Supporting dynamic updates in storage clouds with the Akl–Taylor scheme

Abstract

With the wide diffusion of cloud technologies, an ever increasing amount of sensitive data is moved on centralized network-based repository services, providing elastic outsourced storage capacity, available through remote access. This introduces new challenges associated to the security and privacy of outsourced data that has to be dynamically created, shared, updated and removed by a large number of users, characterized by different access rights and views structured according to hierarchical roles.To address such challenges, and implement secure access control policies in those application domains, several cryptographic solutions have been proposed. In particular, hierarchical key assignment schemes represent an effective solution to deal with cryptographic access control. Starting from the first proposal due to Akl and Taylor in 1983, many hierarchical key assignment schemes have been proposed. However, the highly dynamic nature of cloud-based storage solutions may significantly stress the applicability of such schemes on a wide scale.In order to overcome such limitations, in this work we provide new results on the Akl–Taylor scheme, by carefully analyzing the problem of supporting dynamic updates, as well as key replacement operations. In doing this, we also perform a rigorous analysis of the Akl–Taylor scheme in the dynamic setting characterizing storage clouds, by considering different key assignment strategies and proving that the corresponding schemes are secure with respect to the notion of key recovery.