Protecting Data in the Cloud: An Assessment of Practical Digital Envelopes from Attribute based Encryption

Víctor J. Sosa-Sosa, Miguel Morales-Sandoval, Oscar Telles-Hurtado, José Luis González-Compeán

Abstract

Cloud storage services provide users with an effective and inexpensive mechanism to store and manage big data with anytime and anywhere availability. However, data owners face the risk of losing control over their data, which could be accessed by third non-authorized parties including the provider itself. Although conventional encryption could avoid data snooping, an access control problem arises and the data owner must implement the security mechanisms to store, manage and distribute the decryption keys. This paper presents a qualitative and quantitative evaluation of two Java implementations of security schemes called DET-ABE and AES4SeC. Both are based on the digital envelope technique and attribute based encryption, a non-conventional cryptography that ensures confidentiality and access control security services. The experimental evaluation was performed in a private cloud infrastructure where experiments for both implementations ran using the same platform, settings, underlying libraries, thus providing a more fair comparison. The quantitative evaluation revealed DET-ABE and AES4SeC have similar performance when applying low security levels (128-bit keys), whereas DET-ABE surpasses AES4SeC performance when medium (192-bit keys) and high (256-bit keys) security levels are required. Qualitative evaluation shows that AES4SeC also ensures authentication and integrity services, which are not supported by DET-ABE.

Download


Paper Citation


in Harvard Style

Sosa-Sosa V., Morales-Sandoval M., Telles-Hurtado O. and González-Compeán J. (2017). Protecting Data in the Cloud: An Assessment of Practical Digital Envelopes from Attribute based Encryption . In - KDCloudApps, ISBN , pages 0-0. DOI: 10.5220/0006484603820390


in Bibtex Style

@conference{kdcloudapps17,
author={Víctor J. Sosa-Sosa and Miguel Morales-Sandoval and Oscar Telles-Hurtado and José Luis González-Compeán},
title={Protecting Data in the Cloud: An Assessment of Practical Digital Envelopes from Attribute based Encryption},
booktitle={ - KDCloudApps,},
year={2017},
pages={},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006484603820390},
isbn={},
}


in EndNote Style

TY - CONF
JO - - KDCloudApps,
TI - Protecting Data in the Cloud: An Assessment of Practical Digital Envelopes from Attribute based Encryption
SN -
AU - Sosa-Sosa V.
AU - Morales-Sandoval M.
AU - Telles-Hurtado O.
AU - González-Compeán J.
PY - 2017
SP - 0
EP - 0
DO - 10.5220/0006484603820390