With the widespread success and adoption of cloud-based solutions, we are witnessing an ever increasing reliance on external providers for storing and managing data. This evolution is greatly facilitated by the availability of solutions - typically based on encryption - ensuring the confidentiality of externally outsourced data against the storing provider itself. Selective application of encryption (i.e., with different keys depending on the authorizations holding on data) provides a convenient approach to access control policy enforcement. Effective realization of such policy-based encryption entails addressing several problems related to key management, access control enforcement, and authorization revocation, while ensuring efficiency of access and deployment with current technology. We present the design and implementation of an approach to realize policy-based encryption for enforcing access control in OpenStack Swift. We also report experimental results evaluating and comparing different implementation choices of our approach.
Access Control Management for Secure Cloud Storage / E. Bacis, S. De Capitani di Vimercati, S. Foresti, S. Paraboschi, M. Rosa, P. Samarati (LECTURE NOTES OF THE INSTITUTE FOR COMPUTER SCIENCES, SOCIAL INFORMATICS AND TELECOMMUNICATIONS ENGINEERING). - In: Security and Privacy in Communication Networks / [a cura di] R. Deng, J. Weng, K. Ren, V. Yegneswaran. - [s.l] : Springer International Publishing, 2017. - ISBN 9783319596075. - pp. 353-372 (( Intervento presentato al 12. convegno EAI International Conference on Security and Privacy in Communication Networks tenutosi a Guangzhou nel 2016.
|Titolo:||Access Control Management for Secure Cloud Storage|
|Settore Scientifico Disciplinare:||Settore INF/01 - Informatica|
|Progetto:||Enforceable Security in the Cloud to Uphold Data Ownership|
ABC GATES FOR EUROPE
|Data di pubblicazione:||2017|
|Enti collegati al convegno:||EAI|
|Digital Object Identifier (DOI):||http://dx.doi.org/10.1007/978-3-319-59608-2_21|
|Tipologia:||Book Part (author)|
|Appare nelle tipologie:||03 - Contributo in volume|