| With the widely use of cloud service,people are more likely to outsource data to cloud storage services so as to reduce data management costs.This new computing pattern can improve the efficiency and save the cost, but it also brings more issues about privacy of outsourced data at the same time. The most straightforward approach to protect outsourced data is to apply cryptographic encryption onto sensitive data and then distribute the key only to those authorized users. However, once the key is compromised, it would be a great threat to the privacy of sensitive data. Therefore, a new technique is presented called assured deletion, meaning that the expired or backup data is reliably deleted physically and remain permanently unrecoverable and inaccessible by any party.Data assured deletion is often treated as key management problem to expand the further researcher work. The representative schemes that can be divided into two kinds, the centralized management and the distributed management. The basic idea of the former is to host the key by means of the third party key manager and delete the key after a user specified time, so no one can recover the plaintext data. However, the life cycle of the key is controlled by a trusted third party, which may lead to security risks when the key is leaked or the mechanism is not credible to delete the key On the contrary, the distributed management which stores the shares of the key in a large and public P2 P network by adopting the Distributed Hash Table(DHT) can destroy the key automatically without the participation of any entity. Applying such methods aforementioned, data can be assured deleted by destroying the key. However, the key can be easily obtained by malicious attacks and at the same time if the data or backups stored in the cloud storage haven’t been deleted definitely, which lead to the destruction of data’s confidential in the cloud storage.In the present paper, we introduces a new sheme based on ciphertext sample slice named ADCSS to slove the problems mentioned above. The scheme takes advantages of the CPABE mechanism to meet the requirement of secure share and fine-grained access control. Moreover, it can ensure that cloud only stores the incomplete data by using the idea of ciphertext sample slice. This can also guarantee the top confidentiality of outsourced data even the key is obtained by accident or by malicious attacks. Moreover, the goal ofassured deletion can be achieved by destroying the exact ciphertext. Theoretical analysis and experimental results demonstrate that our scheme proposed in this paper can meet the requirement of the assured deletion of the sensitive data on cloud storage. What’s more, our scheme performs higher security than the existing ones with low performance overhead. |
PDF Full Text Request