R&D: Secure Data Sharing Scheme with Privacy-Preserving and Certificateless Integrity Auditing in Cloud Storage
Proposed scheme is competitive in practical applications since it reduces authenticator generation overhead by up to 21.6% and proof-gen overhead by up to 12% compared with related schemes.
This is a Press Release edited by StorageNewsletter.com on September 20, 2024 at 2:00 pmComputer Communications has published an article written by Xuening Guan, School of Information and Control Engineering, Xi’An University of Architecture and Technology, Xi’an Shaanxi, 710055, China, Jinyong Chang, School of Information and Control Engineering, Xi’An University of Architecture and Technology, Xi’an Shaanxi, 710055, China andState Key Laboratory of ISN, Xidian University, Xi’an, Shaanxi 710071, China, and Wei Zhang, Zhejiang Police College, Hangzhou, Zhejiang, 310053, China.
Abstract: “With cloud storage services becoming wildspread and low-cost, individuals and organizations select outsourcing large amounts of document to cloud. Cloud storage applications provide data sharing services with varying functionality. In some cloud storage systems that provide data sharing, such as e-health systems, hiding sensitive information fields is a necessity. Meanwhile, in sharing process, unauthorized entities may have access to these privacy fields. The resource-constrained computation capability for data owner (DO) is universal. To tackle above problems, we propose a sanitizer-based secure data sharing scheme where sanitizer performs most computations of encryption and signature after receiving the partially blinded data from DO. It also checks the legitimacy of visitors before CSP returns stored data file. Besides, adopting an attribute-based access policy guarantees further privacy and fine-grained access authorization. After verification, cloud will return the required data to the legitimate visitors. Moreover, integrity auditing to shared data file is based on certificateless authentication technique, which removes certificates issue of traditional cryptographic technique, avoids key-escrow attack risk caused by identity-based cryptography. Finally, the performance analysis and experimental results show that our proposed scheme is competitive in practical applications since it reduces the authenticator generation overhead by up to 21.6% and proof generation overhead by up to 12% compared with related schemes.“
Subscribe to our free daily newsletter
