Speaker
Shasha Zhu
Title
Fuzzy Authorization for Cloud Storage
Abstract
It is widely accepted that Oauth is the most popular authorization scheme adopted and implemented by industrial and academic world, however, it is difficult to adapt Oauth to the situation in which online applications registered with one cloud party intends to access data residing in another cloud party. In this paper, by leveraging Ciphertext-Policy Attribute Based Encryption technique and Elgmal-like mask over the protocol, we propose a reading authorization scheme among diverse clouds, which is called fuzzy authorization, to facilitate an application registered with one cloud party to access to data residing in another cloud party. More importantly, we enable the fuzziness of authorization thus to enhance the scalability and flexibity of file sharing by taking advantage of the innate connections of Linear Secret-Sharing Scheme and Generized Reed Solomon code. Furthermore, by conducting error checking and error correction, we eliminate operation of satisfying a access tree. In addition, the automatic revocation is realized with update of TimeSlot attribute when data owner modifies the data. We prove the security of our schemes under the selective-attribute security model. The protocol flow of fuzzy authorization is implemented with OMNET++ 4.2.2 and the bilinear pairing is realized with PBC library. Simulation results show that our scheme can achieve fuzzy authorization among heterogeneous clouds with security and efficiency.
Supervisors
Professors Guang Gong and Bosco Leung