A user-controlled file security scheme for cloud services

May 22, 2017, Agency for Science, Technology and Research (A*STAR), Singapore
“Cloud storage services make data storage and sharing more efficient and cost-effective, but their use requires trust in the cloud’s security.” Credit: Wavebreak Media Ltd/123rf

By securing data files with a 'need-to-know' decryption key, researchers at Singapore's Agency for Science, Technology and Research (A*STAR) have developed a way to control access to cloud-hosted data in real time, adding an extra layer of security for data sharing via the Internet.

Cloud-based file storage has rapidly become one of the most popular uses of the Internet, allowing files to be safely saved in a virtual drive that is often replicated on numerous around the world. Cloud storage theoretically provides near-seamless backup and data redundancy, preventing data loss and also enabling files to be shared among users almost anywhere. However, proper treatment of sensitive or confidential information stored on the cloud cannot be taken for granted: the security of the cloud environment is not immune to hacker attacks or misuse by a cloud provider.

"Cloud storage services make data storage and sharing more efficient and cost-effective, but their use requires trust in the cloud's security," explains Jianying Zhou from the A*STAR Institute for Infocomm Research. "We wanted to find a way to ease the security concerns by creating a system that does not require the data owner to trust the cloud service or assume perfect protection against hacking."

The scheme Zhou and his team developed allows access to an individual file hosted on a to be issued or revoked in , and eliminates the possibility that files can be taken offline and accessed without authorization.

Zhou explains the process. "The file owner, Alice, generates the proxy keys, which define who can decrypt the file, for example Bob, and gives them to the cloud server. When Bob wants to access the encrypted file in the cloud, the cloud server needs to first decrypt the file for Bob using the proxy key as well as the cloud server's private key. This results in an intermediate decryption that the cloud server passes to Bob. He then uses his private key to decrypt the file to get the plaintext file. If Alice wants to revoke Bob's access, she simply informs the cloud server to remove his proxy key."

The scheme allows the data owner to retain control over file access while making use of all the other benefits of cloud hosting. Importantly, it is applicable at the per-file and per-user level, and has 'lightweight' user decryption, meaning that files can be opened quickly even on mobile devices such as smart phones.

"Our technology could be used to provide scalable and fine-grained access control to various bodies of data collected by different organizations and shared via the cloud, with applications in areas such as healthcare, finance and data-centric cloud applications," says Zhou.

Explore further: User-controlled system makes it possible to instantly revoke access to files hosted on internet cloud servers

Related Stories

The key to private and efficient data storage

May 1, 2017

Cloud storage services, like Dropbox and Gmail, may soon be able to better manage your content, giving you more storage capacity while still being unable to 'read' your data.

Is fog more secure than cloud?

March 17, 2017

Computer scientists in Italy are working on a new concept for remote and distributed storage of documents that could have all the benefits of cloud computing but without the security issues of putting one's sensitive documents ...

Cracks emerge in the cloud

June 20, 2014

A systematic analysis reveals that cloud storage services have security weaknesses that can inadvertently leak users' data.

Dew helps ground cloud computing

September 15, 2015

The most obvious disadvantage of putting your data in the cloud is losing access when you have no internet connection. According to research publishes in the International Journal of Cloud Computing, this is where "dew" could ...

Recommended for you

Can China keep it's climate promises?

March 26, 2019

China can easily meet its Paris climate pledge to peak its greenhouse gas emissions by 2030, but sourcing 20 percent of its energy needs from renewables and nuclear power by that date may be considerably harder, researchers ...

What happened before the Big Bang?

March 26, 2019

A team of scientists has proposed a powerful new test for inflation, the theory that the universe dramatically expanded in size in a fleeting fraction of a second right after the Big Bang. Their goal is to give insight into ...

Cellular microRNA detection with miRacles

March 26, 2019

MicroRNAs (miRNAs) are short noncoding regulatory RNAs that can repress gene expression post-transcriptionally and are therefore increasingly used as biomarkers of disease. Detecting miRNAs can be arduous and expensive as ...

In the Tree of Life, youth has its advantages

March 26, 2019

It's a question that has captivated naturalists for centuries: Why have some groups of organisms enjoyed incredibly diversity—like fish, birds, insects—while others have contained only a few species—like humans.

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.