A Cloud-Based Access Control Scheme with User Revocation and Attribute Update

被引：26

作者：

Zhang, Peng ^{[1
]}

Chen, Zehong ^{[1
]}

Liang, Kaitai ^{[2
]}

Wang, Shulan ^{[1
]}

Wang, Ting ^{[1
,3
]}

机构：

[1] Shenzhen Univ, Coll Informat Engn, ATR Key Lab Natl Def Technol, Shenzhen, Peoples R China

[2] Aalto Univ, Dept Comp Sci, Espoo, Finland

[3] South China Univ Technol, Sch Comp Sci & Engn, Guangzhou, Guangdong, Peoples R China

来源：

INFORMATION SECURITY AND PRIVACY, PT I | 2016年 / 9722卷

关键词：

Cloud; Access control; Attribute-based encryption; User revocability; Attribute update; CIPHERTEXT DELEGATION; ENCRYPTION;

D O I：

10.1007/978-3-319-40253-6_32

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Ciphertext-policy attribute-based encryption (CP-ABE) is a well-known cryptographic technology for guaranteeing data confidentiality but also fine-grained data access control. It enables data owners to define flexible access policy for cloud-based data sharing. However, the user revocation and attribute update problems existing in CP-ABE systems that are long-standing unsolved in the literature. In this paper, we propose the first access control (CP-ABE) scheme supporting user revocability and attribute update. Specifically, the user revocation is defined in the identity-based setting that does not conflict our attribute-based design. The cost brought by attribute update is efficient in the sense that we only concentrate on the update of the ciphertexts associated with the corresponding updated attribute. Moreover, the security analysis shows that the proposed scheme is secure under the decisional Bilinear DiffieHellman assumption.

引用

页码：525 / 540

页数：16

共 18 条

[1] Ciphertext-policy attribute-based encryption
Bethencourt, John
Sahai, Amit
Waters, Brent
[J]. 2007 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 2007, : 321 - +
[2] Chase M, 2009, CCS'09: PROCEEDINGS OF THE 16TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, P121
[3] Cheung L, 2007, CCS'07: PROCEEDINGS OF THE 14TH ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, P456
[4] Fan TR, 2013, INT J SECUR APPL, V7, P267
[5] Horváth M, 2015, LECT NOTES COMPUT SC, V8939, P566, DOI 10.1007/978-3-662-46078-8_47
[6] Improving Security and Efficiency in Attribute-Based Data Sharing
Hur, Junbeom
[J]. IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2013, 25 (10) : 2271 - 2282
[7] Privacy-Preserving Ciphertext Multi-Sharing Control for Big Data Storage
Liang, Kaitai
Susilo, Willy
Liu, Joseph K.
[J]. IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2015, 10 (08) : 1578 - 1589
[8] Searchable Attribute-Based Mechanism With Efficient Data Sharing for Secure Cloud Storage
Liang, Kaitai
Susilo, Willy
[J]. IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2015, 10 (09) : 1981 - 1992
[9] Liang K, 2014, LECT NOTES COMPUT SC, V8712, P257, DOI 10.1007/978-3-319-11203-9_15
[10] Time-based proxy re-encryption scheme for secure data sharing in a cloud environment
Liu, Qin
Wang, Guojun
Wu, Jie
[J]. INFORMATION SCIENCES, 2014, 258 : 355 - 370

← 1 2 →