A secure fine-grained access control mechanism for networked storage systems

Hsiao Ying Lin*, John Kubiatowicz, Wen-Guey Tzeng

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

3 Scopus citations

Abstract

Networked storage systems provide storage services for users over networks. Secure networked storage systems store encrypted data to guarantee data confidentiality. However, using encryption schemes somehow restricts the access control function over stored data. We address the access control function for a secure networked storage system by proposing a fine-grained access control mechanism. In our mechanism, a user cannot only read or write data but also grant the reading permissions of a single file or a whole directory of files to others with low cost. Moreover, these functions are supported in a confidential way against honest-but-curious storage servers. Our technical contribution is to propose a hybrid encryption scheme for a typical structure of a file system by integrating a hierarchical proxy re-encryption scheme and a hierarchical key assignment scheme. We measure the computation overhead for reading, writing, and granting operations by experiments. Our experimental results show that getting a finer access control mechanism does not cost much.

Original languageEnglish
Title of host publicationProceedings of the 2012 IEEE 6th International Conference on Software Security and Reliability, SERE 2012
Pages225-234
Number of pages10
DOIs
StatePublished - 2012
Event2012 IEEE 6th International Conference on Software Security and Reliability, SERE 2012 - Gaithersburg, MD, United States
Duration: 20 Jun 201222 Jun 2012

Publication series

NameProceedings of the 2012 IEEE 6th International Conference on Software Security and Reliability, SERE 2012

Conference

Conference2012 IEEE 6th International Conference on Software Security and Reliability, SERE 2012
Country/TerritoryUnited States
CityGaithersburg, MD
Period20/06/1222/06/12

Keywords

  • Access control mechanism
  • Hybrid encryption
  • Networked storage system
  • Proxy re-encryption

Fingerprint

Dive into the research topics of 'A secure fine-grained access control mechanism for networked storage systems'. Together they form a unique fingerprint.

Cite this