A Fine-Grained and Lightweight Data Access Control Model for Mobile Cloud Computing

With rapidly increasing adoption of cloud computing and the advancement of today mobile computing, it is inevitable that mobile devices are used to receive and send the data through the mobile cloud platform. This increases the convenience and flexibility of data access over the cloud computing since data users are able to access the shared data anytime, anywhere via mobile devices. However, using mobile devices in accessing shared data in a cloud where the sensitive data is encrypted is not practical because mobile devices have limited computing resources in dealing with heavy cryptographic operations. In this article, we propose a lightweight collaborative ciphertext policy attribute role-based encryption (LW-C-CP-ARBE) scheme to support a fine-grained and lightweight access control for mobile cloud environment. We apply CP-ABE approach as a core cryptographic access control and introduce a new proxy re-encryption (PRE) protocol to reduce data re-encryption and decryption cost for the mobile users. To this end, the overhead in running the cryptographic operation at the end-user device is small. In addition, we develop secure access policy sharing and re-encryption protocol to enable users having write privilege to update the data and request the proxy to perform data re-encryption. Finally, we present the evaluation and experiments to demonstrate the efficiency and practicality of our system.