Akademik Veri Yönetim Sistemi
IEEE ACCESS, cilt.9, ss.107347-107359, 2021 (SCI-Expanded)
In this work, we construct a key access management scheme that seamlessly transitions any hierarchical-like access policy to the digital medium. The proposed scheme allows any public cloud system to be used as a private cloud. We consider the data owner an entity consisting of several organization units. We provide a secure method for each user of this entity to access the public cloud from both inside and outside the company's network. The idea of our key access control scheme, which is based on Shamir's secret sharing algorithm and polynomial interpolation method, is suitable especially for hierarchical organizational structures. It offers a secure, flexible, and hierarchical key access mechanism for organizations utilizing mission-critical data. It also minimizes concerns about moving mission-critical data to the public cloud and ensures that only users with sufficient approvals from the same or higher privileged users can access the key by making use of the topological ordering of a directed graph, including self-loop. Main overheads such as public and private storage needs are reduced to a tolerable level, and the key derivation is computationally efficient. From a security perspective, our scheme is both resistant to collaboration attacks and provides key indistinguishability security. Since the key does not need to be held anywhere, the problem of a data breach based on key disclosure risk is also eliminated.