Fine-Grained and Controllably Editable Data Sharing With Accountability in Cloud Storage

With the increasing cloud storage service, users can enjoy non-interactive data sharing. Nonetheless, the data owner cannot timely update the shared data all the while. To ensure the timeliness and the authoritative source of the data, some users should be allowed to update the data on behalf of an authoritative data owner without changing data source. However, this allows harmful information to be injected into the data unnoticeably. How to efficiently realize editable cloud-based data sharing supporting malicious user tracing has not been fully explored. To address the problem, we propose a fine-grained and controllably editable cloud-based data sharing scheme with malicious user accountability. The data owner only needs to sign the shared data before uploading it and can specify a fine-grained access control policy about who can update the data and which portions of the data can be updated. The authorized users non-interactively convert signatures of original data into new ones for the updated data, which are indistinguishable from the original signatures. The proposed scheme also supports malicious user accountability in the sense that malicious users who post harmful information can be traced. We demonstrate the security and practicality of our scheme via formal security analysis and extensive experiments.