Title: Efficient authorisation update on cloud data

Authors: Zongmin Cui; Hong Zhu; Jie Shi; Lianhua Chi; Ke Yan

Addresses: School of Information Science and Technology, Jiujiang University, Jiangxi, China ' School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China ' Jinan University, Guangzhou, Guangdong, China ' IBM Research Australia, Melbourne, VIC, Australia ' School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China

Abstract: To broaden the adoption of cloud computing, it is necessary to provide efficient security mechanisms for authorisation update, which is a core component of cloud security. In this paper, we propose an efficient and secure authorisation update mechanism, which is achieved using a double-layer encryption: inner-layer encryption and outer-layer encryption. The inner-layer encryption is performed on an original plaintext to generate ciphertext, while the outer-layer encryption is performed on a part of the inner-layer ciphertext taking a ciphertext as output. The inner-layer encryption enforces the initial authorisation policy, while the outer-layer encryption reflects the updated authorisation policy. Based on the double-layer encryption, we deal with the operations related to authorisation update including user update and data update. In addition, we implement the proposed mechanism and conduct extensive experiments. The experimental results demonstrate the efficiency and practicality of the proposed mechanism.

Keywords: authorisation update; access control; cloud security; user update; data update; cloud data; cloud computing; double-layer encryption; cryptography.

DOI: 10.1504/IJWGS.2016.076594

International Journal of Web and Grid Services, 2016 Vol.12 No.2, pp.109 - 141

Published online: 17 May 2016 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article