Techniques and Challenges for Cryptographic Implementation of Access Control in the Clou

The advent of cloud computing makes robust access control both increasingly important and challenging. The traditional approach to access control on the cloud is to use a reference monitor that checks whether a user has permission to access a resource and grants or denies access as appropriate. However, highly-publicized data breaches and disclosures to governments have resulted in cloud storage providers becoming untrusted to protect user data. An increasingly attractive approach is to base access control on cryptographic primitives. My dissertation identifies issues regarding the practicality, security, and expressibility of cryptographic access control techniques, and proposes techniques to resolve them.;First I look at the practicality of using cryptography to enforce dynamic access control on cloud systems. I show how role-based access control (RBAC) can be implemented cryptographically, and then perform experiments on real-world RBAC datasets to determine the overhead required for reading and writing files, as well as increasing and decreasing access. The results show that a large number of revocations can cause this to become impractical.;Next I look at how to improve the efficiency of revocation in cryptographic access control. While public-key proxy re-encryption and ciphertext delegation techniques appear to address this, they provide insufficient security when used with hybrid cryptosystems unless the symmetric key is also changed. For large files, this re-encryption process can be quite costly. I propose a new technique using an all-or-nothing transform on the file that allows for fast re-encryption while still preserving security. I also apply this technique in order to achieve efficient and secure rotation of symmetric keys.;Finally I look improving the expressibility of cryptographic access control by creating cryptographic implementations of attribute-based access control (ABAC), a more fine-grained access control model than RBAC. I provide several schemes implementing ABAC based on attribute-based encryption, and analyze the strengths and weaknesses of each.