Secure Cloud Storage with a Sanitizable Access Control System that Protects Against Malicious Data Producers

Abstract

Due to its widespread adoption in the IT industry, cloud computing is the potential to lower hardware and software costs. While sharing data through cloud storage seems straightforward, the assumption that the cloud provider can be fully trusted to protect sensitive information is unrealistic. Encryption is necessary to ensure data security, storing shared data as ciphertext with appropriate access controls. However, existing literature fails to address the challenges posed by malicious data publishers who may intentionally violate sharing rules. The current protection mechanisms only allow authorized recipients to decode the contents, but those without the proper keys or unauthorised users can nevertheless decrypt ciphertexts. Harmful data publishers' involvement poses a threat to corporate intellectual property. Therefore, addressing this issue and developing a robust strategy to handle hostile data publishers remains a challenging research problem. This study introduces a new field of inquiry by defining the q-Parallel Bilinear Diffie-Hellman Exponent Assumption as the foundation for the threat model, formal security model, and design strategy. The proposed construction is supported by performance analysis and security proofs, offering a solution for secure cloud storage implementation. Despite the study's significance, further investigation in this area is warranted, as it opens avenues for future research.