Cargando…

ABEBox: end-to-end encryption for file sharing cloud services

<!--HTML-->Besides providing data sharing, commercial cloud-based file-sharing services (e.g., Dropbox) also enforce access control, i.e. permit users to decide who can access which data. In this work, we advocate the separation between the sharing of data and the access control function. We...

Descripción completa

Detalles Bibliográficos
Autor principal: Bracciale, Lorenzo
Lenguaje:eng
Publicado: 2022
Materias:
Acceso en línea:http://cds.cern.ch/record/2801621
_version_ 1780972707696869376
author Bracciale, Lorenzo
author_facet Bracciale, Lorenzo
author_sort Bracciale, Lorenzo
collection CERN
description <!--HTML-->Besides providing data sharing, commercial cloud-based file-sharing services (e.g., Dropbox) also enforce access control, i.e. permit users to decide who can access which data. In this work, we advocate the separation between the sharing of data and the access control function. We specifically promote an overlay approach that provides end-to-end encryption and empowers the end users with the possibility to enforce access control policies without involving the cloud provider itself. To this end, our proposal, named ABEBox, relies on Ciphertext-Policy Attribute-Based Encryption (CP-ABE) for custom policy definition and key management. Using CP-ABE, users can encrypt and share files and folders with others without the need of handling also the sharing of the related cryptographic keys for all the resources to be shared, thus implementing a flexible many-to-many end-to-end encryption which perfectly fits the need of adding privacy to a file sharing service. We developed a multi-platform client which seamlessly performs data encryption/decryption on top of any arbitrary cloud storage provider and takes care of the key management. The project has been funded by the GÉANT Innovation Programme and with support from the European Commission under European Project BPR4GDPR under grant agreement No.787149.
id cern-2801621
institution Organización Europea para la Investigación Nuclear
language eng
publishDate 2022
record_format invenio
spelling cern-28016212022-11-02T22:04:04Zhttp://cds.cern.ch/record/2801621engBracciale, LorenzoABEBox: end-to-end encryption for file sharing cloud servicesCS3 2022 - Cloud Storage Synchronization and SharingHEP Computing<!--HTML-->Besides providing data sharing, commercial cloud-based file-sharing services (e.g., Dropbox) also enforce access control, i.e. permit users to decide who can access which data. In this work, we advocate the separation between the sharing of data and the access control function. We specifically promote an overlay approach that provides end-to-end encryption and empowers the end users with the possibility to enforce access control policies without involving the cloud provider itself. To this end, our proposal, named ABEBox, relies on Ciphertext-Policy Attribute-Based Encryption (CP-ABE) for custom policy definition and key management. Using CP-ABE, users can encrypt and share files and folders with others without the need of handling also the sharing of the related cryptographic keys for all the resources to be shared, thus implementing a flexible many-to-many end-to-end encryption which perfectly fits the need of adding privacy to a file sharing service. We developed a multi-platform client which seamlessly performs data encryption/decryption on top of any arbitrary cloud storage provider and takes care of the key management. The project has been funded by the GÉANT Innovation Programme and with support from the European Commission under European Project BPR4GDPR under grant agreement No.787149.oai:cds.cern.ch:28016212022
spellingShingle HEP Computing
Bracciale, Lorenzo
ABEBox: end-to-end encryption for file sharing cloud services
title ABEBox: end-to-end encryption for file sharing cloud services
title_full ABEBox: end-to-end encryption for file sharing cloud services
title_fullStr ABEBox: end-to-end encryption for file sharing cloud services
title_full_unstemmed ABEBox: end-to-end encryption for file sharing cloud services
title_short ABEBox: end-to-end encryption for file sharing cloud services
title_sort abebox: end-to-end encryption for file sharing cloud services
topic HEP Computing
url http://cds.cern.ch/record/2801621
work_keys_str_mv AT braccialelorenzo abeboxendtoendencryptionforfilesharingcloudservices
AT braccialelorenzo cs32022cloudstoragesynchronizationandsharing