Secure data sharing scheme with privacy-preserving and certificateless integrity auditing in cloud storage

Abstract

With cloud storage services becoming wildspread and low-cost, individuals and organizations select outsourcing large amounts of document to cloud. Cloud storage applications provide data sharing services with varying functionality. In some cloud storage systems that provide data sharing, such as e-health systems, hiding sensitive information fields is a necessity. Meanwhile, in sharing process, unauthorized entities may have access to these privacy fields. The resource-constrained computation capability for data owner (DO) is universal. To tackle above problems, we propose a sanitizer-based secure data sharing scheme where sanitizer performs most computations of encryption and signature after receiving the partially blinded data from DO. It also checks the legitimacy of visitors before CSP returns stored data file. Besides, adopting an attribute-based access policy guarantees further privacy and fine-grained access authorization. After verification, cloud will return the required data to the legitimate visitors. Moreover, integrity auditing to shared data file is based on certificateless authentication technique, which removes certificates issue of traditional cryptographic technique, avoids key-escrow attack risk caused by identity-based cryptography. Finally, the performance analysis and experimental results show that our proposed scheme is competitive in practical applications since it reduces the authenticator generation overhead by up to 21.6% and proof generation overhead by up to 12% compared with related schemes.