Fine-Grained Two-Factor Protection Mechanism for Data Sharing in Cloud Storage

Data sharing in cloud storage is receiving substantial attention in information communications technology because it can provide users with efficient and effective storage services. To protect the confidentiality of the shared sensitive data, cryptographic techniques are usually applied. However, the data protection is still posing significant challenges in cloud storage for data sharing. Among them, how to protect and revoke the cryptographic key is the fundamental challenge. To tackle this, we propose a new data protection mechanism for cloud storage, which holds the following properties. First, the cryptographic key is protected by the two factors. Only if one of the two factors works, the secrecy of the cryptographic key is held. Second, the cryptographic key can be revoked efficiently by integrating the proxy re-encryption and key separation techniques. Finally, the data is protected in a fine-grained way by adopting the attribute-based encryption technique. Furthermore, the security analysis and performance evaluation show that our proposal is secure and efficient, respectively.