2011 Reports
Privacy Enhanced Access Control for Outsourced Data Sharing
Traditional access control models often assume that the entity enforcing access control policies is also the owner of data and resources. This assumption no longer holds when data is outsourced to a third-party storage provider, such as the cloud. Existing access control solutions mainly focus on preserving confidentiality of stored data from unauthorized access and the storage provider. However, in this setting, access control policies as well as users' access patterns also become privacy sensitive information that should be protected from the cloud. We propose a two-level access control scheme that combines coarse-grained access control enforced at the cloud, which allows to get acceptable communication overhead and at the same time limits the information that the cloud learns from his partial view of the access rules and the access patterns, and fine-grained cryptographic access control enforced at the user's side, which provides the desired expressiveness of the access control policies. Our solution handles both read and write access control.
Subjects
Files
-
cucs-039-11.pdf application/pdf 1.82 MB Download File
More About This Work
- Academic Units
- Computer Science
- Publisher
- Columbia University, Department of Computer Science
- Series
- Columbia University Computer Science Technical Reports, CUCS-039-11
- Published Here
- September 21, 2011