The cloud storage is the best option to outsource big data, as the cloud has the capability of storing a huge volume of data. However, cloud storage brings new concerns for privacy, fine-grained access control and data duplication, which are crucial for big data storage in the cloud. Existing solutions of data duplication over encrypted data schemes do not provide fine-grained access control. Recently, Cui et al. proposed the data duplication over encrypted data along with attribute based access control in 2017. However, this scheme suffers from the following issues: 1) it does not verify the data ownership which is essentially required for data protection when multiple users outsource the same data 2) it does not provide the data ownership management, which creates a chance to upload the false data by the ownership revoked owner 3) it suffers from communication and computation overhead during deduplication and encryption process. To improve the Cui et al. scheme, in this paper, we propose an enhanced attribute based access control with secure deduplication for big data storage in cloud (EABAC-SD). Our EABAC-SD scheme achieves dynamic ownership management using the group key. Our scheme allows only authorized data owners to upload the data which enhances the security. Further, our EABAC-SD scheme cuts down the communication and computation overhead of the encryption and deduplication process. In addition, security analysis proves that our scheme protects the data privacy and consistency. Further, our scheme proves that ineligible data owners and ownership withdrawn data owners are not able to upload the data. Performance analysis shows that our EABAC-SD scheme is more efficient than Cui et al. scheme.
Read full abstract