Accountable privacy preserving attribute based framework for authenticated encrypted access in clouds

In this paper, we propose an accountable privacy preserving attribute-based framework, called Ins-PAbAC, that combines attribute based encryption and attribute based signature techniques for securely sharing outsourced data contents via public cloud servers. The proposed framework presents several advantages. First, it provides an encrypted access control feature, enforced at the data owner’s side, while providing the desired expressiveness of access control policies. Second, Ins-PAbAC preserves users’ privacy, relying on an anonymous authentication mechanism, derived from a privacy preserving attribute based signature scheme that hides the users’ identifying information. Furthermore, our proposal introduces an accountable attribute based signature that enables an inspection authority to reveal the identity of the anonymously-authenticated user if needed. Third, Ins-PAbAC is provably secure, as it is resistant to both curious cloud providers and malicious users adversaries. Finally, experimental results, built upon OpenStack Swift testbed, point out the applicability of the proposed scheme in real world scenarios.