Data sharing in cloud storage is receiving substantial attention in Information Communications Technology, since it can provide users with efficient and effective storage services. To protect the confidentiality of the shared sensitive data, the cryptographic techniques are usually applied. However, the data protection is still posing significant challenges in cloud storage for data sharing. Among them, how to protect and revoke the cryptographic key is the fundamental challenge. To tackle this, we propose a new data protection mechanism for cloud storage, which holds the following properties. 1) The cryptographic key is protected by the two factors. Only if one of the two factors works, the secrecy of the cryptographic key is held. 2) The cryptographic key can be revoked efficiently by integrating the proxy re-encryption and key separation techniques. 3) The data is protected in a fine-grained way by adopting the attributebased encryption technique. Furthermore, the security analysis and performance evaluation show that our proposal is secure and efficient, respectively.
|Number of pages||11|
|Journal||IEEE Transactions on Information Forensics and Security|
|Publication status||Published - Jan 2018|
- attributebased encryption
- cloud storage
- proxy re-encryption