This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Secure Overlay Cloud Storage with Access Control and Assured Deletion
Nov.-Dec. 2012 (vol. 9 no. 6)
pp. 903-916
Yang Tang, The Chinese University of Hong Kong, Hong Kong
Patrick P.C. Lee, The Chinese University of Hong Kong, Hong Kong
John C.S. Lui, The Chinese University of Hong Kong, Hong Kong
Radia Perlman, Intel Labs, Santa Clara
We can now outsource data backups off-site to third-party cloud storage services so as to reduce data management costs. However, we must provide security guarantees for the outsourced data, which is now maintained by third parties. We design and implement FADE, a secure overlay cloud storage system that achieves fine-grained, policy-based access control and file assured deletion. It associates outsourced files with file access policies, and assuredly deletes files to make them unrecoverable to anyone upon revocations of file access policies. To achieve such security goals, FADE is built upon a set of cryptographic key operations that are self-maintained by a quorum of key managers that are independent of third-party clouds. In particular, FADE acts as an overlay system that works seamlessly atop today's cloud storage services. We implement a proof-of-concept prototype of FADE atop Amazon S3, one of today's cloud storage services. We conduct extensive empirical studies, and demonstrate that FADE provides security protection for outsourced data, while introducing only minimal performance and monetary cost overhead. Our work provides insights of how to incorporate value-added security features into today's cloud storage services.
Index Terms:
Cloud computing,Access control,Encryption,Secure storage,Peer to peer computing,cloud storage,Access control,assured deletion,backup/recovery
Citation:
Yang Tang, Patrick P.C. Lee, John C.S. Lui, Radia Perlman, "Secure Overlay Cloud Storage with Access Control and Assured Deletion," IEEE Transactions on Dependable and Secure Computing, vol. 9, no. 6, pp. 903-916, Nov.-Dec. 2012, doi:10.1109/TDSC.2012.49
Usage of this product signifies your acceptance of the Terms of Use.