Authorized convergent encryption for
client-side deduplication Taek-Young
Youn1, Ku-Young Chang1,
Kyung Hyune Rhee2, and Sang Uk
Shin2+ 1Electronics
and Telecommunications Research Institute (ETRI), Daejeon, Republic of Korea {taekyoung, jang1090}@etri.re.kr 2Electronics
Dept. of IT Convergence and Application Engineering, Pukyong
National University, Busan, Republic of Korea {khrhee, shinsu}@pknu.ac.kr
Abstract This paper proposes the method to provide efficient
use of cloud storage while supporting secure data sharing in the cloud. In
order to provide deduplication, we use the convergent encryption scheme and apply
an access privilege to generate a convergent key. Because of this, the user
without proper privileges will not able to generate a convergent key and thus
can’t access the shared data. The proposed method provides an adequate
trade-off between security and storage space efficiency. By executing the
deduplication for users with the same privilege, the effect of deduplication
can be reduced, but in view of the data sharing, there is the advantage that
only authorized users can access by uploading the encrypted file with the
privilege information. The proposed scheme seems to be very suitable for the
hybrid cloud model considering both the data security and the storage
efficiency. Keywords: Convergent Encryption, Client-side
Deduplication, Cloud Computing, Access Privilege. +: Corresponding author: Sang Uk
Shin Nam-Gu. Busan, Republic of Korea, Tel: +82-51-629-6249 IT Convergence Practice (INPRA), Vol. 4, No. 2, pp. 9-17, June 2016 [pdf] |