Skip to content Skip to navigation

Project 3 : System for Scalable Access Control of Encrypted Data in Untrusted Servers

Objectives

  • Create scalable access control system for encrypted data in untrusted servers, which can be practically deployed to support both mobile and non-mobile users (e.g. secure group chat)

 

Existing Solutions and their Limitations

  • Symmetric key/Public key cryoto/hidden URL based solutions: Dropbox, Google Drive; not scalable or not secure
  • Existing solutions based on attributed-based encryption are computationally expensive and expensive in supporting user revocations

 

Outcomes / Deliverables

  • MID-TERM: prototype for access control of encrypted data in group chat system/application
  • FINAL: prototype system for access control of encrypted data supporting mobile devices and efficient user management (including user revocations)

 

Practical Applications and Impact

  • Practical, scalable and secure solutions for encrypted data sharing in the cloud

 

System Architecture/Description

  • Untrusted server: untrusted for keeping data confidential and for enforcing access policies
  • Data owner encrypts data and specifies access policy
  • Data users can access data if their attributes satisfy the access policy

 

Significant Research Achievements

  • We have created a suite of protocols and algorithms for highly efficient decryption and user revocation in attribute-based encryption systems, and have designed and implemented an attribute-based secure messaging system based on our patented technology.

 

Last updated on 09 Jun 2017 .