Secure cloud storage service and limited proxy re-encryption for enforcing access control in public cloud

Abstract

Cloud computing is a new computing paradigm wherein the resources of the computing infrastructure are provided as services over the internet. The benefits offered by the public cloud encourage the data owners/organisations to store their data on to the cloud storage provided by the cloud storage provider. Cloud computing poses new security challenges as the users outsource their data to public cloud. Building a secure cloud storage service on top of a public cloud infrastructure where the service provider is not completely trusted by the data owner is a security challenge. The existing popular storage services does not provide cryptographic guarantee for the security. They are often guided by service level agreements and policies. In this paper, we propose and implement a secure storage service providing a cryptographic guarantee for the security to store, access and share the user's data. We propose the notion of limited proxy re-encryption scheme to restrict the proxy from re-encrypting more than specified number of delegator's ciphertexts. We give the security model and analyse the scheme for security. We use the proposed limited proxy re-encryption scheme as the primitive and design an improved and efficient sharing method for the secure storage service.