PriGuarder: A Privacy-Aware Access Control Approach Based on Attribute Fuzzy Grouping in Cloud Environments

Data privacy protection is crucial to cloud computing since privacy leakage may prevent users from using cloud services. To ensure data privacy, we propose PriGuarder, a novel privacy-aware access control method. This method spans the three stages of a cloud service, i.e., user registration, data creation, and data access. At each stage, users can choose two modes to interact with the cloud service provider, i.e., direct or indirect. With the indirect mode, an attribute fuzzy grouping scheme is introduced to ensure user identity privacy and attribute privacy in all the three stages. Furthermore, exploiting data encryption and timestamp techniques, new access control protocols are proposed to regulate interactions between users and the cloud service provider. We illustrate the use of our method in the context of Amazon S3. Theoretical analysis and comprehensive simulation experiments have been conducted, which demonstrate the efficacy of PriGuarder.