• multi-level security;
  • dynamic privileges;
  • cloud computing;
  • data sharing;
  • access control


With the rapid development of cloud computing, more and more enterprises will outsource their sensitive data for sharing in a cloud. Many data sharing and access control schemes have been submitted. However, dynamic privileges among user groups were not considered. In many circumstances, some users may have higher privileges than others, and they can decrypt more contents than those with low privileges. Moreover, the data owner may want to dynamically control the privileges in data sharing. In this paper, we present an efficient framework for data sharing system to achieve dynamic privileges, basing on chameleon hash function and one-way function. With this framework, any data sharing and access control scheme can be turned into a dynamic privileged scheme, in which the data owner can change the group of each user dynamically and change the structure of privileges flexibly when it is needed. The proposed framework requires much less storage than previous schemes in handling dynamic privileges among the users. Copyright © 2013 John Wiley & Sons, Ltd.