PPAC-CDW: A Privacy-Preserving Access Control Scheme With Fast OLAP Query and Efficient Revocation for Cloud Data Warehouse

Abstract

Read online

Achieving privacy-preserving analytical query with fine-grained access control for cloud-based data warehouse (CDW) through the use of online analytical processing (OLAP) tool is a real challenge. This is because the access control must be enforced differently to multiple users while the OLAP query should be excelled from the encrypted DW and the query results are delivered through the public network. Existing solutions employ encryption solutions to apply on DW. However, they mostly overlooked fine-grained access control enforcement to different users and efficient OLAP query performance when there is a large number of users. In this paper, we proposed a PPAC-CDW scheme, a fine-grained and privacy-preserving access control with efficient query processing for OLAP queries for CDW. Our proposed scheme is based on the integration of ciphertext-policy attribute-based encryption, an extended model of materialized view scheme of MOLAP, and the hybrid cloud system. Our proposed scheme enjoys fast query performance based on encrypted pre-computed cube and our proposed B+Tree model. In addition, we introduced an efficient and traceable user revocation mechanism based on proxy re-encryption and blockchain with optimized cost of ciphertext retrieval. Finally, we conducted experiments demonstrating that our scheme offers more efficient data access performance compared to related works.

Keywords

• Access control
• B+Tree
• cloud computing
• CP-ABE
• data warehouse
• revocation