An Integrated Privacy Preserving Attribute Based Access Control Framework

Abstract

Recent advances in IT have enabled many applications that generate/collect huge amounts of personal data. While these advances have made many personalized applications such as personalized user-centric healthcare possible there are significant system maintenance cost related to data management, and security and privacy issues that need to be first addressed. Although cloud computing presents a new paradigm that helps maintaining users aggregated information distributed in different Internet enabled applications in one place, it also introduces new challenges in security and privacy. In this paper, we propose an integrated user-centric (or an organization-centric) privacy preserving attribute based access control approach to protect the security and privacy of a user's(or the organization's) data stored by a cloud service provider. The proposed approach includes a novel privacypreserving revocable ciphertext policy attribute-based encryption (PR-CP-ABE) scheme. We also propose an extended Path-ORAM protocol that addresses the access pattern privacy as users access the protected data on cloud. We present security and privacy analysis and compare the performance parameters with other existing approaches.