Title: A flexible cryptographic approach for secure data storage in the cloud using role-based access control

Authors: Lan Zhou; Vijay Varadharajan; Michael Hitchens

Addresses: Information and Networked Systems Security Research, Department of Computing, Macquarie University, North Ryde, NSW 2109, Australia. ' Information and Networked Systems Security Research, Department of Computing, Macquarie University, North Ryde, NSW 2109, Australia. ' Information and Networked Systems Security Research, Department of Computing, Macquarie University, North Ryde, NSW 2109, Australia

Abstract: There has been a recent trend in storing data in the cloud because of the significant benefits, such as on demand resources and low maintenance costs. However due to the distributed nature of the cloud, access control mechanisms need to be employed to protected the privacy of data stored in cloud. Role-based access control (RBAC) provides a flexible way for users to manage and share their data in the cloud. In this paper, we propose a role-based encryption (RBE) scheme which enforces RBAC policies using cryptographic techniques. In our scheme, an owner of data can encrypt the data to a role in a RBAC system, and only the users who have the permissions of the role in the RBAC system can decrypt the data. Our scheme achieves efficient user management where the manager of a role can easily grant/revoke the membership of the role to/from a user without the needs of other parties' participants. We compare our scheme with other previously published schemes and show that our scheme has better performance in both computation and management.

Keywords: role-based access control; encryption; secure cloud storage; flexible user management; cloud computing; data storage; security; cryptography.

DOI: 10.1504/IJCC.2012.046720

International Journal of Cloud Computing, 2012 Vol.1 No.2/3, pp.201 - 220

Available online: 03 May 2012

Full-text access for editors Access for subscribers Purchase this article Comment on this article