Attribute-Based Access Control Schemes in Cloud: Performance and Research Directions

Abstract

Disclosure of sensitive data leads to identity theft and violation of privacy. The untrusted cloud service provider (CSP) may try to disclose/misuse the data. It is necessary to provide access control and security over the outsourced and shared data to hide it from the CSP and unauthorized users. Traditional access control schemes are prone to security threats in the cloud environment. Attribute-based access control schemes (ABAC) are well suited for the cloud environment. Attribute-based encryption (ABE) is a promising cryptographic solution to provide fine-grained access control over the shared data. It selectively shares the data among the users and hides data from the CSP and unauthorized users. It preserves the privacy of users and the security of data being shared. Users can decrypt the data only if their attributes are satisfied with the access policy associated in the ciphertext. This paper presents a comprehensive survey of the ABE schemes. Taxonomy, performance comparison, and applications of ABE schemes are dealt with. The taxonomy and performance comparison help the selection of the most suitable ABE scheme based on specific usage scenarios. Thus, the survey opens up very interesting avenues for further research in this area, which are also discussed.