owner with minimal overheads. In our approach, the data owner can provide each authorized user with the unique symmetric keys, used to encrypt a particular set of data to be shared by them. Furthermore, the security parameters are attached to the data and remain hidden. Consequently, they are not revealed to the cloud provider and unauthorized users at any time.