Secure Data Sharing and Retrieval Using Attribute-Based Encryption in Cloud-Based OSNs

The Online social networks (OSNs) offer attractive means for social interactions and data sharing, but also raise a number of security and privacy issues. Since the OSNs service provider is always semi-trusted, current solutions propose to encrypt data before sharing. However, data encryption causes a lot of inconveniences and large overheads for data dissemination and data retrieval. In this paper, we propose a secure data sharing and retrieval scheme in cloud-based OSNs. Based on ciphertext-policy attribute-based encryption, our scheme achieves multiparty access control, which allows data owners to outsource encrypted data to the OSNs service provider for sharing, and enables data disseminators to disseminate the data owners' data by customizing new access policy. Our scheme also provides searchable encryption scheme to support fast searches in massive amount of encrypted data from both data owners and data disseminators. Further, our scheme preserves the privacy of data owners and data retrievers during the data sharing and retrieval processes. In addition, the computation overhead of data retrievers is reduced by delegating most of the decryption operations to the OSNs service provider. The security and performance analysis results indicate that our scheme is secure and privacy-preserving.