Data Security In Cloud Computing |
Cloud computing sees a technical and cultural shift of computing service provision from being provided locally to being provided remotely, and en masse, by third-party service providers. Data that was once housed under the security domain of the service user has now been placed under the protection of the service provider. Users have lost control over the protection of their data: No longer is our data kept under our own watchful eyes. This thesis investigates how Predicate Based Encryption (PBE) could be leveraged within the Cloud to protect data. PBE is a novel family of asymmetric encryption schemes in which decryption of ciphertext is dependent upon a set of attributes satisfying a certain predicate, allowing for selective ﬁne-grained access control to be speciﬁedover cipher-texts. It is argued that obfuscation of one’s data is notenough when seeking to protect data. The control of how one’s data is used andthe trust aﬀordedto service providers is equally as important. To this end, three archetypalscenarios are described that illustrate ways in which service users couldspecify precisely with whom they wish to share their data, for what purpose,and for how long. Furthermore, two additional scenarios are presented thatwould allow a service provider to facilitate keyword search over encrypted datausing expressive queries supporting conjunction and disjunction of terms.