رمزگذاری مجدد پروکسی در محاسبات ابری موبایل
Abstract
1- Introduction
2- Related works
3- Preliminaries
4- Problem statement
5- Cloud-based multi-authority ABE access control and offline proxy re-encryption
6- Security analysis
7- Performance analysis
8- Discussion
9- Conclusion
References
Abstract
This paper addresses the always online behavior of the data owner in proxy re-encryption schemes for re-encryption keys issuing. We extend and adapt multi-authority ciphertext policy attribute based encryption techniques to type-based proxy re-encryption to build our solution. As a result, user authentication and user authorization are moved to the cloud server which does not require further interaction with the data owner, data owner and data users identities are hidden from the cloud server, and re-encryption keys are only issued to legitimate users. An in depth analysis shows that our scheme is secure, flexible and efficient for mobile cloud computing.
Introduction
Mobile cloud computing enables mobile devices to perform heavy resource-demanding tasks thanks to the availability of cloud-based resources through heterogeneous wireless networks. An exhaustive description of mobile cloud computing (MCC) architecture can be found in [1]. As more mobile devices are increasingly being used nowadays to store and process personal and corporate data [2], there are growing concerns regarding the privacy and confidentiality of sensitive data as the device can be stolen, compromised or hacked. Moreover, applications running on the mobile device should consume the least possible amount of energy. Therefore, any security solution designed for mobile cloud data storage should be mobile device resource-friendly. The main drawback of outsourcing data to the cloud is that sensitive data can be accessed by a breached cloud service provider (CSP), as well as by some unauthorized users, leading to a confidentiality breach. Encryption has been proposed as a solution to secure data. However, only a limited number of operations can be performed on encrypted data, with one operation of interest being the search over encrypted cloud data as described in [3]. Requiring the user to download all the encrypted data locally before attempting decryption incurs many inconveniences among which, a high data transmission overload and, due to the cloud computing principle of pay-as-you-go, high financial expenditures. Such scheme additionally poses a problem of user authentication and authorization as arbitrary ciphertexts from different data owners can directly be accessed by any user without prior authorization mean.