Access Control Enforcement Based on Proxy Re-encryption in Data Outsourcing Environment

Data outsourcing is an emerging paradigm that allows users and companies to give their (potentially sensitive) data to external data storage provider that then become responsible for their storage, management, and dissemination. Although data outsourcing provides many benefits, it introduces new privacy and security concerns. How to protect the outsourcing data privacy when the access control policies are changed dynamically is an important problem. Existing solutions to the problem adopt over-encryption to protect data privacy, it is low efficiency, because every time the users request data from the data storage provider, the data storage provider must encrypt the data with a new key and the users decrypt the data twice. In this paper we present a novel solution to this issue, which based on proxy re-encryption. In the proposed solution, when the users request data from the DSP, the DSP send the cipher text to the users directly without encrypting the data with another second-level key, and the users decrypt the cipher text to get the data with only a new key. Therefore, high efficiency is achieved. We analyze the performance and security of our approach.