Project 3 : System for Scalable Access Control of Encrypted Data in Untrusted Servers


  • Create scalable access control system for encrypted data in untrusted servers, which can be practically deployed to support both mobile and non-mobile users (e.g. secure group chat)


Existing Solutions and their Limitations

  • Symmetric key/Public key cryoto/hidden URL based solutions: Dropbox, Google Drive; not scalable or not secure
  • Existing solutions based on attributed-based encryption are computationally expensive and expensive in supporting user revocations


Outcomes / Deliverables

  • MID-TERM: prototype for access control of encrypted data in group chat system/application
  • FINAL: prototype system for access control of encrypted data supporting mobile devices and efficient user management (including user revocations)


Practical Applications and Impact

  • Practical, scalable and secure solutions for encrypted data sharing in the cloud


System Architecture/Description

  • Untrusted server: untrusted for keeping data confidential and for enforcing access policies
  • Data owner encrypts data and specifies access policy
  • Data users can access data if their attributes satisfy the access policy


Significant Research Achievements

  • We have created a suite of protocols and algorithms for highly efficient decryption and user revocation in attribute-based encryption systems, and have designed and implemented an attribute-based secure cloud storage system based on our patented technology.



Keep up to date with what's happening at the Singapore Management University

Newsletter checkboxes