EnShare: Sharing Files Securely and Efficiently in the Cloud using Enclave.

As the cloud-based file sharing becomes increasingly popular, it is crucial to protect the outsourced data against unauthorized access. In this paper, we propose EnShare, a secure and practical file sharing system that leverages cooperation of server-side and client-side enclaves to enforce access control, with the former responsible for registration, authentication and access control enforcement and the latter performing file decryption. Such design significantly reduces the computation workload of server-side enclaves, thus capable of handling concurrent requests. Meanwhile, it also supports immediate permission revocation, since the file decryption keys inside the client-side enclaves are destroyed immediately after use. We implement a prototype of EnShare and the evaluation demonstrates it enforces access control securely with high throughput and low latency.