StackSync: Attribute‐based data sharing in file synchronization services

Abstract

SummaryPersonal Cloud (PC) storage services such as Dropbox or Google Drive have become increasingly popular in the last few years. Unfortunately, these services are still not secure. Even assuming “perfect” data confidentiality, securely sharing a folder in these services is still an issue, and this without mentioning the fact that the existing sharing mechanisms are typically too coarse‐grained by operating at the folder level. This is insufficient in many real situations where it is more natural to grant or deny access to files based on arbitrary user attributes and selected attributes of the file. In this research, we explore these issues and show that fine‐grained access control with strong privacy guarantees is practical in the PC. To investigate the potential practicality, we took our fully fledged open source implementation of a PC system and extended it to support fine‐grained private data sharing through attribute‐based encryption. The result was the first design and implementation of a file synchronization service, called StackSync, where the user retains complete control over his or her own data when sharing it. Never before, attribute‐based encryption had been implemented and tested on a real PC service. Our results show that StackSync is both secure and efficient for the PC.