Browse > Article
http://dx.doi.org/10.3837/tiis.2014.08.008

A Fast and Secure Scheme for Data Outsourcing in the Cloud  

Liu, Yanjun (Key Laboratory of Intelligent Computing and Signal Processing of Ministry of Education, School of Computer Science and Technology, Anhui University)
Wu, Hsiao-Ling (Department of Information Engineering and Computer Science, Feng Chia University)
Chang, Chin-Chen (Department of Computer Science and Information Engineering, Asia University)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.8, no.8, 2014 , pp. 2708-2721 More about this Journal
Abstract
Data outsourcing in the cloud (DOC) is a promising solution for data management at the present time, but it could result in the disclosure of outsourced data to unauthorized users. Therefore, protecting the confidentiality of such data has become a very challenging issue. The conventional way to achieve data confidentiality is to encrypt the data via asymmetric or symmetric encryptions before outsourcing. However, this is computationally inefficient because encryption/decryption operations are time-consuming. In recent years, a few DOC schemes based on secret sharing have emerged due to their low computational complexity. However, Dautrich and Ravishankar pointed out that most of them are insecure against certain kinds of collusion attacks. In this paper, we proposed a novel DOC scheme based on Shamir's secret sharing to overcome the security issues of these schemes. Our scheme can allow an authorized data user to recover all data files in a specified subset at once rather than one file at a time as required by other schemes that are based on secret sharing. Our thorough analyses showed that our proposed scheme is secure and that its performance is satisfactory.
Keywords
Data outsourcing; cloud; secret sharing; security; computational complexity;
Citations & Related Records
연도 인용수 순위
  • Reference
1 M. Zhou, Y. Mu, W. Susilo, J. Yan and L. Dong, "Privacy enhanced data outsourcing in the cloud," Journal of Network and Computer Applications, vol. 35, no. 4, pp. 1367-1373, 2012.   DOI   ScienceOn
2 C. Wang, N. Cao, K. Ren and W. Lou, "Enabling secure and efficient ranked keyword search over outsourced cloud data," IEEE Transactions on Parallel and Distributed Systems, vol. 23, no. 8, pp. 1467-1479, 2012.   DOI   ScienceOn
3 N. Giweli, S. Shahrestani and H. Cheung, "Enhancing data privacy and access anonymity in cloud computing," Communications of the IBIMA, article in press, 2013,
4 M. A. Hadavi and R. Jalili, "Secure data outsourcing based on threshold secret sharing; towards a more practical solution," in Proc. of Proceedings of the 36th International Conference on Very Large Data Bases, Singapore, pp. 54-59, Sep. 2010.
5 D. Agrawal, A. A. El, F. Emekci, A.Metwally and S. Wang, "Secure data management service on cloud computing infrastructures," Proceedings of Service and Application Design Challenges in the Cloud, pp. 57-80, 2011.
6 X. Tian, C. Sha, X. Wang and A. Zhou, "Privacy preserving query processing on secret share based data storage," in Proc. of Proceedings of the 16th International Conference on Database Systems for Advanced Applications, Hong Kong, China, pp. 108-122, Apr. 2011.
7 L. Harn and C. Lin, "Strong (n, t, n) verifiable secret sharing scheme," Information Sciences, vol. 180, no. 16, pp. 3059-3064, 2010.   DOI   ScienceOn
8 J. L. Dautrich and C. V. Ravishankar, "Security limitations of using secret sharing for data outsourcing," in Proc. of Proceedings of the 26th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, Paris, France, pp. 145-160, Jul. 2012.
9 A. Shamir, "How to share a secret," Communications of the ACM, vol. 22, no. 11, pp. 612-613, 1979.   DOI   ScienceOn
10 G. R. Blakley, "Safeguarding cryptographic keys," Proceedings of American Federation of Information Processing Societies National Computer Conference, New York, USA, vol. 48, pp. 313-317, Nov. 1979.
11 C. Guo and C. C. Chang, "An authenticated group key distribution protocol based on the generalized Chinese remainder theorem," International Journal of Communication Systems, article in press, 2012.
12 L. Harn and C. Lin, "Authenticated group key transfer protocol based on secret sharing," IEEE Transactions on Computers, vol. 59, no. 6, pp. 842-846, 2010.   DOI   ScienceOn
13 Liu Y., L. Harn and C. C. Chang, "An authenticated group key distribution mechanism using theory of numbers," International Journal of Communication Systems, article in press, 2013, DOI: 10.1002/dac.2569.
14 L. Harn, "Group authentication," IEEE Transactions on Computers, vol. 62, no. 9, pp. 1893-1898, 2013.   DOI   ScienceOn
15 Schneier B., Applied cryptography, protocols, algorithms, and source code in C, 2nd Edition, John Wiley and Sons Inc., New York, U.S.A., 1996.
16 M. N. O. Sadiku, S. M. Musa and O. D.Momoh, "Cloud computing: opportunities and challenges," IEEE Potentials, vol. 33, no. 1, pp. 34-36, 2014.   DOI   ScienceOn
17 M. P. Raykova, S.M. Bellovin and H. Zhao, "Privacy enhanced access control for outsourced data sharing," Proceedings of Financial Cryptography and Data Security, Kralendijk, Bonaire, pp. 223-238, Mar. 2012.
18 M. Armbrust, A.Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin and M. Zaharia, "Above the clouds: a berkeley view of cloud computing," University of California, Berkeley, Technical Report No. UCB/EECS-2009-28, Feb. 2009.
19 J. Hur and D. K. Noh, "Attribute-based access control with efficient revocation in data outsourcing systems," IEEE Transactions on Parallel and Distributed Systems, vol. 22, no. 7, pp. 1214-1221, 2011.   DOI   ScienceOn
20 Y. Lu and G. Tsudik, "Enhancing data privacy in the cloud," Proceedings of IFIP Advances in Information and Communication Technology, Copenhagen, Denmark, pp. 117-132, 2011. PMCid:PMC3630519