Who is touching my cloud

Hua Deng; Qianhong Wu; Bo Qin; Jian Mao; Xiao Liu; Lei Zhang; Wenchang Shi

doi:10.1007/978-3-319-11203-9_21

Who is touching my cloud

Hua Deng
, Qianhong Wu
, Bo Qin^*
, Jian Mao
, Xiao Liu
, Lei Zhang
, Wenchang Shi

^*此作品的通讯作者

软件工程学院

Wuhan University
Beihang University
School of Information
Academy of Satellite Application

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

27 引用（Scopus）

摘要

Advanced access controls have been proposed to secure sensitive data maintained by a third party. A subtle issue in such systems is that some access credentials may be leaked due to various reasons, which could severely damage data security. In this paper, we investigate leakage tracing enabled access control over outsourced data, so that one can revoke the suspected leaked credentials or prepare judicial evidences for legal procedure if necessary. Specifically, we propose a leaked access credential tracing (LACT) framework to secure data outsourced to clouds and formalize its security model. Following the framework, we construct a concrete LACT scheme that is provably secure. The proposed scheme offers fine-grained access control over outsourced data, by which the data owner can specify an access policy to ensure that the data is only accessible to the users meeting the policy. In case of suspectable illegal access to outsourced data with leaked credentials, a tracing procedure can be invoked to tracing in a black-box manner at least one of the users who leaked their access credentials. The tracing procedure can run without the cloud service provider being disturbed. Analysis shows that the introduction of tracing access credential leakage incurs little additional cost to either data outsourcing or access procedure.

源语言	英语
主期刊名	Computer Security, ESORICS 2014 - 19th European Symposium on Research in Compter Security, Proceedings
出版商	Springer Verlag
页	362-379
页数	18
版本	PART 1
ISBN（印刷版）	9783319112022
DOI	https://doi.org/10.1007/978-3-319-11203-9_21
出版状态	已出版 - 2014
活动	19th European Symposium on Research in Computer Security, ESORICS 2014 - Wroclaw, 波兰期限: 7 9月 2014 → 11 9月 2014

出版系列

姓名	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
编号	PART 1
卷	8712 LNCS
ISSN（印刷版）	0302-9743
ISSN（电子版）	1611-3349

会议

会议	19th European Symposium on Research in Computer Security, ESORICS 2014
国家/地区	波兰
市	Wroclaw
时期	7/09/14 → 11/09/14

访问文件

10.1007/978-3-319-11203-9_21

其它文件与链接

链接到 Scopus 的出版物

引用此

Deng, H., Wu, Q., Qin, B., Mao, J., Liu, X., Zhang, L., & Shi, W. (2014). Who is touching my cloud. 在 Computer Security, ESORICS 2014 - 19th European Symposium on Research in Compter Security, Proceedings (PART 1 编辑, 页码 362-379). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); 卷 8712 LNCS, 号码 PART 1). Springer Verlag. https://doi.org/10.1007/978-3-319-11203-9_21

@inproceedings{749f6a82388e4f3d8a25fac20f4f257a,

title = "Who is touching my cloud",

abstract = "Advanced access controls have been proposed to secure sensitive data maintained by a third party. A subtle issue in such systems is that some access credentials may be leaked due to various reasons, which could severely damage data security. In this paper, we investigate leakage tracing enabled access control over outsourced data, so that one can revoke the suspected leaked credentials or prepare judicial evidences for legal procedure if necessary. Specifically, we propose a leaked access credential tracing (LACT) framework to secure data outsourced to clouds and formalize its security model. Following the framework, we construct a concrete LACT scheme that is provably secure. The proposed scheme offers fine-grained access control over outsourced data, by which the data owner can specify an access policy to ensure that the data is only accessible to the users meeting the policy. In case of suspectable illegal access to outsourced data with leaked credentials, a tracing procedure can be invoked to tracing in a black-box manner at least one of the users who leaked their access credentials. The tracing procedure can run without the cloud service provider being disturbed. Analysis shows that the introduction of tracing access credential leakage incurs little additional cost to either data outsourcing or access procedure.",

keywords = "access control, access credential leakage, cloud storage, data privacy, digital forensics",

author = "Hua Deng and Qianhong Wu and Bo Qin and Jian Mao and Xiao Liu and Lei Zhang and Wenchang Shi",

year = "2014",

doi = "10.1007/978-3-319-11203-9\_21",

language = "英语",

isbn = "9783319112022",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

number = "PART 1",

pages = "362--379",

booktitle = "Computer Security, ESORICS 2014 - 19th European Symposium on Research in Compter Security, Proceedings",

address = "德国",

edition = "PART 1",

note = "19th European Symposium on Research in Computer Security, ESORICS 2014 ; Conference date: 07-09-2014 Through 11-09-2014",

}

Deng, H, Wu, Q, Qin, B, Mao, J, Liu, X, Zhang, L & Shi, W 2014, Who is touching my cloud. 在 Computer Security, ESORICS 2014 - 19th European Symposium on Research in Compter Security, Proceedings. PART 1 编辑, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 号码 PART 1, 卷 8712 LNCS, Springer Verlag, 页码 362-379, 19th European Symposium on Research in Computer Security, ESORICS 2014, Wroclaw, 波兰, 7/09/14. https://doi.org/10.1007/978-3-319-11203-9_21

Who is touching my cloud. / Deng, Hua; Wu, Qianhong; Qin, Bo 等.
Computer Security, ESORICS 2014 - 19th European Symposium on Research in Compter Security, Proceedings. PART 1. 编辑 Springer Verlag, 2014. 页码 362-379 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); 卷 8712 LNCS, 号码 PART 1).

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

TY - GEN

T1 - Who is touching my cloud

AU - Deng, Hua

AU - Wu, Qianhong

AU - Qin, Bo

AU - Mao, Jian

AU - Liu, Xiao

AU - Zhang, Lei

AU - Shi, Wenchang

PY - 2014

Y1 - 2014

N2 - Advanced access controls have been proposed to secure sensitive data maintained by a third party. A subtle issue in such systems is that some access credentials may be leaked due to various reasons, which could severely damage data security. In this paper, we investigate leakage tracing enabled access control over outsourced data, so that one can revoke the suspected leaked credentials or prepare judicial evidences for legal procedure if necessary. Specifically, we propose a leaked access credential tracing (LACT) framework to secure data outsourced to clouds and formalize its security model. Following the framework, we construct a concrete LACT scheme that is provably secure. The proposed scheme offers fine-grained access control over outsourced data, by which the data owner can specify an access policy to ensure that the data is only accessible to the users meeting the policy. In case of suspectable illegal access to outsourced data with leaked credentials, a tracing procedure can be invoked to tracing in a black-box manner at least one of the users who leaked their access credentials. The tracing procedure can run without the cloud service provider being disturbed. Analysis shows that the introduction of tracing access credential leakage incurs little additional cost to either data outsourcing or access procedure.

AB - Advanced access controls have been proposed to secure sensitive data maintained by a third party. A subtle issue in such systems is that some access credentials may be leaked due to various reasons, which could severely damage data security. In this paper, we investigate leakage tracing enabled access control over outsourced data, so that one can revoke the suspected leaked credentials or prepare judicial evidences for legal procedure if necessary. Specifically, we propose a leaked access credential tracing (LACT) framework to secure data outsourced to clouds and formalize its security model. Following the framework, we construct a concrete LACT scheme that is provably secure. The proposed scheme offers fine-grained access control over outsourced data, by which the data owner can specify an access policy to ensure that the data is only accessible to the users meeting the policy. In case of suspectable illegal access to outsourced data with leaked credentials, a tracing procedure can be invoked to tracing in a black-box manner at least one of the users who leaked their access credentials. The tracing procedure can run without the cloud service provider being disturbed. Analysis shows that the introduction of tracing access credential leakage incurs little additional cost to either data outsourcing or access procedure.

KW - access control

KW - access credential leakage

KW - cloud storage

KW - data privacy

KW - digital forensics

UR - https://www.scopus.com/pages/publications/84906504763

U2 - 10.1007/978-3-319-11203-9_21

DO - 10.1007/978-3-319-11203-9_21

M3 - 会议稿件

AN - SCOPUS:84906504763

SN - 9783319112022

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 362

EP - 379

BT - Computer Security, ESORICS 2014 - 19th European Symposium on Research in Compter Security, Proceedings

PB - Springer Verlag

T2 - 19th European Symposium on Research in Computer Security, ESORICS 2014

Y2 - 7 September 2014 through 11 September 2014

ER -

Deng H, Wu Q, Qin B, Mao J, Liu X, Zhang L 等. Who is touching my cloud. 在 Computer Security, ESORICS 2014 - 19th European Symposium on Research in Compter Security, Proceedings. PART 1 编辑 Springer Verlag. 2014. 页码 362-379. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); PART 1). doi: 10.1007/978-3-319-11203-9_21

Who is touching my cloud

摘要

出版系列

会议

访问文件

其它文件与链接

指纹

引用此