Fine-Grained Two-Factor Protection Mechanism for Data Sharing in Cloud Storage

Cong Zuo, Jun Shao, Joseph K. Liu, Guiyi Wei, Yun Ling

    Research output: Contribution to journalArticleResearchpeer-review

    19 Citations (Scopus)

    Abstract

    Data sharing in cloud storage is receiving substantial attention in Information Communications Technology, since it can provide users with efficient and effective storage services. To protect the confidentiality of the shared sensitive data, the cryptographic techniques are usually applied. However, the data protection is still posing significant challenges in cloud storage for data sharing. Among them, how to protect and revoke the cryptographic key is the fundamental challenge. To tackle this, we propose a new data protection mechanism for cloud storage, which holds the following properties. 1) The cryptographic key is protected by the two factors. Only if one of the two factors works, the secrecy of the cryptographic key is held. 2) The cryptographic key can be revoked efficiently by integrating the proxy re-encryption and key separation techniques. 3) The data is protected in a fine-grained way by adopting the attributebased encryption technique. Furthermore, the security analysis and performance evaluation show that our proposal is secure and efficient, respectively.

    Original languageEnglish
    Pages (from-to)186-196
    Number of pages11
    JournalIEEE Transactions on Information Forensics and Security
    Volume13
    Issue number1
    DOIs
    Publication statusPublished - Jan 2018

    Keywords

    • attributebased encryption
    • cloud storage
    • fine-grained
    • proxy re-encryption
    • revocability
    • two-factor

    Cite this

    @article{e634d9ee5dac40a3a5a57204db21ae94,
    title = "Fine-Grained Two-Factor Protection Mechanism for Data Sharing in Cloud Storage",
    abstract = "Data sharing in cloud storage is receiving substantial attention in Information Communications Technology, since it can provide users with efficient and effective storage services. To protect the confidentiality of the shared sensitive data, the cryptographic techniques are usually applied. However, the data protection is still posing significant challenges in cloud storage for data sharing. Among them, how to protect and revoke the cryptographic key is the fundamental challenge. To tackle this, we propose a new data protection mechanism for cloud storage, which holds the following properties. 1) The cryptographic key is protected by the two factors. Only if one of the two factors works, the secrecy of the cryptographic key is held. 2) The cryptographic key can be revoked efficiently by integrating the proxy re-encryption and key separation techniques. 3) The data is protected in a fine-grained way by adopting the attributebased encryption technique. Furthermore, the security analysis and performance evaluation show that our proposal is secure and efficient, respectively.",
    keywords = "attributebased encryption, cloud storage, fine-grained, proxy re-encryption, revocability, two-factor",
    author = "Cong Zuo and Jun Shao and Liu, {Joseph K.} and Guiyi Wei and Yun Ling",
    year = "2018",
    month = "1",
    doi = "10.1109/TIFS.2017.2746000",
    language = "English",
    volume = "13",
    pages = "186--196",
    journal = "IEEE Transactions on Information Forensics and Security",
    issn = "1556-6013",
    publisher = "IEEE, Institute of Electrical and Electronics Engineers",
    number = "1",

    }

    Fine-Grained Two-Factor Protection Mechanism for Data Sharing in Cloud Storage. / Zuo, Cong; Shao, Jun; Liu, Joseph K.; Wei, Guiyi; Ling, Yun.

    In: IEEE Transactions on Information Forensics and Security, Vol. 13, No. 1, 01.2018, p. 186-196.

    Research output: Contribution to journalArticleResearchpeer-review

    TY - JOUR

    T1 - Fine-Grained Two-Factor Protection Mechanism for Data Sharing in Cloud Storage

    AU - Zuo, Cong

    AU - Shao, Jun

    AU - Liu, Joseph K.

    AU - Wei, Guiyi

    AU - Ling, Yun

    PY - 2018/1

    Y1 - 2018/1

    N2 - Data sharing in cloud storage is receiving substantial attention in Information Communications Technology, since it can provide users with efficient and effective storage services. To protect the confidentiality of the shared sensitive data, the cryptographic techniques are usually applied. However, the data protection is still posing significant challenges in cloud storage for data sharing. Among them, how to protect and revoke the cryptographic key is the fundamental challenge. To tackle this, we propose a new data protection mechanism for cloud storage, which holds the following properties. 1) The cryptographic key is protected by the two factors. Only if one of the two factors works, the secrecy of the cryptographic key is held. 2) The cryptographic key can be revoked efficiently by integrating the proxy re-encryption and key separation techniques. 3) The data is protected in a fine-grained way by adopting the attributebased encryption technique. Furthermore, the security analysis and performance evaluation show that our proposal is secure and efficient, respectively.

    AB - Data sharing in cloud storage is receiving substantial attention in Information Communications Technology, since it can provide users with efficient and effective storage services. To protect the confidentiality of the shared sensitive data, the cryptographic techniques are usually applied. However, the data protection is still posing significant challenges in cloud storage for data sharing. Among them, how to protect and revoke the cryptographic key is the fundamental challenge. To tackle this, we propose a new data protection mechanism for cloud storage, which holds the following properties. 1) The cryptographic key is protected by the two factors. Only if one of the two factors works, the secrecy of the cryptographic key is held. 2) The cryptographic key can be revoked efficiently by integrating the proxy re-encryption and key separation techniques. 3) The data is protected in a fine-grained way by adopting the attributebased encryption technique. Furthermore, the security analysis and performance evaluation show that our proposal is secure and efficient, respectively.

    KW - attributebased encryption

    KW - cloud storage

    KW - fine-grained

    KW - proxy re-encryption

    KW - revocability

    KW - two-factor

    UR - http://www.scopus.com/inward/record.url?scp=85028546780&partnerID=8YFLogxK

    U2 - 10.1109/TIFS.2017.2746000

    DO - 10.1109/TIFS.2017.2746000

    M3 - Article

    VL - 13

    SP - 186

    EP - 196

    JO - IEEE Transactions on Information Forensics and Security

    JF - IEEE Transactions on Information Forensics and Security

    SN - 1556-6013

    IS - 1

    ER -