R&D: Fine-Grained and Controllably Editable Data Sharing With Accountability in Cloud Storage

IEEE Transactions on Dependable and Secure Computing has published an article written by Huiying Hou, Fudan University, Fudan University – Handan Campus, 12478 Shanghai, shanghai, China, 200433, Jianting Ning, Department of Computer Science, National University of Singapore, 37580 Singapore, singapore, Singapore, 119260, Yunlei Zhao, Department of Computer Science and Technology, Fudan University, 12478 Shanghai, Shanghai, China, and Robert Deng, Department of Information Systems, Singapore Management University, Singapore, Singapore, Singapore.

Abstract: “With the increasing cloud storage service, users can enjoy non-interactive data sharing. Nonetheless, the data owner cannot timely update the shared data all the while. To ensure the timeliness and the authoritative source of the data, some users should be allowed to update the data on behalf of an authoritative data owner without changing data source. However, this allows harmful information to be injected into the data unnoticeably. How to efficiently realize editable cloud-based data sharing supporting malicious user tracing has not been fully explored. To address the problem, we propose a fine-grained and controllably editable cloud-based data sharing scheme with malicious user accountability. The data owner only needs to sign the shared data before uploading it and can specify a fine-grained access control policy about who can update the data and which portions of the data can be updated. The authorized users non-interactively converts signatures of original data into new ones for the updated data, which are indistinguishable from the original signatures. The proposed scheme also support malicious user accountability in the sense that malicious users who post harmful information can be traced. We demonstrate the security and practicality of our scheme via formal security analysis and extensive experiments