Privacy Enhanced Access Control for Outsourced Data Sharing
Traditional access control models often assume that the entity enforcing access control policies is also the owner of data and re-sources. This assumption no longer holds when data is outsourced to a third-party storage provider, such as the cloud. Existing access control solutions mainly focus on preserving confidentiality of stored data from unauthorized access and the storage provider. However, in this setting, access control policies as well as users' access patterns also become privacy sensitive information that should be protected from the cloud.