Abstract
In cloud computing environments, data protection is usually limited to access control policies that are enforced by cloud service providers (CSPs). However, there are many cases where the CSPs are not trusted and pose a risk to their users' privacy. Several approaches have been proposed to prevent CSPs from accessing the data where the cryptographic mechanisms are used to enforce access control policies. However, most of these approaches incur a huge communication overhead, involve users in a complex and expensive key management process and are burdensome for users. In this paper, we propose a privacy aware access control system for data sharing that provides two levels of protection for user's data stored on a CSP. The users' data is protected from unauthorized users using a CSP-enforced access control mechanism, while protection from the CSP is achieved through multiple layers of commutative encryption with the help of a third-party service provider. We present the proposed framework and describe its components and various cryptographic operations. Furthermore, we provide a security analysis to discuss potential threats against the proposed system and provide some solutions for those threats.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
