Achieving Fine-Grained Data Sharing for Hierarchical Organizations in Clouds

Cloud computing has become an increasingly popular option for users to store and share data. Encryption prior to outsourcing data to the cloud is the best way to protect data security and privacy; however, it hinders sharing of the data that was encrypted. In addition, users in many real-world organizations (e.g., enterprises) have multiple level structures and a higher-level user should have the privilege to decide which data can be shared with a lower-level user. Most solutions in the literature suffer from inefficiency or inflexibility in tackling this problem. In this article, we propose a fine-grained hierarchical data sharing (FHDS) scheme in clouds. With FHDS, the data owner can encrypt data with his public key, and then selectively share encrypted data with users in a hierarchy; if necessary, the users can disseminate the owner's data to their subordinates in the lower levels by generating access keys. In particular, the higher-level users could puncture the keys with some tags such that the part of the owner's data which is labeled by the punctured tags will not be accessible to the lower-level users. The proposed scheme is provable secure under our security model and performance analyses show the efficiency of the scheme.