Skip to main content
main-content
Top

Hint

Swipe to navigate through the chapters of this book

2019 | OriginalPaper | Chapter

Using Blockchain to Control Access to Cloud Data

Authors : Jiale Guo, Wenzhuo Yang, Kwok-Yan Lam, Xun Yi

Published in: Information Security and Cryptology

Publisher: Springer International Publishing

share
SHARE

Abstract

As cloud storage becomes more common, data security is an increasing concern. In this paper, we propose a new approach to control access to the user’s data stored in the cloud with the state-of-the-arts decentralized blockchain technology. In general, an access control solution for cloud data involves three components: authentication, authorization and auditing. It is expensive for the cloud server to ensure authentication, authorization and auditing for access control of the user’s data in cloud computing environment. In addition, it is hard to prevent the malicious cloud server from access to the user’s data and disclose the user’s privacy. Our approach distributes the access control tasks for authentication, authorization and auditing to a network of nodes like bitcoin. In particular, we keep the auditing records in the transparent blockchain. In addition, we employ the Shamir secret sharing scheme to manage the encryption key for cloud users.
Literature
2.
go back to reference Daemen, J., Rijmen, V.: Rijndael, the advanced encryption standard. Dr. Dobb’s J. 26(3), 137–139 (2001) MATH Daemen, J., Rijmen, V.: Rijndael, the advanced encryption standard. Dr. Dobb’s J. 26(3), 137–139 (2001) MATH
3.
go back to reference Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1(1), 36–63 (2001) CrossRef Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1(1), 36–63 (2001) CrossRef
6.
go back to reference Ouaddah, A., Abou Elkalam, A., Ait Ouahman, A.: FairAccess: a new Blockchain-based access control framework for the Internet of Things. Secur. Commun. Netw. 9(18), 5943–5964 (2016) CrossRef Ouaddah, A., Abou Elkalam, A., Ait Ouahman, A.: FairAccess: a new Blockchain-based access control framework for the Internet of Things. Secur. Commun. Netw. 9(18), 5943–5964 (2016) CrossRef
7.
go back to reference Ouaddah, A., Elkalam, A.A., Ouahman, A.A.: Towards a novel privacy-preserving access control model based on blockchain technology in IoT. In: Rocha, Á., Serrhini, M., Felgueiras, C. (eds.) Europe and MENA Cooperation Advances in Information and Communication Technologies. Advances in Intelligent Systems and Computing, vol. 520, pp. 523–533. Springer, Cham (2017). https://​doi.​org/​10.​1007/​978-3-319-46568-5_​53 CrossRef Ouaddah, A., Elkalam, A.A., Ouahman, A.A.: Towards a novel privacy-preserving access control model based on blockchain technology in IoT. In: Rocha, Á., Serrhini, M., Felgueiras, C. (eds.) Europe and MENA Cooperation Advances in Information and Communication Technologies. Advances in Intelligent Systems and Computing, vol. 520, pp. 523–533. Springer, Cham (2017). https://​doi.​org/​10.​1007/​978-3-319-46568-5_​53 CrossRef
8.
go back to reference National Institute of Standards and Technology (NIST). FIPS 180–2: Secure Hash Standard (SHS), Current version of the Secure Hash Standard (SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512) (2004) National Institute of Standards and Technology (NIST). FIPS 180–2: Secure Hash Standard (SHS), Current version of the Secure Hash Standard (SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512) (2004)
9.
go back to reference Sandhu, R.S., Samarati, P.: Access control: principle and practice. IEEE Commun. Mag. 32(9), 40–48 (1994) CrossRef Sandhu, R.S., Samarati, P.: Access control: principle and practice. IEEE Commun. Mag. 32(9), 40–48 (1994) CrossRef
12.
go back to reference Swan, M.: Blockchain: Blueprint for a New Economy. O’Reilly Media Inc., Sebastopol (2015) Swan, M.: Blockchain: Blueprint for a New Economy. O’Reilly Media Inc., Sebastopol (2015)
14.
go back to reference Zyskind, G., Nathan, O.: Decentralizing privacy: using blockchain to protect personal data. In: Security and Privacy Workshops (SPW), 2015 IEEE, pp. 180–184. IEEE (2015) Zyskind, G., Nathan, O.: Decentralizing privacy: using blockchain to protect personal data. In: Security and Privacy Workshops (SPW), 2015 IEEE, pp. 180–184. IEEE (2015)
Metadata
Title
Using Blockchain to Control Access to Cloud Data
Authors
Jiale Guo
Wenzhuo Yang
Kwok-Yan Lam
Xun Yi
Copyright Year
2019
DOI
https://doi.org/10.1007/978-3-030-14234-6_15

Premium Partner