3LSAA: A Secure And Privacy-preserving Zero-knowledge-based Data-sharing Approach Under An Untrusted Environment

TL;DR

The paper introduces 3LSAA, a cryptography-based data-sharing protocol that ensures privacy, security, and access control in untrusted cloud environments, enhancing usability and data sovereignty.

Contribution

It presents a novel 3-layer cryptographic scheme combining SSE, ABE, and AES to enable secure, privacy-preserving data sharing with automatic access control in untrusted settings.

Findings

Provides automatic access control management

Ensures data self-sovereignty and privacy

Improves system usability and key recovery

Abstract

As data collection and analysis become critical functions for many cloud applications, proper data sharing with approved parties is required. However, the traditional data sharing scheme through centralized data escrow servers may sacrifice owners' privacy and is weak in security. Mainly, the servers physically own all data while the original data owners have only virtual ownership and lose actual access control. Therefore, we propose a 3-layer SSE-ABE-AES (3LSAA) cryptography-based privacy-protected data-sharing protocol based on the assumption that servers are honest-but-curious. The 3LSAA protocol realizes automatic access control management and convenient file search even if the server is not trustable. Besides achieving data self-sovereignty, our approach also improves system usability, eliminates the defects in the traditional SSE and ABE approaches, and provides a local AES key recovery method for user's availability.