Date Added: Nov 2009
Providing secure and efficient access to large scale outsourced data is an important component of cloud computing. In this paper, the authors propose a mechanism to solve this problem in owner-write-users-read applications. They propose to encrypt every data block with a different key so that flexible cryptography-based access control can be achieved. Through the adoption of key derivation methods, the owner needs to maintain only a few secrets. Analysis shows that the key derivation procedure using hash functions will introduce very limited computation overhead. They propose to use over-encryption and/or lazy revocation to prevent revoked users from getting access to updated data blocks.