Skip to main content
placeholder image

Two-factor data security protection mechanism for cloud storage system

Journal Article


Download full-text (Open Access)

Abstract


  • In this paper, we propose a two-factor data security protection mechanism with factor revocability for cloud storage system. Our system allows a sender to send an encrypted message to a receiver through a cloud storage server. The sender only needs to know the identity of the receiver but no other information (such as its public key or its certificate). The receiver needs to possess two things in order to decrypt the ciphertext. The first thing is his/her secret key stored in the computer. The second thing is a unique

    personal security device which connects to the computer. It is impossible to decrypt the ciphertext without either piece. More importantly, once the security device is stolen or lost, this device is revoked. It cannot be used to decrypt any ciphertext. This can be done by the cloud server which will immediately execute some algorithms to change the existing ciphertext to be un-decryptable by this device. This process is completely transparent to the sender. Furthermore, the cloud server cannot decrypt any ciphertext at any time. The security and efficiency analysis show that our system is not only secure but also practical.

UOW Authors


  •   Liu, Joseph K. (external author)
  •   Liang, Kaitai (external author)
  •   Susilo, Willy
  •   Liu, Jianghua (external author)
  •   Xiang, Yang (external author)

Publication Date


  • 2016

Citation


  • Liu, J. K., Liang, K., Susilo, W., Liu, J. & Xiang, Y. (2016). Two-factor data security protection mechanism for cloud storage system. IEEE Transactions on Computers, 65 (6), 1992-2004.

Scopus Eid


  • 2-s2.0-84969869837

Ro Full-text Url


  • http://ro.uow.edu.au/cgi/viewcontent.cgi?article=6973&context=eispapers

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers/5944

Has Global Citation Frequency


Number Of Pages


  • 12

Start Page


  • 1992

End Page


  • 2004

Volume


  • 65

Issue


  • 6

Place Of Publication


  • United States

Abstract


  • In this paper, we propose a two-factor data security protection mechanism with factor revocability for cloud storage system. Our system allows a sender to send an encrypted message to a receiver through a cloud storage server. The sender only needs to know the identity of the receiver but no other information (such as its public key or its certificate). The receiver needs to possess two things in order to decrypt the ciphertext. The first thing is his/her secret key stored in the computer. The second thing is a unique

    personal security device which connects to the computer. It is impossible to decrypt the ciphertext without either piece. More importantly, once the security device is stolen or lost, this device is revoked. It cannot be used to decrypt any ciphertext. This can be done by the cloud server which will immediately execute some algorithms to change the existing ciphertext to be un-decryptable by this device. This process is completely transparent to the sender. Furthermore, the cloud server cannot decrypt any ciphertext at any time. The security and efficiency analysis show that our system is not only secure but also practical.

UOW Authors


  •   Liu, Joseph K. (external author)
  •   Liang, Kaitai (external author)
  •   Susilo, Willy
  •   Liu, Jianghua (external author)
  •   Xiang, Yang (external author)

Publication Date


  • 2016

Citation


  • Liu, J. K., Liang, K., Susilo, W., Liu, J. & Xiang, Y. (2016). Two-factor data security protection mechanism for cloud storage system. IEEE Transactions on Computers, 65 (6), 1992-2004.

Scopus Eid


  • 2-s2.0-84969869837

Ro Full-text Url


  • http://ro.uow.edu.au/cgi/viewcontent.cgi?article=6973&context=eispapers

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers/5944

Has Global Citation Frequency


Number Of Pages


  • 12

Start Page


  • 1992

End Page


  • 2004

Volume


  • 65

Issue


  • 6

Place Of Publication


  • United States