We found a match
Your institution may have rights to this item. Sign in to continue.
- Title
Oblivious access control policies for cloud based data sharing systems.
- Authors
Pervez, Zeeshan; Khattak, Asad; Lee, Sungyoung; Lee, Young-Koo; Huh, Eui-Nam
- Abstract
Conventional procedures to ensure authorized data access by using access control policies are not suitable for cloud storage systems as these procedures can reveal valid access parameters to a cloud service provider. In this paper, we have proposed oblivious access control policy evaluation (O-ACE); a data sharing system, which obliviously evaluates access control policy on a cloud server and provisions access to the outsourced data. O-ACE reveals no useful information about the access control policy neither to the cloud service provider nor to the unauthorized users. Through the security analysis of O-ACE it has been observed that computational complexity to compromise privacy of the outsourced data is same as reverting asymmetric encryption without valid key pair. We have realized O-ACE for Google Cloud. Our evaluation results show the fact that O-ACE CPU utilization cost is 0.01-0.30 dollar per 1,000 requests.
- Subjects
CLOUD computing; COMPUTER file sharing; ACCESS control; DATA security; UNAUTHORIZED use; DATA encryption
- Publication
Computing, 2012, Vol 94, Issue 12, p915
- ISSN
0010-485X
- Publication type
Article
- DOI
10.1007/s00607-012-0206-z