A secure data sharing and query processing framework via federation of cloud computing

Bharath Kumar Samanthula, Yousef Elmehdwi, Gerry Howser, Sanjay Madria

Research output: Contribution to journalArticleResearchpeer-review

36 Citations (Scopus)

Abstract

Due to cost-efficiency and less hands-on management, data owners are outsourcing their data to the cloud which can provide access to the data as a service. However, by outsourcing their data to the cloud, the data owners lose control over their data as the cloud provider becomes a third party service provider. At first, encrypting the data by the owner and then exporting it to the cloud seems to be a good approach. However, there is a potential efficiency problem with the outsourced encrypted data when the data owner revokes some of the users' access privileges. An existing solution to this problem is based on symmetric key encryption scheme but it is not secure when a revoked user rejoins the system with different access privileges to the same data record. In this paper, we propose an efficient and Secure Data Sharing (SDS) framework using homomorphic encryption and proxy re-encryption schemes that prevents the leakage of unauthorized data when a revoked user rejoins the system. We also modify our underlying SDS framework and present a new solution based on the data distribution technique to prevent the information leakage in the case of collusion between a revoked user and the cloud service provider. A comparison of the proposed solution with existing methods is provided in detail. Furthermore, we demonstrate how the existing work can be utilized in our proposed framework to support secure query processing. We provide a detailed security as well as experimental analysis of the proposed framework on Amazon EC2 and highlight its practical value.

Original languageEnglish
Pages (from-to)196-212
Number of pages17
JournalInformation Systems
Volume48
DOIs
StatePublished - 1 Jan 2015

Fingerprint

Query processing
Cloud computing
Cryptography
Outsourcing
Data as a service (DaaS)
Information management
Costs

Keywords

  • Cloud computing
  • Homomorphic encryption
  • Privacy
  • Proxy re-encryption

Cite this

Samanthula, Bharath Kumar ; Elmehdwi, Yousef ; Howser, Gerry ; Madria, Sanjay. / A secure data sharing and query processing framework via federation of cloud computing. In: Information Systems. 2015 ; Vol. 48. pp. 196-212.
@article{dfa551f8bad44d338548d96648009c38,
title = "A secure data sharing and query processing framework via federation of cloud computing",
abstract = "Due to cost-efficiency and less hands-on management, data owners are outsourcing their data to the cloud which can provide access to the data as a service. However, by outsourcing their data to the cloud, the data owners lose control over their data as the cloud provider becomes a third party service provider. At first, encrypting the data by the owner and then exporting it to the cloud seems to be a good approach. However, there is a potential efficiency problem with the outsourced encrypted data when the data owner revokes some of the users' access privileges. An existing solution to this problem is based on symmetric key encryption scheme but it is not secure when a revoked user rejoins the system with different access privileges to the same data record. In this paper, we propose an efficient and Secure Data Sharing (SDS) framework using homomorphic encryption and proxy re-encryption schemes that prevents the leakage of unauthorized data when a revoked user rejoins the system. We also modify our underlying SDS framework and present a new solution based on the data distribution technique to prevent the information leakage in the case of collusion between a revoked user and the cloud service provider. A comparison of the proposed solution with existing methods is provided in detail. Furthermore, we demonstrate how the existing work can be utilized in our proposed framework to support secure query processing. We provide a detailed security as well as experimental analysis of the proposed framework on Amazon EC2 and highlight its practical value.",
keywords = "Cloud computing, Homomorphic encryption, Privacy, Proxy re-encryption",
author = "Samanthula, {Bharath Kumar} and Yousef Elmehdwi and Gerry Howser and Sanjay Madria",
year = "2015",
month = "1",
day = "1",
doi = "10.1016/j.is.2013.08.004",
language = "English",
volume = "48",
pages = "196--212",
journal = "Information Systems",
issn = "0306-4379",
publisher = "Elsevier Ltd",

}

A secure data sharing and query processing framework via federation of cloud computing. / Samanthula, Bharath Kumar; Elmehdwi, Yousef; Howser, Gerry; Madria, Sanjay.

In: Information Systems, Vol. 48, 01.01.2015, p. 196-212.

Research output: Contribution to journalArticleResearchpeer-review

TY - JOUR

T1 - A secure data sharing and query processing framework via federation of cloud computing

AU - Samanthula, Bharath Kumar

AU - Elmehdwi, Yousef

AU - Howser, Gerry

AU - Madria, Sanjay

PY - 2015/1/1

Y1 - 2015/1/1

N2 - Due to cost-efficiency and less hands-on management, data owners are outsourcing their data to the cloud which can provide access to the data as a service. However, by outsourcing their data to the cloud, the data owners lose control over their data as the cloud provider becomes a third party service provider. At first, encrypting the data by the owner and then exporting it to the cloud seems to be a good approach. However, there is a potential efficiency problem with the outsourced encrypted data when the data owner revokes some of the users' access privileges. An existing solution to this problem is based on symmetric key encryption scheme but it is not secure when a revoked user rejoins the system with different access privileges to the same data record. In this paper, we propose an efficient and Secure Data Sharing (SDS) framework using homomorphic encryption and proxy re-encryption schemes that prevents the leakage of unauthorized data when a revoked user rejoins the system. We also modify our underlying SDS framework and present a new solution based on the data distribution technique to prevent the information leakage in the case of collusion between a revoked user and the cloud service provider. A comparison of the proposed solution with existing methods is provided in detail. Furthermore, we demonstrate how the existing work can be utilized in our proposed framework to support secure query processing. We provide a detailed security as well as experimental analysis of the proposed framework on Amazon EC2 and highlight its practical value.

AB - Due to cost-efficiency and less hands-on management, data owners are outsourcing their data to the cloud which can provide access to the data as a service. However, by outsourcing their data to the cloud, the data owners lose control over their data as the cloud provider becomes a third party service provider. At first, encrypting the data by the owner and then exporting it to the cloud seems to be a good approach. However, there is a potential efficiency problem with the outsourced encrypted data when the data owner revokes some of the users' access privileges. An existing solution to this problem is based on symmetric key encryption scheme but it is not secure when a revoked user rejoins the system with different access privileges to the same data record. In this paper, we propose an efficient and Secure Data Sharing (SDS) framework using homomorphic encryption and proxy re-encryption schemes that prevents the leakage of unauthorized data when a revoked user rejoins the system. We also modify our underlying SDS framework and present a new solution based on the data distribution technique to prevent the information leakage in the case of collusion between a revoked user and the cloud service provider. A comparison of the proposed solution with existing methods is provided in detail. Furthermore, we demonstrate how the existing work can be utilized in our proposed framework to support secure query processing. We provide a detailed security as well as experimental analysis of the proposed framework on Amazon EC2 and highlight its practical value.

KW - Cloud computing

KW - Homomorphic encryption

KW - Privacy

KW - Proxy re-encryption

UR - http://www.scopus.com/inward/record.url?scp=84911874529&partnerID=8YFLogxK

U2 - 10.1016/j.is.2013.08.004

DO - 10.1016/j.is.2013.08.004

M3 - Article

VL - 48

SP - 196

EP - 212

JO - Information Systems

JF - Information Systems

SN - 0306-4379

ER -