Attribute-Based Encryption as a Service for Access Control in Large-Scale Organizations [chapter]

Johannes Blömer, Peter Günther, Volker Krummel, Nils Löken
2018 Lecture Notes in Computer Science  
In this work, we propose a service infrastructure that provides confidentiality of data in the cloud. It enables information sharing with fine-grained access control among multiple tenants based on attributebased encryption. Compared to the standard approach based on access control lists, our encryption as a service approach allows us to use cheap standard cloud storage in the public cloud and to mitigate a single point of attack. We use hardware security modules to protect long-term secret
more » ... in the cloud. Hardware security modules provide high security but only relatively low performance. Therefore, we use attribute-based encryption with outsourcing to integrate hardware security modules into our micro-service oriented cloud architecture. As a result, we achieve elasticity, high performance, and high security at the same time.
doi:10.1007/978-3-319-75650-9_1 fatcat:ldxf53pfjfhpdmua6kxqo4hbyi