Abstract:

Cloud computing's immense potential is acknowledged by people, yet there exists a fundamental distrust in cloud providers' ability to safeguard privacy-sensitive data due to the lack of control users have over their data in the cloud. To address this concern, encrypted data is often outsourced by data owners instead of sharing plaintexts. To facilitate controlled sharing of encrypted files with specific users, Ciphertext-Policy Attribute-based Encryption (CP-ABE) is employed for precise access control that is centered around the data owner. However, this approach has shown vulnerabilities to various attacks, necessitating a more comprehensive security solution. In many existing schemes, cloud providers lack the capability to verify whether a downloader has decryption privileges. Consequently, these files end up being accessible to anyone who can access the cloud storage, raising the risk of malicious entities launching Economic Denial of Sustainability (EDoS) attacks. Such attacks can lead to excessive consumption of cloud resources, with the cost burden falling on the payer of the cloud service. Additionally, the cloud provider functions as both the resource counter and recipient of the consumption fees, lacking transparency to data owners. These issues require resolution to ensure the viability of public cloud storage in real-world scenarios. This study introduces a novel approach aimed at fortifying the security of encrypted cloud storage against EDoS attacks, while simultaneously establishing accountability for resource consumption. The approach leverages CPABE schemes in a manner that maintains the integrity of the data, accommodating arbitrary access policies associated with CP-ABE. To achieve this, we present two distinct protocols tailored for different usage scenarios. A comprehensive analysis of both performance and security aspects accompanies these protocols.

Description:

Cloud storage, combining data owner side, cloud side access, Economic Denial of Sustainability.