With the popularity of group data exchange in public cloud computing, the privacy and security of shared group data have become two major issues. The cloud provider can not be treated as a trusted third party because of its semi-trust nature and therefore traditional security models can not be generalized directly into cloud-based pool sharing frameworks. In this article, we propose a new secure public-cloud group sharing framework, which can effectively leverage the help of cloud servers, but does not have sensitive data exposed to attackers and the cloud provider. The framework combines proxy signature, enhanced TGDH and proxy encryption together in a protocol. When applying the proxy signature technique, the group leader can effectively grant the privilege of managing the group to one or more members of the chosen group. The enhanced TGDH scheme allows the group to negotiate and update group key pairs with the help of cloud servers, which does not require all members of the group to be online at all times. By adopting proxy encryption, most computer-intensive operations can be delegated to servers in the cloud without revealing any private information. Extensive security and performance analysis shows that our proposed scheme is highly efficient and meets the security requirements for secure public cloud-based group sharing.
With the popularity of group data exchange in public cloud computing, the privacy and security of shared group data have become two major issues. The cloud provider can not be treated as a trusted third party because of its semi-trust nature and therefore traditional security models can not be generalized directly into cloud-based pool sharing frameworks. In this article we propose a new secure public-cloud group sharing framework that can leverage the help of cloud servers but has no sensitive data exposed to attackers and the cloud provider. The framework combines proxy signature, enhanced TGDH and proxy encryption together in a protocol. When applying the proxy signature technique, the group leader can effectively grant the privilege of managing the group to one or more members of the chosen group. The enhanced TGDH scheme allows the group to negotiate and update group key pairs with the help of Cloud Servers, which does not require all members of the group to be online at all times. By adopting proxy encryption, most computer-intensive operations can be delegated to Cloud Servers without revealing any private information. Extensive security and performance analysis shows that our proposed scheme is highly efficient and meets the security requirements for secure public cloud-based group sharing.