skip to main content
10.1145/3102304.3102328acmotherconferencesArticle/Chapter ViewAbstractPublication PagesicfndsConference Proceedingsconference-collections
research-article

ESSAC: Enhanced Scalable Secure Access Control Framework for Cloud Storage

Published: 19 July 2017 Publication History

Abstract

Outsourcing data storage and IT workloads to a third-party cloud provider introduces some security risks and time performance degradation. Moreover, controlling access to this data becomes very difficult when the volume of the data and number of users is very high. Various access control techniques have been proposed to address this issue. However, those techniques have complex schemes which are costly to be applied in real scenarios and they have limited flexibility and scalability to large volumes of data and users. In this paper we propose ESSAC which is an enhanced version of the SSAC scheme. ESSAC introduces a fine-grained access control scheme based on a classified Attribute Based Encryption, Role Based Encryption and Single Key Encryption methodology which achieves highest security without degrading the performance. We validate our scheme using a simulation on top of Amazon S3 and compare it to current schemes.

References

[1]
Amazon. Amazon Web Services. http://aws.amazon.com/s3/. (????). {Online; accessed 1-June-2017}.
[2]
John Bethencourt, Amit Sahai, and Brent Waters. 2007. Ciphertext-Policy Attribute-Based Encryption. In Proceedings of the 2007 IEEE Symposium on Security and Privacy (SP '07). IEEE Computer Society, Washington, DC, USA, 321--334.
[3]
Vipul Goyal, Omkant Pandey, Amit Sahai, and Brent Waters. 2006. Attribute-based Encryption for Fine-grained Access Control of Encrypted Data. In Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS '06). ACM, New York, NY, USA, 89--98.
[4]
H. Hassan, A. Mostafa, and A. Shawish. 2015. S-SAC: Towards a Scalable Secure Access Control Framework for Cloud Storage. In 2015 European Intelligence and Security Informatics Conference. 165--168.
[5]
Ming Li, Shucheng Yu, Kui Ren, and Wenjing Lou. 2010. Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings. Springer Berlin Heidelberg, Berlin, Heidelberg, 89--106.
[6]
National Institute of Standard and Technology. 2011. The NIST Definition of Cloud Computing. http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf. (2011).
[7]
S. Ruj, A. Nayak, and I. Stojmenovic. 2011. DACC: Distributed Access Control in Clouds. In 2011 IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications. 91--98.
[8]
S. Ruj, M. Stojmenovic, and A. Nayak. 2012. Privacy Preserving Access Control with Authentication for Securing Data in Clouds. In 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012). 556--563.
[9]
Amit Sahai and Brent Waters. 2005. Fuzzy Identity-Based Encryption. Springer Berlin Heidelberg, Berlin, Heidelberg, 457--473.
[10]
Y. Tang, P. P. C. Lee, J. C. S. Lui, and R. Perlman. 2012. Secure Overlay Cloud Storage with Access Control and Assured Deletion. IEEE Transactions on Dependable and Secure Computing 9, 6 (Nov 2012), 903--916.
[11]
K. Yang, X. Jia, K. Ren, B. Zhang, and R. Xie. 2013. DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems. IEEE Transactions on Information Forensics and Security 8, 11 (Nov 2013), 1790--1801.
[12]
S. Yu, C. Wang, K. Ren, and W. Lou. 2010. Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing. In 2010 Proceedings IEEE INFOCOM. 1--9.
[13]
Shucheng Yu, Cong Wang, Kui Ren, and Wenjing Lou. 2010. Attribute Based Data Sharing with Attribute Revocation. In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS '10). ACM, New York, NY, USA, 261--270.
[14]
L. Zhou, V. Varadharajan, and M. Hitchens. 2013. Achieving Secure Role-Based Access Control on Encrypted Data in Cloud Storage. IEEE Transactions on Information Forensics and Security 8, 12 (Dec 2013), 1947--1960.

Index Terms

  1. ESSAC: Enhanced Scalable Secure Access Control Framework for Cloud Storage

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    ICFNDS '17: Proceedings of the International Conference on Future Networks and Distributed Systems
    July 2017
    325 pages
    ISBN:9781450348447
    DOI:10.1145/3102304
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    In-Cooperation

    • LABSTICC: Labsticc

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 19 July 2017

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. Attribute based access control
    2. Backward secrecy
    3. Cloud storage security
    4. Forward secrecy
    5. Policy based file assured deletion
    6. Policy-based access control

    Qualifiers

    • Research-article
    • Research
    • Refereed limited

    Conference

    ICFNDS '17

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • 0
      Total Citations
    • 57
      Total Downloads
    • Downloads (Last 12 months)1
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 16 Feb 2025

    Other Metrics

    Citations

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media