SeDaSC: Secure Data Sharing in Clouds

Ali, M; Dhamotharan, R; Khan, E; Khan, SU; Vasilakos, AV; Li, K; Zomaya, AY

SeDaSC: Secure Data Sharing in Clouds

Ali, M Dhamotharan, R Khan, E Khan, SU Vasilakos, AV Li, K Zomaya, AY

Permalink

Publisher:: Institute of Electrical and Electronics Engineers
Publication Type:: Journal Article
Citation:: IEEE Systems Journal, 2017, 11, (2), pp. 395-404
Issue Date:: 2017-06-01

Closed Access

	Filename	Description	Size
	SeDaSC_Secure_Data_Sharing_in_Clouds.pdf		871.37 kB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Closed Access

This item is closed access and not available.

Full metadata record

Field	Value	Language
dc.contributor.author	Ali, M
dc.contributor.author	Dhamotharan, R
dc.contributor.author	Khan, E
dc.contributor.author	Khan, SU
dc.contributor.author	Vasilakos, AV
dc.contributor.author	Li, K
dc.contributor.author	Zomaya, AY
dc.date.accessioned	2022-08-23T04:14:14Z
dc.date.available	2022-08-23T04:14:14Z
dc.date.issued	2017-06-01
dc.identifier.citation	IEEE Systems Journal, 2017, 11, (2), pp. 395-404
dc.identifier.issn	1932-8184
dc.identifier.issn	1937-9234
dc.identifier.uri	http://hdl.handle.net/10453/160731
dc.description.abstract	Cloud storage is an application of clouds that liberates organizations from establishing in-house data storage systems. However, cloud storage gives rise to security concerns. In case of group-shared data, the data face both cloud-specific and conventional insider threats. Secure data sharing among a group that counters insider threats of legitimate yet malicious users is an important research issue. In this paper, we propose the Secure Data Sharing in Clouds (SeDaSC) methodology that provides: 1) data confidentiality and integrity; 2) access control; 3) data sharing (forwarding) without using compute-intensive reencryption; 4) insider threat security; and 5) forward and backward access control. The SeDaSC methodology encrypts a file with a single encryption key. Two different key shares for each of the users are generated, with the user only getting one share. The possession of a single share of a key allows the SeDaSC methodology to counter the insider threats. The other key share is stored by a trusted third party, which is called the cryptographic server. The SeDaSC methodology is applicable to conventional and mobile cloud computing environments. We implement a working prototype of the SeDaSC methodology and evaluate its performance based on the time consumed during various operations. We formally verify the working of SeDaSC by using high-level Petri nets, the Satisfiability Modulo Theories Library, and a Z3 solver. The results proved to be encouraging and show that SeDaSC has the potential to be effectively used for secure data sharing in the cloud.
dc.language	English
dc.publisher	Institute of Electrical and Electronics Engineers
dc.relation.ispartof	IEEE Systems Journal
dc.relation.isbasedon	10.1109/JSYST.2014.2379646
dc.rights	info:eu-repo/semantics/closedAccess
dc.subject	0906 Electrical and Electronic Engineering
dc.subject.classification	Operations Research
dc.title	SeDaSC: Secure Data Sharing in Clouds
dc.type	Journal Article
utslib.citation.volume	11
utslib.for	0906 Electrical and Electronic Engineering
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Electrical and Data Engineering
utslib.copyright.status	closed_access	*
pubs.consider-herdc	false
dc.date.updated	2022-08-23T04:14:13Z
pubs.issue	2
pubs.publication-status	Published
pubs.volume	11
utslib.citation.issue	2

Abstract:

Cloud storage is an application of clouds that liberates organizations from establishing in-house data storage systems. However, cloud storage gives rise to security concerns. In case of group-shared data, the data face both cloud-specific and conventional insider threats. Secure data sharing among a group that counters insider threats of legitimate yet malicious users is an important research issue. In this paper, we propose the Secure Data Sharing in Clouds (SeDaSC) methodology that provides: 1) data confidentiality and integrity; 2) access control; 3) data sharing (forwarding) without using compute-intensive reencryption; 4) insider threat security; and 5) forward and backward access control. The SeDaSC methodology encrypts a file with a single encryption key. Two different key shares for each of the users are generated, with the user only getting one share. The possession of a single share of a key allows the SeDaSC methodology to counter the insider threats. The other key share is stored by a trusted third party, which is called the cryptographic server. The SeDaSC methodology is applicable to conventional and mobile cloud computing environments. We implement a working prototype of the SeDaSC methodology and evaluate its performance based on the time consumed during various operations. We formally verify the working of SeDaSC by using high-level Petri nets, the Satisfiability Modulo Theories Library, and a Z3 solver. The results proved to be encouraging and show that SeDaSC has the potential to be effectively used for secure data sharing in the cloud.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/160731