2012 | OriginalPaper | Buchkapitel
CloudSeal: End-to-End Content Protection in Cloud-Based Storage and Delivery Services
verfasst von : Huijun Xiong, Xinwen Zhang, Wei Zhu, Danfeng Yao
Erschienen in: Security and Privacy in Communication Networks
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Recent years have seen the trend to leverage cloud-based services for large scale content storage, processing, and distribution. Security and privacy are among top concerns for public cloud environments. Towards the end-to-end content confidentiality protection, we propose
CloudSeal
, a scheme for securely sharing and distributing data via cloud-based data storage and content delivery services (e.g., Amazon S3 and CloudFront). CloudSeal ensures the confidentiality of content stored in public cloud storage services, by encrypting it before sharing at the cloud. To achieve flexible access control policies, CloudSeal further adopts
k
-out-of-
n
secret sharing and broadcast revocation mechanisms to renew shared secrets, e.g., when a user joins or leaves a content sharing group. Most importantly, CloudSeal leverages proxy re-encryption algorithm to transfer part of stored cipher content in the cloud, which can be decrypted by a valid user with updated secret keys. We achieve this property without modifying most of the encrypted content. This feature is critical for the efficiency of content distribution.