ETRI-Knowledge Sharing Plaform



논문 검색
구분 SCI
연도 ~ 키워드


학술지 Authorized Client-side Deduplication Using Access Policy-based Convergent Encryption
Cited 2 time in scopus Download 2 time Share share facebook twitter linkedin kakaostory
윤택영, 장구영, 이경현, 신상욱
Journal of Internet Technology, v.19 no.4, pp.1229-1240
National Dong Hwa University
17ZH1700, 암호화된 데이터베이스에서의 데이터 저장 및 검색을 위한 암호 원천 기술 개발, 장구영
This paper proposes the method to provide efficient use of cloud storage while supporting secure data sharing in the cloud. In order to provide authorized deduplication, we use the convergent encryption scheme and apply an access privilege to generate a convergent key. Because of this, the user without proper privileges will not be able to generate the convergent key and thus cannot access the shared data. To verify the ownership of the file in the client-side deduplication procedure, we also propose a new proofs of ownership protocol based on an existing Merkle Tree-based protocol. Our scheme provides an adequate trade-off between security and storage space efficiency. By executing the deduplication for users with the same privilege, the effect of deduplication can be reduced. However, in view of the data sharing, our approach has as advantage in the sense that only authorized users can access the files encrypted based on privileges allowed to the users. The proposed scheme is very suitable for the hybrid cloud model considering both the data security and the storage efficiency.
KSP 제안 키워드
Access Policy, Access privilege, Authorized users, Convergent encryption, Data security, Encryption Scheme, Hybrid cloud model, Merkle tree, Proofs of ownership, Secure data sharing, Shared data