Cloud storage service provides a new way for user to store and access their files anytime anywhere. It also allows user to share their files or collaborate with other users that is useful to increase the productivity and creativity in the workplace. But this certainly raises the challenge of key management in cloud storage service as the number of encrypted key needed to access the file is increased linearly depending on the number of users have access to it due to public key infrastructure (PKI) as the standard used in the cloud storage service. Access control is also another challenge that needs to be solved by cloud storage service to ensure that only the authorized user can access the files stored in the cloud.
One of the solutions to solve these challenges is attribute-based encryption (ABE). ABE is an encryption type that uses set of descriptive attributes to secure the data with the encrypted data can only be accessed if attributes of the user fulfils the set of attributes of the encrypted data. It provides encrypted hierarchical and role-based access control and file-level security into the file as only the authorized user with the correct attributes can access the file. We leverage ABE for our multi-cloud storage solution of CloudRAID as it provides secure and scalable key and access control management. For each file stored in the cloud it only requires one encrypted key that can be accessed if the user has enough attributes to be authorized to access the file.