In this work, we propose a service infrastructure that provides confidentiality of data in the cloud. It enables information sharing with fine-grained access control among multiple tenants based on attribute-based encryption. Compared to the standard approach based on access control lists, our encryption as a service approach allows us to use cheap standard cloud storage in the public cloud and to mitigate a single point of attack. We use hardware security modules to protect long-term secret keys in the cloud. Hardware security modules provide high security but only relatively low performance. Therefore, we use attribute-based encryption with outsourcing to integrate hardware security modules into our micro-service oriented cloud architecture. As a result, we achieve elasticity, high performance, and high security at the same time.
CITATION STYLE
Blömer, J., Günther, P., Krummel, V., & Löken, N. (2018). Attribute-based encryption as a service for access control in large-scale organizations. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10723 LNCS, pp. 3–17). Springer Verlag. https://doi.org/10.1007/978-3-319-75650-9_1
Mendeley helps you to discover research relevant for your work.