Please use this identifier to cite or link to this item:
http://hdl.handle.net/10397/95605
Title: | Crypt-DAC : cryptographically enforced dynamic access control in the cloud | Authors: | Qi, S Zheng, Y |
Issue Date: | Mar-2021 | Source: | IEEE transactions on dependable and secure computing, Mar.-Apr. 2021, v. 18, no. 2, 8676350, p. 765-779 | Abstract: | Enabling cryptographically enforced access controls for data hosted in untrusted cloud is attractive for many users and organizations. However, designing efficient cryptographically enforced dynamic access control system in the cloud is still challenging. In this paper, we propose Crypt-DAC, a system that provides practical cryptographic enforcement of dynamic access control. Crypt-DAC revokes access permissions by delegating the cloud to update encrypted data. In Crypt-DAC, a file is encrypted by a symmetric key list which records a file key and a sequence of revocation keys. In each revocation, a dedicated administrator uploads a new revocation key to the cloud and requests it to encrypt the file with a new layer of encryption and update the encrypted key list accordingly. Crypt-DAC proposes three key techniques to constrain the size of key list and encryption layers. As a result, Crypt-DAC enforces dynamic access control that provides efficiency, as it does not require expensive decryption/re-encryption and uploading/re-uploading of large data at the administrator side, and security, as it immediately revokes access permissions. We use formalization framework and system implementation to demonstrate the security and efficiency of our construction. | Keywords: | Access control Cloud Revocation |
Publisher: | Institute of Electrical and Electronics Engineers | Journal: | IEEE transactions on dependable and secure computing | ISSN: | 1545-5971 | EISSN: | 1941-0018 | DOI: | 10.1109/TDSC.2019.2908164 | Rights: | © 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. The following publication S. Qi and Y. Zheng, "Crypt-DAC: Cryptographically Enforced Dynamic Access Control in the Cloud," in IEEE Transactions on Dependable and Secure Computing, vol. 18, no. 2, pp. 765-779, 1 March-April 2021 is available at https://doi.org/10.1109/TDSC.2019.2908164 |
Appears in Collections: | Journal/Magazine Article |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
Zheng_Cpds_Enabling_Compressed.pdf | Pre-Published version | 3.22 MB | Adobe PDF | View/Open |
Page views
69
Last Week
0
0
Last month
Citations as of Oct 13, 2024
Downloads
128
Citations as of Oct 13, 2024
SCOPUSTM
Citations
18
Citations as of Oct 17, 2024
WEB OF SCIENCETM
Citations
13
Citations as of Oct 17, 2024
Google ScholarTM
Check
Altmetric
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.