Privacy Enhanced Access Control for Outsourced Data Sharing

Mariana Petrova Raykova; Steven Michael Bellovin; Hang Zhao

Privacy Enhanced Access Control for Outsourced Data Sharing
Raykova, Mariana Petrova
Bellovin, Steven Michael
Zhao, Hang
Technical reports
Computer Science
Persistent URL:
Columbia University Computer Science Technical Reports
Part Number:
Columbia University, Department of Computer Science
Publisher Location:
New York
Traditional access control models often assume that the entity enforcing access control policies is also the owner of data and resources. This assumption no longer holds when data is outsourced to a third-party storage provider, such as the cloud. Existing access control solutions mainly focus on preserving confidentiality of stored data from unauthorized access and the storage provider. However, in this setting, access control policies as well as users' access patterns also become privacy sensitive information that should be protected from the cloud. We propose a two-level access control scheme that combines coarse-grained access control enforced at the cloud, which allows to get acceptable communication overhead and at the same time limits the information that the cloud learns from his partial view of the access rules and the access patterns, and fine-grained cryptographic access control enforced at the user's side, which provides the desired expressiveness of the access control policies. Our solution handles both read and write access control.
Computer science
Item views
text | xml
Suggested Citation:
Mariana Petrova Raykova, Steven Michael Bellovin, Hang Zhao, , Privacy Enhanced Access Control for Outsourced Data Sharing, Columbia University Academic Commons, .

Columbia University Libraries | Policies | FAQ