Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy Preserving Cloud Data Access With Multi-Authorities Taeho Jung 1, Xiang-Yang Li 1, Zhiguo Wan 2, Meng Wan 3 Illinois Institute of Technology, Chicago.

Published byGregory Neal Modified over 8 years ago

Similar presentations

Presentation on theme: "Privacy Preserving Cloud Data Access With Multi-Authorities Taeho Jung 1, Xiang-Yang Li 1, Zhiguo Wan 2, Meng Wan 3 Illinois Institute of Technology, Chicago."— Presentation transcript:

1 Privacy Preserving Cloud Data Access With Multi-Authorities Taeho Jung 1, Xiang-Yang Li 1, Zhiguo Wan 2, Meng Wan 3 Illinois Institute of Technology, Chicago 1 Tsinghua University, Beijing 2 Ministry of Education, Beijing 3

2

3 Image credit EFF website (https://www.eff.org/), StorageNewsletter ( http://www.storagenewsletter.com )https://www.eff.org/ http://www.storagenewsletter.com

4 Say No ! We want privacy !

5 Our concerns in clouds  Data privacy  Data manipulation (delete, create etc) privilege is not properly managed  User profile privacy  User information is disclosed for access control

6 Existing Encryptions  Public key encryption  Identity based encryption  Attribute based encryption Professor OR Ph.D University: IIT Position: Ph.D

7 Attribute Based Encryption (ABE) 2/2 1/3 Ciphertext Professor Ph.D Master I.I.T C.S Department University: Illinois Institute of Technology, Major: Computer Science, Position: Professor University: Illinois Institute of Technology, Major: Computer Science, Position: Professor Secret-Sharing 7 Access Tree ANDOR

8 Attribute Based Encryption (ABE) Data PublisherData Consumer Request key Attribute Authority If I am compromised, the whole system die! Will authority know who I am? File Server upload download

9 Similar Approaches  Chase et al. [TCC’05, CCS’09] Multi-authority ABE  Key-Policy  Overlap-based Matching  Lewko et al. [EUROCRYPT’11] Multi-authority CP-ABE  LSSS-matrix based, conversion from Boolean formula only

10 Our Approach  AnonyControl  Make the attribute authority (key generator) distributed.  Generalize access control to privilege control  Privilege to read, delete, create, modify, etc.  We DON’T implement computable encryption!  Contributions  Each authority knows only part of users’ identity  One authority being compromised does not break the system  Being able to control the data manipulation  Implemented a prototype system

11 Overview of AnonyControl  Core Algorithms Design  Setup  KeyGenerate  Encrypt  Decrypt

12 Algorithm - Setup AA1 AA2 AA3 AA4 Uniform Public Key Joint computation Master Key 1 (secret) Master Key 2 (secret) Master Key 4 (secret) Master Key 3 (secret) Bilinear mapping Next talk

13 Algorithm - Setup AA1 AA2 AA3 AA4

14 Algorithm - Setup AA1 AA2 AA3 AA4

15 Algorithm - KeyGenerate AA1 AA2 AA3 AA4 User’s secret key Joint computation

16 Algorithm - Encrypt ……

17 Algorithm - Decrypt …… Data consumer uses his secret key to recover secret values at each tree’s root node. (secret-sharing)

18 Concerns solved?

19 Further concerns?

20 Prototype System

21 Execution Time for Core Algorithms 21

22 Conclusion Semi-anonymous – only partial attributes are disclosed to single authority Privilege control Tolerate up to N-2 compromise attack 22

23 23 www.iit.edu/~tjung www.cs.iit.edu/~winet/index.html

Download ppt "Privacy Preserving Cloud Data Access With Multi-Authorities Taeho Jung 1, Xiang-Yang Li 1, Zhiguo Wan 2, Meng Wan 3 Illinois Institute of Technology, Chicago."

Similar presentations

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.

Trusted Data Sharing over Untrusted Cloud Storage Provider Gansen Zhao, Chunming Rong, Jin Li, Feng Zhang, and Yong Tang Cloud Computing Technology and.
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Attribute-based Encryption

Attribute-based Encryption
Multi-Dimensional Range Query over Encrypted Data Authors: Elaine Shi, Joint work with John Bethencourt, Hubert Chan, Dawn Song, Adrian Perrig Slides originated.

Multi-Dimensional Range Query over Encrypted Data Authors: Elaine Shi, Joint work with John Bethencourt, Hubert Chan, Dawn Song, Adrian Perrig Slides originated.
Russell Martin August 9th, 2013. Contents Introduction to CPABE Bilinear Pairings Group Selection Key Management Key Insulated CPABE Conclusion & Future.

Russell Martin August 9th, Contents Introduction to CPABE Bilinear Pairings Group Selection Key Management Key Insulated CPABE Conclusion & Future.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.

Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.
PRIVACY AND SECURITY ISSUES IN DATA MINING P.h.D. Candidate: Anna Monreale Supervisors Prof. Dino Pedreschi Dott.ssa Fosca Giannotti University of Pisa.

PRIVACY AND SECURITY ISSUES IN DATA MINING P.h.D. Candidate: Anna Monreale Supervisors Prof. Dino Pedreschi Dott.ssa Fosca Giannotti University of Pisa.
Responding to Policies at Runtime in TrustBuilder Bryan Smith, Kent E. Seamons, and Michael D. Jones Computer Science Department Brigham Young University.

Responding to Policies at Runtime in TrustBuilder Bryan Smith, Kent E. Seamons, and Michael D. Jones Computer Science Department Brigham Young University.
2 Your data is anywhere but not in your control Security breaches are recurrent – Weakest link: hardware, software, technicians, … You may trust the science.

2 Your data is anywhere but not in your control Security breaches are recurrent – Weakest link: hardware, software, technicians, … You may trust the science.
Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.
S EMINAR A SELF DESTRUCTING DATA SYSTEM BASED ON ACTIVE STORAGE FRAMEWORK ONON P RESENTED BY S HANKAR G ADHVE G UIDED BY P ROF.P RAFUL P ARDHI.

S EMINAR A SELF DESTRUCTING DATA SYSTEM BASED ON ACTIVE STORAGE FRAMEWORK ONON P RESENTED BY S HANKAR G ADHVE G UIDED BY P ROF.P RAFUL P ARDHI.
Ragib Hasan Johns Hopkins University en.600.412 Spring 2010 Lecture 7 03/29/2010 Security and Privacy in Cloud Computing.

Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 7 03/29/2010 Security and Privacy in Cloud Computing.
A PASS Scheme in Clouding Computing - Protecting Data Privacy by Authentication and Secret Sharing Jyh-haw Yeh Dept. of Computer Science Boise State University.

A PASS Scheme in Clouding Computing - Protecting Data Privacy by Authentication and Secret Sharing Jyh-haw Yeh Dept. of Computer Science Boise State University.
1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.

1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.
Improving Privacy and Security in Multi- Authority Attribute-Based Encryption Advanced Information Security April 6, 2010 Presenter: Semin Kim.

Improving Privacy and Security in Multi- Authority Attribute-Based Encryption Advanced Information Security April 6, 2010 Presenter: Semin Kim.
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
12/13/20051 Egypt Education Service (EES) Capstone Design Mohammed Khalilia Saif Khairat.

12/13/20051 Egypt Education Service (EES) Capstone Design Mohammed Khalilia Saif Khairat.
Practical Techniques for Searches on Encrypted Data Author: Dawn Xiaodong Song, David Wagner, Adrian Perrig Presenter: 紀銘偉.

Practical Techniques for Searches on Encrypted Data Author: Dawn Xiaodong Song, David Wagner, Adrian Perrig Presenter: 紀銘偉.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.

Similar presentations

Ads by Google