Skip to main content
SpringerLink
Log in

A Security Proxy Scheme Based on Attribute Node Mapping for Cloud Storage

  • Conference paper
  • First Online:
Security, Privacy, and Anonymity in Computation, Communication, and Storage (SpaCCS 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10066))

  • 1366 Accesses

Abstract

Cloud storage provides convenient storage services with data leaking risk while the encryption and decryption keys are supported by cloud service. However, the traditional CP-ABE scheme cannot solve the problem of integrity of could service provider according to single attributes rules. In this paper, we design a prototype system for secure cloud storage which separates storage services and security service using Attribute node mapping based on CP-ABE scheme. The prototype system consists of four parts: a client, a key generation center, a security proxy and a storage system. We propose an innovative convergence encryption method and a shared access mechanism to improve the encryption against guessing attack. Hierarchical eliminate redundancy and parallel data access technologies are also proposed improving the data transmission efficiency.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Ateniese, G., Di Pietro, R., Mancini, L.V., Tsudik, G.: Scalable and efficient provable data possession. In: Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks, p. 9. ACM (2008)

    Google Scholar 

  2. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, SP 2007, pp. 321–334. IEEE (2007)

    Google Scholar 

  3. Bobbarjung, D.R., Jagannathan, S., Dubnicki, C.: Improving duplicate elimination in storage systems. ACM Trans. Storage (TOS) 2(4), 424–448 (2006)

    Article  Google Scholar 

  4. Daza, V., Herranz, J., Morillo, P., Ràfols, C.: Extensions of access structures and their cryptographic applications. Appl. Algebra Eng. Commun. Comput. 21(4), 257–284 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  5. Emura, K., Miyaji, A., Nomura, A., Omote, K., Soshi, M.: A ciphertext-policy attribute-based encryption scheme with constant ciphertext length. In: Bao, F., Li, H., Wang, G. (eds.) ISPEC 2009. LNCS, vol. 5451, pp. 13–23. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00843-6_2

    Chapter  Google Scholar 

  6. Ford, D., Labelle, F., Popovici, F.I., Stokely, M., Truong, V.A., Barroso, L., Grimes, C., Quinlan, S.: Availability in globally distributed storage systems. In: OSDI, pp. 61–74 (2010)

    Google Scholar 

  7. Hashem, I.A.T., Yaqoob, I., Anuar, N.B., Mokhtar, S., Gani, A., Khan, S.U.: The rise of big data on cloud computing: review and open research issues. Inf. Syst. 47, 98–115 (2015)

    Article  Google Scholar 

  8. Hwang, G.H., Lin, H.F., Sy, C.C., Chang, C.Y., et al.: The design and implementation of appointed file prefetching for distributed file systems. J. Res. Pract. Inf. Technol. 40(2), 91 (2008)

    Google Scholar 

  9. Khasnabish, B., Jin, W., Li, M.: Content de-duplication for CDNI optimization. Internet-Draft (2013)

    Google Scholar 

  10. Li, J., Tan, X., Chen, X., Wong, D., Xhafa, F.: OPoR: enabling proof of retrievability in cloud computing with resource-constrained devices. IEEE Trans. Cloud Comput. 3(2), 195–205 (2015)

    Article  Google Scholar 

  11. Liu, C., Yang, C., Zhang, X., Chen, J.: External integrity verification for outsourced big data in cloud and IoT: a big picture. Future Gener. Comput. Syst. 49, 58–67 (2015)

    Article  Google Scholar 

  12. Policroniades, C., Pratt, I.: Alternatives for detecting redundancy in storage systems data. In: USENIX Annual Technical Conference, General Track, pp. 73–86 (2004)

    Google Scholar 

  13. Reed, I.S., Solomon, G.: Polynomial codes over certain finite fields. J. Soc. Ind. Appl. Math. 8(2), 300–304 (1960)

    Article  MathSciNet  MATH  Google Scholar 

  14. Rodrigues, R., Liskov, B.: High availability in DHTs: erasure coding vs. replication. In: Castro, M., Renesse, R. (eds.) IPTPS 2005. LNCS, vol. 3640, pp. 226–239. Springer, Heidelberg (2005). doi:10.1007/11558989_21

    Chapter  Google Scholar 

  15. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). doi:10.1007/11426639_27

    Chapter  Google Scholar 

  16. Singh, R., Kumar, S., Agrahari, S.K.: Ensuring data storage security in cloud computing. Int. J. Eng. Comput. 2(12), 17–21 (2012)

    Google Scholar 

  17. Ungureanu, C., Atkin, B., Aranya, A., Gokhale, S., Rago, S., Calkowski, G., Dubnicki, C., Bohra, A.: Hydrafs: a high-throughput file system for the hydrastor content-addressable storage system. In: FAST, pp. 225–238 (2010)

    Google Scholar 

  18. Wan, Z., Liu, J., Deng, R.H.: Hasbe: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE Trans. Inf. Forensics Secur. 7(2), 743–754 (2012)

    Article  Google Scholar 

  19. Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for data storage security in cloud computing. In: 2010 IEEE Proceedings of INFOCOM, pp. 1–9. IEEE (2010)

    Google Scholar 

  20. Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)

    Article  Google Scholar 

  21. Wang, Y., Li, S.: Research and performance evaluation of data replication technology in distributed storage systems. Comput. Math. Appl. 51(11), 1625–1632 (2006)

    Article  Google Scholar 

  22. Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011). doi:10.1007/978-3-642-19379-8_4

    Chapter  Google Scholar 

  23. Weatherspoon, H., Kubiatowicz, J.D.: Erasure coding vs. replication: a quantitative comparison. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 328–337. Springer, Heidelberg (2002). doi:10.1007/3-540-45748-8_31

    Chapter  Google Scholar 

  24. Yang, K., Jia, X., Ren, K.: Attribute-based fine-grained access control with efficient revocation in cloud storage systems. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 523–528. ACM (2013)

    Google Scholar 

  25. Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: 2010 IEEE Proceedings INFOCOM, pp. 1–9. IEEE (2010)

    Google Scholar 

Download references

Acknowledgments

This work was supported by the Foundation of Nanjing University of Posts and Telecommunications (Grant No. NY213085 and No. NY214069), the NSFC (No. 61502247, 11501302, 61502243), Natural Science Foundation of Jiangsu Province (BK20140895, BK20130417).

Author information

Authors and Affiliations

  1. School of Computer Science and Technology, School of Software, Institute of Computer Technology, Nanjing University of Posts and Telecommunications, Nanjing, 210023, China

    Huakang Li, Zhenyu Wang, Yitao Yang & Guozi Sun

Authors
  1. Huakang Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhenyu Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yitao Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Guozi Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Guozi Sun .

Editor information

Editors and Affiliations

  1. Guangzhou University, Guangzhou, China

    Guojun Wang

  2. Department of Computer Science, Colorado State University, Fort Collins, Colorado, USA

    Indrakshi Ray

  3. University of the West of Scotland, Paisley, Glasgow, United Kingdom

    Jose M. Alcaraz Calero

  4. Indian Institute of Information Technology and Management, Kerala (IIITMK), Trivandrum, Kerala, India

    Sabu M. Thampi

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Li, H., Wang, Z., Yang, Y., Sun, G. (2016). A Security Proxy Scheme Based on Attribute Node Mapping for Cloud Storage. In: Wang, G., Ray, I., Alcaraz Calero, J., Thampi, S. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2016. Lecture Notes in Computer Science(), vol 10066. Springer, Cham. https://doi.org/10.1007/978-3-319-49148-6_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-49148-6_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-49147-9

  • Online ISBN: 978-3-319-49148-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation