Formal analysis of a private access control protocol to a cloud storage - Archive ouverte HAL Accéder directement au contenu
Article Dans Une Revue International Journal of Innovative Computing and Applications Année : 2018

Formal analysis of a private access control protocol to a cloud storage

Résumé

Cloud storage provides an attractive solution for many organizations and enterprises due to its features such as scalability, availability and reduced costs. However, storing data in the cloud is challenging if we want to ensure data security and user privacy. To address these security issues cryptographic protocols are usually used. Such protocols rely on cryptographic primitives which have to guarantee some security properties such that data and user privacy or authentication. Attribute-Based Signature (ABS) and Attribute-Based Encryption (ABE) are very adapted for storing data on an untrusted remote entity. In this work, we enhance the security of cloud storage systems through a formal analysis of a cloud storage protocol based on ABS and ABE schemes. We clarify several ambiguities in the design of this protocol and model the protocol and its security properties with ProVerif an automatic tool for the verification of cryptographic protocols. We discover an unknown attack against user privacy in the Ruj et al. protocol. We propose a correction, and automatically prove the security of the corrected protocol with ProVerif.
Fichier principal
Vignette du fichier
jmain2c.pdf (399.61 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01990336 , version 1 (23-01-2019)

Identifiants

Citer

Mouhebeddine Berrima, Pascal Lafourcade, Matthieu Giraud, Narjes Ben Rajeb. Formal analysis of a private access control protocol to a cloud storage. International Journal of Innovative Computing and Applications, 2018, 9 (3), pp.150-164. ⟨10.1504/IJICA.2018.093733⟩. ⟨hal-01990336⟩
115 Consultations
198 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More