A complex problem when outsourcing data to the cloud is access control management. Encryption, by wrapping data with a self-enforcing protection layer, provides access control enforcement by making resources intelligible only to users holding the necessary key. The real challenge becomes then the efficient revocation of access. We address this challenge and present an approach to effectively and efficiently enforce access revocation on resources stored at external cloud providers. The approach relies on a resource transformation that provides strong mutual inter-dependency in its encrypted representation. To revoke access on a resource, it is then sufficient to update a small portion of it, with the guarantee that the resource as a whole (and any portion of it) will become unintelligible to those from whom access is revoked. Our experimental results show the effectiveness of our approach, and confirm its efficiency, especially when managing large resources with dynamic access policy.

(2023). Mix&slice for Efficient Access Revocation on Outsourced Data [journal article - articolo]. In IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING. Retrieved from https://hdl.handle.net/10446/263533

Mix&slice for Efficient Access Revocation on Outsourced Data

Paraboschi, Stefano;
2023-01-01

Abstract

A complex problem when outsourcing data to the cloud is access control management. Encryption, by wrapping data with a self-enforcing protection layer, provides access control enforcement by making resources intelligible only to users holding the necessary key. The real challenge becomes then the efficient revocation of access. We address this challenge and present an approach to effectively and efficiently enforce access revocation on resources stored at external cloud providers. The approach relies on a resource transformation that provides strong mutual inter-dependency in its encrypted representation. To revoke access on a resource, it is then sufficient to update a small portion of it, with the guarantee that the resource as a whole (and any portion of it) will become unintelligible to those from whom access is revoked. Our experimental results show the effectiveness of our approach, and confirm its efficiency, especially when managing large resources with dynamic access policy.
articolo
2023
Bacis, Enrico; De Capitani di Vimercati, Sabrina; Foresti, Sara; Paraboschi, Stefano Giulio; Rosa, Marco; Samarati, Pierangela
(2023). Mix&slice for Efficient Access Revocation on Outsourced Data [journal article - articolo]. In IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING. Retrieved from https://hdl.handle.net/10446/263533
File allegato/i alla scheda:
File Dimensione del file Formato  
tdsc23.pdf

accesso aperto

Versione: publisher's version - versione editoriale
Licenza: Creative commons
Dimensione del file 3.71 MB
Formato Adobe PDF
3.71 MB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

Aisberg ©2008 Servizi bibliotecari, Università degli studi di Bergamo | Terms of use/Condizioni di utilizzo

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/10446/263533
Citazioni
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact