| With abundant network resources,cloud computing provides computing and storage services to cloud users,which breaks the limits of cloud users' local resources.However,a cloud server cannot be fully trusted.In order to protect users' sensitive data against unauthorized access,access control mechanisms are generally deployed in cloud server.However,with the continuous strengthening of collaboration among different entities,some data are not only related to a single data owner,but sometimes involve multiple data owners.For example,some data(e.g.,virus' s DNA library)may undergo multiple rounds of data processing.The first-level owner authorizes some users to access his/her data,and one of the authorized users may combine its own data to further process the data,and then share its processed result,thus this authorized user becomes a second-layer data owner,and so on.Thus,the final data results are relevant to multiple data processors.Therefore,it is necessary that multi-level data owners should jointly determine who can access the final result.If a user only acquired the last owner authorization,it may impair the previous data owners who contributes to the data processing.In particular,we call this scenario Multi-Level Data Processing(MLDP).However,traditional one-to-many access control mechanisms(e.g.,Attribute-based Access Control,etc.)can just prevent unauthorized entities from accessing the private data of a single owner,which is not feasible to be applied into the situations where multiple owners jointly control data access.Exiting multi-party access control(MAPC)mechanisms mainly face the following challenges.First,most MPAC schemes aim at online social networks,which mainly focuses on coordinating access control policies among multiple owners,and are not suitable for multi-party access control in cloud computing.Second,a few multi-party access control schemes for cloud storage only address the problem that multiple owners jointly manage a data record,and their efficiency and security are poor.No work can solve the multi-authorization issue of multi-level data processing results.Third,user revocation in MPAC mechanism is still an open issue.Hence,it is imperative to have a flexible and secure multi-party access control mechanism for MLDP scenarios.To address the above problems,we design an efficient,secure,and flexible MPAC mechanism based on Intel SGX technology to support access control of multi-level data processing result.It consists of three parts: 1)We designed a lightweight SGX-based key management mechanism to support multi-party access control in MLDP,while solving key revocation issue in SGX.2)Based on the key management scheme,we propose a scalable MPAC frame- work that supports secure data processing and multi-party access control of multi-level data processing results,called EMPAC.3)We propose a data protection scheme based on game theory.Undercover polices are set up to punish a cheating behavior of non-root data owners to address the problem of unauthorized data disclosure by a non-root data owner for profit.Moreover,we analyze the security and computational complexity of EMPAC and compare our scheme with the existing MPAC scheme.At the same time,we also carry out system implementation and experimental simulation for evaluating the performance of the designed scheme.The final results show that our scheme is secure and efficient,and with sound scalability.Finally,we simulate the game between a large number of data owners and users,and prove the correctness of the proposed data protection scheme. |
PDF Full Text Request