Mona: Secure Multi-Owner Data Sharing
for Dynamic Groups in the Cloud
Xuefeng Liu, Yuqing Zhang, Member, IEEE, Boyang Wang, and Jingbo Yan
Abstract—With the character of low maintenance, cloud computing provides an economical and efficient solution for sharing group
resource among cloud users. Unfortunately, sharing data in a multi-owner manner while preserving data and identity privacy from an
untrusted cloud is still a challenging issue, due to the frequent change of the membership. In this paper, we propose a secure multi-
owner data sharing scheme, named Mona, for dynamic groups in the cloud. By leveraging group signature and dynamic broadcast
encryption techniques, any cloud user can anonymously share data with others. Meanwhile, the storage overhead and encryption
computation cost of our scheme are independent with the number of revoked users. In addition, we analyze the security of our scheme
with rigorous proofs, and demonstrate the efficiency of our scheme in experiments.
Index Terms—Cloud computing, data sharing, privacy-preserving, access control, dynamic groups
Ç
1INTRODUCTION
C
LOUD computing is recognized as an alternative to
traditional information technology [1] due to its
intrinsic resource-sharing and low-maintenance character-
istics. In cloud computing, the cloud service providers
(CSPs), such as Amazon, are able to deliver various services
to cloud users with the help of powerful datacenters. By
migrating the local data management systems into cloud
servers, users can enjoy high-quality services and save
significant investments on their local infrastructures.
One of the most fundamental services offered by cloud
providers is data storage. Let us consider a practical data
application. A company allows its staffs in the same group
or department to store and share files in the cloud. By
utilizing the cloud, the staffs can be completely released
from the troublesome local data storage and maintenance.
However, it also poses a significant risk to the confidenti-
ality of those stored files. Specifically, the cloud servers
managed by cloud providers are not fully trusted by users
while the data files stored in the cloud may be sensitive and
confidential, such as business plans. To preserve data
privacy, a basic solution is to encrypt data files, and then
upload the encrypted data into the cloud [2]. Unfortunately,
designing an efficient and secure data sharing scheme for
groups in the cloud is not an easy task due to the following
challenging issues.
First, identity privacy is one of the most significant
obstacles for the wide deployment of cloud computing.
Without the guarantee of identity privacy, users may be
unwilling to join in cloud computing systems because their
real identities could be easily disclosed to cloud providers
and attackers. On the other hand, unconditional identity
privacy may incur the abuse of privacy. For example, a
misbehaved staff can deceive others in the company by
sharing false files without being traceable. Therefore,
traceability, which enables the group manager (e.g., a
company manager) to reveal the real identity of a user, is
also highly desirable.
Second, it is highly recommended that any member in a
group should be able to fully enjoy the data storing and
sharing services provided by the cloud, which is defined as
the multiple-owner manner. Compared with the single-owner
manner [3], where only the group manager can store and
modify data in the cloud, the multiple-owner manner is more
flexible in practical applications. More concretely, each user
in the group is able to not only read data, but also modify his/
her part of data in the entire data file shared by the company.
Last but not least, groups are normally dynamic in
practice, e.g., new staff participation and current employee
revocation in a company. The changes of membership make
secure data sharing extremely difficult. On one hand, the
anonymous system challenges new granted users to learn
the content of data files stored before their participation,
because it is impossible for new granted users to contact
with anonymous data owners, and obtain the correspond-
ing decryption keys. On the other hand, an e fficient
membership revocation mechanism without updating the
secret keys of the remaining users is also desired to
minimize the complexity of key management.
Several security schemes for data sharing on untrusted
servers have been proposed [4], [5], [6]. In these approaches,
data owners store the encrypted data files in untrusted
storage and distribute the corresponding decryption keys
only to authorized users. Thus, unauthorized users as well
as storage servers cannot learn the content of the data files
because they have no knowledge of the decryption keys.
1182 IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 24, NO. 6, JUNE 2013
. X. Liu, B. Wang, and J. Yan are with the National Key Laboratory of
Integrated Services Networks, Xidian University, No. 2, Taibai Road, Xı
´
an
city 710071, Shaanxi province, China.
E-mail: {liuxf, bywang, yanjb}@mail.xidian.edu.cn, yanjb@nipc.org.cn.
. Y. Zhang is with the National Computer Network Intrusion Protection
Center, Graduate University of Chinese Academy of Sciences, No. 19,
Yuquan Road, Beijing 100049, China.
E-mail: Zhangyq@gucas.ac.cn, zhangyq@ucas.ac.cn.
Manuscript received 29 Feb. 2012; revised 1 Oct. 2012; accepted 22 Nov.
2012; published online 4 Dec. 2012.
Recommended for acceptance by V.B. Misic, R. Buyya, D. Milojicic, and
Y. Cui.
For information on obtaining reprints of this article, please send e-mail to:
tpds@computer.org, and reference IEEECS Log Number
TPDSSI-2012-02-0167.
Digital Object Identifier no. 10.1109/TPDS.2012.331.
1045-9219/13/$31.00 ß 2013 IEEE Published by the IEEE Computer Society