A complex problem when outsourcing data to the cloud is access control management. Encryption, by wrapping data with a self-enforcing protection layer, provides access control enforcement by making resources intelligible only to users holding the necessary key. The real challenge becomes then the efficient revocation of access. We address this challenge and present an approach to effectively and efficiently enforce access revocation on resources stored at external cloud providers. The approach relies on a resource transformation that provides strong mutual inter-dependency in its encrypted representation. To revoke access on a resource, it is then sufficient to update a small portion of it, with the guarantee that the resource as a whole (and any portion of it) will become unintelligible to those from whom access is revoked. Our experimental results show the effectiveness of our approach, and confirm its efficiency, especially when managing large resources with dynamic access policy.
(2024). Mix&slice for Efficient Access Revocation on Outsourced Data [journal article - articolo]. In IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING. Retrieved from https://hdl.handle.net/10446/263533
Mix&slice for Efficient Access Revocation on Outsourced Data
Paraboschi, Stefano;
2024-01-01
Abstract
A complex problem when outsourcing data to the cloud is access control management. Encryption, by wrapping data with a self-enforcing protection layer, provides access control enforcement by making resources intelligible only to users holding the necessary key. The real challenge becomes then the efficient revocation of access. We address this challenge and present an approach to effectively and efficiently enforce access revocation on resources stored at external cloud providers. The approach relies on a resource transformation that provides strong mutual inter-dependency in its encrypted representation. To revoke access on a resource, it is then sufficient to update a small portion of it, with the guarantee that the resource as a whole (and any portion of it) will become unintelligible to those from whom access is revoked. Our experimental results show the effectiveness of our approach, and confirm its efficiency, especially when managing large resources with dynamic access policy.| File | Dimensione del file | Formato | |
|---|---|---|---|
|
MixampSlice_for_Efficient_Access_Revocation_on_Outsourced_Data.pdf
accesso aperto
Versione:
publisher's version - versione editoriale
Licenza:
Creative commons
Dimensione del file
3.01 MB
Formato
Adobe PDF
|
3.01 MB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
Aisberg ©2008 Servizi bibliotecari, Università degli studi di Bergamo | Terms of use/Condizioni di utilizzo
