Privacy Enhanced Access Control for Outsourced Data Sharing
joint work with Hang Zhao, Steven Bellovin

Motivation: Traditional access control models often assume that the entity enforcing access control policies is also the owner of data and resources. This assumption no longer holds when the data is outsourced to a third-party storage provider, such as the cloud. Existing access control solutions mainly focus on preserving the confidentiality of the stored data from unauthorized access and the storage provider. While existing access control solutions for outsourced storage mainly focus on preserving the confidentiality of the stored data from unauthorized access and the storage provider, when we want to facilitate data sharing among the users of the storage seervice access control policies as well as users' access patterns also become privacy sensitive information that should be protected from the cloud. Is there a mechanism that would allow the cloud to facilitate access control enforcement for data sharing between its users in an oblivious manner that would still offer a level of protection for the privacy of the access control rules and the data accesses of different users?

Results: We propose a two-level access control scheme that combines coarse-grained access control enforced at the cloud, which allows to get acceptable communication overhead and at the same time limits the information that the cloud learns from his partial view of the access rules and the access patterns, and fine-grained cryptographic access control enforced at the user's side, which provides the desired expressiveness of the access control policies. Our solution handles both read and write access control. The idea of our approach is to divide the data stored at the cloud into access blocks. These access blocks constitute the coarse-grained level view of the stored data. The cloud provider is presented with this view and enforce access control at this granularity. He is able to match an authorized request to an access block that contains the requested file. Upon a read request the cloud would provide the content of the entire matching block to the user. Upon a write request he shall accept only authorized updates for some content of that block and also obliviously match them to the corresponding files. At the fine-grained level, each access block consists of files owned by a single owner. Each data owner is responsible for distributing his files into blocks, and defines fine-grained access control policies that specify users' access rights to individual files. Access control at the fine-grained level is enforced obliviously with respect to the cloud through the encryption of the files without an access block and appropriate key distribution among the users that would access each block.



  • Privacy Enhanced Access Control for Outsourced Data Sharing Paper, Financial Cryptography 2012