Skip to main content

Abstract

From the Easyjet recent data breach [1], to the abuse of over than 68 million user accounts in Dropbox [2], to the recent leakage of information belonging to 700 million LinkedIn users’ information [3], we are regularly witnessing a serious problem: the inability for data owners to help themselves in cyber security breaches situations [4].
This presentation first introduces the security issues in cloud storage services and defines the security requirements. Then, Attribute Based Encryption techniques are presented as a solution to return control to data owners over their data stored in cloud storage services [4, 5]. In particular, we discuss the application of several attribute-based techniques to preserve data security and users’ privacy in cloud applications while explaining the challenges faced and the proposed enhancements [6,7,8].
We finish the presentation by an interdisciplinary discussion on the security and privacy challenges in clouds as well as a definition of some relevant research directions [9].

[1] https://www.leighday.co.uk/our-services/group-claims/easyjet-data-breac…
[2] https://www.bbc.com/news/technology-37232635 
[3] https://fortune.com/2021/06/30/linkedin-data-theft-700-million-users-pe…
[4] https://www.securitymagazine.com/articles/96412-40-of-organizations-hav…;
[4] Belguith, Sana, Nesrine Kaaniche, and Mohammad Hammoudeh. "Analysis of attribute‐based cryptographic techniques and their application to protect cloud services." Transactions on Emerging Telecommunications Technologies (2019): e3667.
[5] Cui, Shujie, Sana Belguith, Pramodya De Alwis, Muhammad Rizwan Asghar, and Giovanni Russello. "Collusion defender: preserving subscribers' privacy in publish and subscribe systems." IEEE Transactions on Dependable and Secure Computing (2019).
[6] Belguith, Sana, Nesrine Kaaniche, Maryline Laurent, Abderrazak Jemai, and Rabah Attia. "Accountable privacy preserving attribute based framework for authenticated encrypted access in clouds." Journal of Parallel and Distributed Computing 135 (2020): 1-20. 
[7] Belguith, Sana, Nesrine Kaaniche, and Giovanni Russello. "CUPS: Secure opportunistic cloud of things framework based on attribute‐based encryption scheme supporting access policy update." Security and Privacy (2019): e85.
[8] Belguith, Sana, Nesrine Kaaniche, Mohammad Hammoudeh, and Tooska Dargahi. "Proud: Verifiable privacy-preserving outsourced attribute based signcryption supporting access policy update for cloud assisted iot applications." Future Generation Computer Systems 111 (2020): 899-918.
[9] Kaaniche, Nesrine, Maryline Laurent, and Sana Belguith. "Privacy enhancing technologies for solving the privacy-personalization paradox: Taxonomy and survey." Journal of Network and Computer Applications 171 (2020): 102807.