Despite the tremendous improvement in technology of networked storage, and the vast improvement in cryptographic techniques, the directly-applicable state-of-the-art cryptographic techniques are rarely used in today's real-life storage systems and research. There exists a wide gap between the recent cryptographic advances and the existing cryptographic techniques used to secure storage systems. This project narrows the gap between the state-of-art cryptographic solutions and the existing storage security solutions as well as continuing to identify and resolve new security problems. In particular, this research provides the following solutions: 1) Security for Minimally Trusted Storage Systems: Securing data on minimally trusted storage is particularly important, because of frequent insider misuse as well as the current trend of outsourced storage services. In this project, new cryptographic mechanisms are provided for temporal access control and secure file sharing. 2) A Secure and Practical Data Sharing System: Relying either on system administrator or on the data users to add a new user in global file system may cause possible misuse of privilege. This project resolves this "dilemma" by splitting the trust between system administrators and data owners and making them co-operatively work together to add users to the system. 3) Symmetric-key role-based access control: This project provides efficient decentralized access control mechanism. For all these project, complete cryptographic analysis as well as implementation on diverse storage platforms are considered. The output of this research will be disseminated to diverse audiences ranging from cryptographers to storage industries.
