상세정보
학술지
Authorized Client-side Deduplication Using Access Policy-based Convergent Encryption
- 발행일
- 201807
- 출처
- Journal of Internet Technology, v.19 no.4, pp.1229-1240
- ISSN
- 1607-9264
- 출판사
- National Dong Hwa University
- 협약과제
- 17ZH1700, 암호화된 데이터베이스에서의 데이터 저장 및 검색을 위한 암호 원천 기술 개발, 장구영
- 초록
- This paper proposes the method to provide efficient use of cloud storage while supporting secure data sharing in the cloud. In order to provide authorized deduplication, we use the convergent encryption scheme and apply an access privilege to generate a convergent key. Because of this, the user without proper privileges will not be able to generate the convergent key and thus cannot access the shared data. To verify the ownership of the file in the client-side deduplication procedure, we also propose a new proofs of ownership protocol based on an existing Merkle Tree-based protocol. Our scheme provides an adequate trade-off between security and storage space efficiency. By executing the deduplication for users with the same privilege, the effect of deduplication can be reduced. However, in view of the data sharing, our approach has as advantage in the sense that only authorized users can access the files encrypted based on privileges allowed to the users. The proposed scheme is very suitable for the hybrid cloud model considering both the data security and the storage efficiency.
- KSP 제안 키워드
- Access Policy, Access privilege, Authorized users, Convergent encryption, Data security, Encryption Scheme, Hybrid cloud model, Merkle tree, Proofs of ownership, Secure data sharing, Shared data