Efficient decentralized access control for secure data sharing in cloud computing

Abstract

SummaryAccess control is an important technique in information security that allows legitimate users to gain access to and prevent unauthorized users from getting access to resources in a system. The restriction between access from a user and a shared file of the data owner can be determined by the access policy. In most existing access control models, it is assumed that all entities, including users, the third party, and cloud service provider (CSP), are in the same trust domain. However, in cloud computing environments, it is usually assumed that the CSP cannot be fully trusted, and the data owner (DO) is desired to have the absolute initiative to control data access. This article proposes a blockchain‐based access control scheme for cloud computing, in which the DO maintains an access matrix to describe the access policy. Then, the public keys of all nodes and the access matrix are stored in the blockchain, to ensure the security of the proposed scheme. The DOs can encrypt the large shared files once using a symmetric key in a long time. And they also can encrypt the symmetric key in parallel using the public key of authorized users in a short time. Security analysis proves that the proposed scheme is able to prevent outsourced files from unauthorized access and collusion attack. Experimental results show that the proposed scheme outperforms the existing baselines in terms of overheads on computation and storage. On average, the computation overhead of the proposed scheme is lower than that of the scheme SVPAC, PpBAC, and Timely CP‐ABE by 25.37%, 45.46%, and 36.44%, respectively. The communication overhead of the proposed scheme is lower than that of the scheme Timely CP‐ABE by 17.16%, and it is more secure, although it is higher than that of the scheme SVPAC and PpBAC by 5.88% and 39.05%. And the storage overhead of the proposed scheme is lower than that of the scheme SVPAC, PpBAC, and Timely CP‐ABE by 59.36%, 20.25%, and 61.88%, respectively.