Cloud Docs: Secure Scalable Document Sharing on Public Clouds

Secure cloud storage solutions such as Trust Store, Sec Cloud, HPI Secure, and Twin Cloud have primarily focused on securing persistent data while storing it in public cloud services. Though data sharing has been recognized as an important security feature, these storage solutions mostly focus on three key properties: confidentiality, integrity and availability. Modern enterprise applications demand data is able to be shared within or across organizations. The challenge is how to securely share data in public clouds without increasing data movement and computation costs. This problem has been addressed in recent times by utilizing or developing new data encryption techniques such as identity-based encryption, attribute-based encryption and proxy-re-encryption. However, these techniques suffer from scalability and flexibility problems when dealing with big data and support for dynamic access control rules. This paper presents a novel architecture and corresponding protocols to provide secure sharing of documents on public cloud services: Cloud Docs. This system uses AES for data encryption to achieve scalability and supports identity based access control rules using private-public key pairs to provide flexibility.