Acta Metallurgica Sinica(English letters) ›› 2015, Vol. 22 ›› Issue (2): 38-43.doi: 10.1016/S1005-8885(15)60637-9

• Security • Previous Articles     Next Articles

Method of secure, scalable, and fine-grained data access control with efficient revocation in untrusted cloud

Ling-Wei SONG   

  • Received:2014-05-21 Revised:2014-09-30 Online:2015-04-30 Published:2015-04-22
  • Contact: Ling-Wei SONG
  • Supported by:

    Digital Right Management Technology Research and Development Project;Beijing Higher Education Young Elite Teacher Project;Specialized Research Fund for the Doctoral Program of Higher Education;National Key project of Scientific and Technical Supporting Programs of China;National 863 Program (2012AA012606)


Cloud computing is a developing computing paradigm in which resources of the computing infrastructure are provided as services over the network. Hopeful as it is, this paradigm also brings new challenges for data security and encryption storage when date owner stores sensitive data for sharing with untrusted cloud servers. When it comes to fine-grained data and scalable access control, a huge computation for key distribution and data management is required. In this article, we achieved this goal by exploiting and uniquely combining techniques of ciphertext-policy attribute-based encryption (CP-ABE), linear secret sharing schemes (LSSS), and counter (CTR) mode encryption. The proposed scheme is highly efficient by conducting the revocation on attribute level rather than on user level. The goals of data confidentiality and no collusion attack (even the cloud servers (CS) collude with users), as well as ones of fine-grainedness and scalability, are also achieved in our access structure.

Key words:

CP-ABE, revocation, fine-grained, counter mode encryption, cloud computing