|
Motivation: Traditional access control models often assume that the entity enforcing access control
policies is also the owner of data and resources. This assumption no longer holds
when the data is outsourced to a third-party storage provider, such as the cloud.
Existing access control solutions mainly focus on preserving the confidentiality of the stored
data from unauthorized access and the storage provider.
While existing access control solutions for outsourced storage mainly focus on preserving the confidentiality
of the stored data from unauthorized access and the storage provider, when we want to facilitate data sharing among the users of the storage seervice access control policies as well as
users' access patterns also become privacy sensitive information that should be protected from the cloud. Is there a mechanism that would allow
the cloud to facilitate access control enforcement for data sharing between its users
in an oblivious manner that would still offer a level of protection for the privacy of the access control rules and the data accesses of different users?
Results: We propose a two-level access control scheme
that combines coarse-grained access control enforced at the cloud, which allows to get
acceptable communication overhead and at the same time limits the information that
the cloud learns from his partial view of the access rules and the access patterns,
and fine-grained cryptographic access control enforced at the user's side, which provides the desired expressiveness
of the access control policies. Our solution handles both read and write access control.
The idea of our approach is to divide the data stored at the cloud into
access blocks. These access blocks constitute the coarse-grained
level view of the stored data. The cloud provider is presented with this view
and enforce access control at this granularity. He is able to match an authorized request to an access block
that contains the requested file. Upon a read request the cloud would provide the content of the entire matching
block to the user. Upon a write request he shall accept only authorized updates for some content of that
block and also obliviously match them to the corresponding files. At the fine-grained level, each access
block consists of files owned by a single owner. Each data owner is responsible for distributing his files
into blocks, and defines fine-grained access control policies that specify users' access rights to
individual files. Access control at the fine-grained level is enforced obliviously
with respect to the cloud through the encryption of the files without an access
block and appropriate key distribution among the users that would
access each block.
|