Time-based and privacy protection revocable and traceable data sharing scheme in cloud computing

被引:0
作者
Zhang J. [1 ]
Ma J. [1 ]
Ma Z. [1 ]
Li T. [1 ]
机构
[1] School of Cyber Engineering, Xidian University, Xi'an
来源
Tongxin Xuebao/Journal on Communications | 2021年 / 42卷 / 10期
基金
中国博士后科学基金; 中央高校基本科研业务费专项资金资助; 中国国家自然科学基金;
关键词
Cloud computing; CP-ABE; Direct user revocation; Time-based access control; While-box tracing;
D O I
10.11959/j.issn.1000-436x.2021206
中图分类号
学科分类号
摘要
General ciphertext-policy attribute-based encryption (CP-ABE) provides fine-grained access control for data sharing in cloud computing, but its plaintext formed access policy may cause leakage of private and sensitive data. And revoking a malicious user by accurately tracing the identity according to a leaked decryption key is a huge challenge. Moreover, most of existing revocable schemes incur long user revocation list and low efficiency. To solve these problems, a time-based and privacy preserving revocable and traceable data sharing scheme was proposed based on CP-ABE to support expressive monotonic and partial hidden access policy, large attribute universe by conceal the attribute values in access policy. Time-limited data access control using hierarchical identity-based encryption was achieved to set key valid period for users. Moreover, with the approaches of white-box tracing and binary tree, efficient user tracing and direct revocation with shorter revocation list was realized together with high efficiency via online/offline and verifiable outsourced decryption techniques. Furthermore, the scheme was secure under decisional q-BDHE assumption. Theoretical analysis and extensive experiments demonstrate its advantageous performance in computational and storage cost. © 2021, Editorial Board of Journal on Communications. All right reserved.
引用
收藏
页码:81 / 94
页数:13
相关论文
共 25 条
[1]  
ZHANG J W, MA J F, MA Z, Et al., Efficient hierarchical data access control for resource-limited users in cloud-based e-health, Proceedings of 2019 International Conference on Networking and Network Applications (NaNA), pp. 319-324, (2019)
[2]  
MIAO Y B, WENG J, LIU X M, Et al., Enabling verifiable multiple keywords search over encrypted cloud data, Information Sciences, 465, pp. 21-37, (2018)
[3]  
MIAO Y B, DENG R H, LIU X M, Et al., Multi-authority attribute-based keyword search over encrypted cloud data, IEEE Transactions on Dependable and Secure Computing, 18, 4, pp. 1667-1680, (2021)
[4]  
ISLAM M A, MADRIA S., Attribute-based encryption scheme for secure multi-group data sharing in cloud, IEEE Transactions on Services Computing, 99, (2020)
[5]  
ZHANG Z T, ZENG P, PAN B F, Et al., Large-universe attribute-based encryption with public traceability for cloud storage, IEEE Internet of Things Journal, 7, 10, pp. 10314-10323, (2020)
[6]  
QI S Y, LU Y S, ZHENG Y Q, Et al., CPDS: enabling compressed and private data sharing for industrial Internet of things over blockchain, IEEE Transactions on Industrial Informatics, 17, 4, pp. 2376-2387, (2021)
[7]  
HOHENBERGER S, WATERS B., Online/offline attribute-based encryption, International Workshop on Public Key Cryptography, pp. 293-310, (2014)
[8]  
ROUSELAKIS Y, WATERS B., Practical constructions and new proof methods for large universe attribute-based encryption, Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 463-474, (2013)
[9]  
JOSHI M, JOSHI K, FININ T., Attribute based encryption for secure access to cloud based EHR systems, Proceedings of 2018 IEEE 11th International Conference on Cloud Computing (CLOUD), pp. 932-935, (2018)
[10]  
LIU Z C, JIANG Z L, WANG X, Et al., Practical attribute-based encryption: outsourcing decryption, attribute revocation and policy updating, Journal of Network and Computer Applications, 108, pp. 112-123, (2018)
123