Method of secure, scalable, and fine-grained data access control with efficient revocation in untrusted cloud

doi:10.1016/S1005-8885(15)60637-9

中国邮电高校学报(英文) ›› 2015, Vol. 22 ›› Issue (2): 38-43.doi: 10.1016/S1005-8885(15)60637-9

• Artificial Intelligence • 上一篇下一篇

Method of secure, scalable, and fine-grained data access control with efficient revocation in untrusted cloud

宋玲娓

北京邮电大学信息安全中心

收稿日期:2014-05-21 修回日期:2014-09-30 出版日期:2015-04-30 发布日期:2015-04-22
通讯作者: 宋玲娓 E-mail:songlw@bupt.edu.cn
基金资助:
数字版权研发工程项目;北京高等学校青年英才计划项目;教育部科技发展中心网络时代的科技论文快速共享专项研究资助课题;中央高校基本科研业务费专项资金资助;国家科技支撑计划;国家863计划

Method of secure, scalable, and fine-grained data access control with efficient revocation in untrusted cloud

Ling-Wei SONG

Received:2014-05-21 Revised:2014-09-30 Online:2015-04-30 Published:2015-04-22
Contact: Ling-Wei SONG E-mail:songlw@bupt.edu.cn
Supported by:
Digital Right Management Technology Research and Development Project;Beijing Higher Education Young Elite Teacher Project;Specialized Research Fund for the Doctoral Program of Higher Education;National Key project of Scientific and Technical Supporting Programs of China;National 863 Program (2012AA012606)

摘要/Abstract

摘要：

Cloud computing is a developing computing paradigm in which resources of the computing infrastructure are provided as services over the network. Hopeful as it is, this paradigm also brings new challenges for data security and encryption storage when date owner stores sensitive data for sharing with untrusted cloud servers. When it comes to fine-grained data and scalable access control, a huge computation for key distribution and data management is required. In this article, we achieved this goal by exploiting and uniquely combining techniques of ciphertext-policy attribute-based encryption (CP-ABE), linear secret sharing schemes (LSSS), and counter (CTR) mode encryption. The proposed scheme is highly efficient by conducting the revocation on attribute level rather than on user level. The goals of data confidentiality and no collusion attack (even the cloud servers (CS) collude with users), as well as ones of fine-grainedness and scalability, are also achieved in our access structure.

关键词:

CP-ABE, revocation, fine-grained, counter mode encryption, cloud computing

Abstract:

Key words:

CP-ABE, revocation, fine-grained, counter mode encryption, cloud computing

Ling-Wei SONG Yu Fang Zhang Ru Niu Xinxin. Method of secure, scalable, and fine-grained data access control with efficient revocation in untrusted cloud[J]. Acta Metallurgica Sinica(English letters), 2015, 22(2): 38-43.

参考文献

1. Harney H, Colgrove A, McDaniel P D. Principles of policy in secure groups. Proceedings of the 8th Annual Symposium on Network and Distributed System Security (NDSS’01), Feb 7-9, 2001, San Diego, CA, USA. New York, NY, USA: ACM, 2001: 66-74

2. Yu T, Winslett M. A unified scheme for resource protection in automated trust negotiation. Proceedings of the 2003 Symposium on Security and Privacy (S&P’03), May 11-14, 2003, Los Alamitos, CA, USA. Washington, DC, USA: IEEE Computer Society, 2003: 110-112

3. Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption. Proceedings of the 2007 Symposium on Security and Privacy (S&P’07), May 20-23, 2007, Berkeley, CA, USA. Washington, DC, USA: IEEE Computer Society, 2007: 321-334

4. Waters B. Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography (PKC’11), May 6-9, 2011, Taormina, Italy. LNCS 6571. Berlin, Germany: Springer-Verlag, 2011: 53-70

5. Yang K, Jia X, Ren K. Attribute-based fine-grained access control with efficient revocation in cloud storage systems. Proceedings of the 8th ACM SIGSAC International Symposium on Information, Computer and Communications Security (ASIACCS’13), Mar 8-10, 2013, Hangzhou, China. New York, NY, USA: ACM, 2013: 523-528

6. Yang K, Jia X. Security for cloud storage systems. New York, NY, USA: Springer, 2014: 39-58

7. Attrapadung N, Imai H. Conjunctive broadcast and attribute-based encryption. Proceedings of the 3rd International Conference on Pairing-based Cryptography (Pairing’09), Aug 12-14, 2009, Palo Alto, CA, USA. LNCS 5671. Berlin, Germany: Springer-Verlag, 2009: 248-256

8. Attrapadung N, Imai H. Attribute-based encryption supporting direct/indirect revocation modes. Proceedings of the 12th IMA International Conference on Cryptography and Coding (IMACC’09), Dec 15-17, 2009, Cirencester, UK. LNCS 5921. Berlin,Germany: Springer-Verlag, 2009: 278-300

9. Hur J, Noh D K. Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Transactions on Parallel and Distributed Systems, 2011, 22(7): 1214-1221

10. Yu S, Wang C, Ren K, et al. Achieving secure, scalable, and fine-grained data access control in cloud computing. Proceedings of the 29th Annual Joint Conference of the IEEE Computer and Communications (INFOCOM’10), Mar 14-19, 2010, San Diego, CA, USA. Piscataway, NJ, USA: IEEE, 2010: 9p

11. Boneh D, Goh E J, Nissim K. Evaluating 2-DNF formulas on ciphertexts. Proceedings of the 2nd International Conference on Theory of Cryptography (TCC’05), Feb 10-12, 2005, Cambridge, MA, USA. LNCS 3378. Berlin, Germany: Springer-Verlag, 2005: 325-341

12. Beimel A. Secure schemes for secret sharing and key distribution. Ph. D. Thesis. Haifa, Israel: Israel Institute of Technology, 1996

Method of secure, scalable, and fine-grained data access control with efficient revocation in untrusted cloud

Method of secure, scalable, and fine-grained data access control with efficient revocation in untrusted cloud

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 0

编辑推荐

Metrics

本文评价