Flexible Access Control over Privacy-Preserving Cloud Data Processing

Cloud computing provides an efficient and convenient platform for cloud users to store, process, and control their data (such as cybersecurity education-related data). Cloud overcomes the bottlenecks of resource-constrained devices and greatly releases storage and computing burdens on users. However, due to the lack of full trust in cloud service providers, cloud users generally prefer to outsource their sensitive data in an encrypted form, which seriously complicates data processing, analysis, as well as access control. Homomorphic encryption (HE) as a single key system cannot flexibly control data sharing and access after encrypted data processing. How to realize various computations over encrypted data in an efficient way and at the same time flexibly control the access to data processing results has been an important challenging issue. In this chapter, we propose a privacy-preserving data processing system to support several basic operations over outsourced encrypted data under the cooperation of a data service provider (DSP) and a computation party (CP). In addition, attribute-based encryption (ABE) is also applied to support flexible access control of processing results of encrypted data. Our schemes provide an efficient measure for secure data analytics to preserve the privacy of sensitive course data, e.g., course feedback, survey inputs, examination statistical data, exercises about security-related data for intrusion/malware detection and integrated personal data processing, etc. All of them can be applied into the education of cybersecurity.