Achieving Secure, Flexible, Effective and Privacy Preserving Data Access Control in Cloud Computing

Background: The cloud storage service allows its users to easily store, manage and share their data using large variety of devices. However, upon outsourcing their data, the users require ways to ensure their data confidentiality without losing their granular and flexible data sharing capabilities. Method: We propose a scheme, based on cipher-text policy attribute based encryption that uses threshold- gate access structures as the main access structure. The proposed scheme is able to maintain data confidentiality while providing data owners with an efficient, flexible, scalable and easily manageable access control and efficient revocation. Results: The Experimental results show that the usage of threshold gate access structures results in a large increase in the efficiency of the encryption operation. Moreover, the proposed revocation process is able to achieve both forward and backward security while maintaining a low overhead on the data owner and the users. Conclusion: The proposed scheme uses threshold gate access structures which increases the flexibility of the access structure and reduces the size of linear secret sharing matrices and the computational overhead of the encryption scheme when having complex access structures. The scheme also introduces an efficient revocation operation that is able to achieve forward and backward security without incurring a large computation, storage or communication overhead.