Secure, efficient and revocable multi-authority access control system in cloud storage

被引：91

作者：

Li, Qi ^{[1
]}

Ma, Jianfeng ^{[2
]}

Li, Rui ^{[3
,4
]}

Liu, Ximeng ^{[2
]}

Xiong, Jinbo ^{[5
]}

Chen, Danwei ^{[1
]}

机构：

[1] Nanjing Univ Posts & Telecommun, Sch Comp Sci & Technol, Nanjing 210023, Jiangsu, Peoples R China

[2] Xidian Univ, Sch Comp Sci & Technol, Xian 710071, Peoples R China

[3] Xidian Univ, Sch Software, Xian 710071, Peoples R China

[4] Xidian Univ, Inst Software Engn, Xian 710071, Peoples R China

[5] Fujian Normal Univ, Fac Software, Fuzhou 350108, Peoples R China

来源：

COMPUTERS & SECURITY | 2016年 / 59卷

基金：

中国国家自然科学基金;

关键词：

Cloud storage; Access control; Multi-authority; Decryption outsourcing; Adaptively secure; Attribute-level revocation; ATTRIBUTE-BASED ENCRYPTION;

D O I：

10.1016/j.cose.2016.02.002

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Multi-Authority Attribute-Based Encryption (MA-ABE) is an emerging cryptographic primitive for enforcing fine-grained attribute-based access control on the outsourced data in cloud storage. However, most of the previous multi-authority attribute-based systems are either proven to be secure in a weak model or lack of efficiency in user revocation. In this paper, we propose MAACS (Multi-Authority Access Control System), a novel multi-authority attribute based data access control system for cloud storage. We construct a new multi-authority ciphertext-policy ABE (MA-CP-ABE) scheme with decryption outsourcing.The decryption overhead for users is largely eliminated by outsourcing the undesirable bilinear pairing operations to the cloud servers. The proposed MA-CP-ABE scheme is proven adaptively secure in the standard model and supports any monotone access policy. We also design an efficient attribute-level user revocation approach with less computation cost. The security analysis, numerical comparisons and implementation results indicate that our MAACS is secure, efficient and scalable. (C) 2016 Elsevier Ltd. All rights reserved.

引用

页码：45 / 59

页数：15

共 34 条

[11] Chase M, 2009, CCS'09: PROCEEDINGS OF THE 16TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, P121
[12] De Caro A, 2011, IEEE SYMP COMP COMMU
[13] di Vimercati S.D. C., 2007, P 33 INT C VERY LARG, P123
[14] Goyal V., 2006, P 2006 INT C PRIVACY, P1
[15] Improving Security and Efficiency in Attribute-Based Data Sharing
Hur, Junbeom
[J]. IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2013, 25 (10) : 2271 - 2282
[16] Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems
Hur, Junbeom
Noh, Dong Kun
[J]. IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, 2011, 22 (07) : 1214 - 1221
[17] Jung TH, 2013, IEEE INFOCOM SER, P2625
[18] Kim Y., 2000, ACM C COMPUTER COMMU, P235, DOI [10.1145/352600.352638, DOI 10.1145/352600.352638]
[19] Decentralizing Attribute-Based Encryption
Lewko, Allison
Waters, Brent
[J]. ADVANCES IN CRYPTOLOGY - EUROCRYPT 2011, 2011, 6632 : 568 - 588
[20] Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption
Lewko, Allison
Okamoto, Tatsuaki
Sahai, Amit
Takashima, Katsuyuki
Waters, Brent
[J]. ADVANCES IN CRYPTOLOGY - EUROCRYPT 2010, 2010, 6110 : 62 - +

← 1 2 3 4 →