scholarly journals Simplified ciphertext-policy attribute-based encryption scheme with attribute level collusion resistance for cloud storage

2021 ◽  
Vol 2089 (1) ◽  
pp. 012010
Author(s):  
Naresh Vurukonda ◽  
Venkateshwarlu Velde ◽  
M. TrinathBasu ◽  
P. Tejasri
Keyword(s):  
Service Providers ◽  
Sensitive Information ◽  
Privacy Policy ◽  
Collusion Resistance ◽  
Cloud Data ◽  
Attribute Based Encryption ◽  
Cloud Server ◽  
Ciphertext Policy ◽  
And Control ◽  
Cloud Applications

Abstract The core objective of our paper is that to overcome the challenges of secure data sharing problem in cloud where users can access data if they acquire a certain set of attributes or credentials. At present, there is only one way for implementing such procedures is by employing a reliable server to mediate access control, store the data. The service providers have whole control over cloud applications, client’s data and hardware. However, if the data stored in the cloud server is conceded, then the data confidentiality will be compromised. With simplified CP-ABE data is confidential even though storage server is un trusted. Hence privacy of cloud data is enhanced by proposing a methodology that uses a privacy policy, encrypts the data based upon various group of attributes related to the user. The decryption of the data can be done only when his/her attributes match with the privacy policy. Simplified CP-ABE makes it easier to secure, broadcast and control the access of sensitive information, specifically across the cloud’s server and decrease collision resistance.

scholarly journals Outsourced ciphertext-policy attribute-based encryption with partial policy hidden

2020 ◽  
Vol 16 (5) ◽  
pp. 155014772092636
Author(s):  
Jinxia Yu ◽  
Guanghui He ◽  
Xixi Yan ◽  
Yongli Tang ◽  
Rongxia Qin
Keyword(s):  
Bilinear Pairing ◽  
Sensitive Information ◽  
Privacy Concerns ◽  
Access Policy ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
Cloud Server ◽  
And Performance ◽  
Ciphertext Policy ◽  
Access Policies

Attribute-based encryption is an efficient and flexible fine-grained access control scheme. However, how to realize the attribute privacy concerns in the access policy and optimize the heavy computing overhead have been not adequately addressed. First, in view of the open-access policies formulated by data owners in the cloud environment and the linear growth of bilinear pairing operations with the number of attributes in the decryption process, a verifiable outsourced attribute-based encryption with partial policy hidden scheme is proposed, in which the attribute name of access policy can be sent while attribute value involving sensitive information can be hidden, so nobody can infer information from the access policy. Second, the bilinear pairing operation and modular power operation are outsourced to the cloud server, then users only need to perform constant exponential operation to decrypt. In addition, the proposed scheme is based on the composite order bilinear group and satisfies full secure under the standard model. Finally, compared with other schemes in term of function and performance, it shows that this scheme is more efficient and suitable for resource-constrained mobile devices in outsourcing environment.

scholarly journals Ciphertext-policy attribute-based encryption with hidden sensitive policy from keyword search techniques in smart city

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
Keyword Search ◽  
Sensitive Information ◽  
Security Model ◽  
Computational Overhead ◽  
Diffie Hellman ◽  
Attribute Based Encryption ◽  
Iot Devices ◽  
Ciphertext Policy ◽  
Access Policies

AbstractCountless data generated in Smart city may contain private and sensitive information and should be protected from unauthorized users. The data can be encrypted by Attribute-based encryption (CP-ABE), which allows encrypter to specify access policies in the ciphertext. But, traditional CP-ABE schemes are limited because of two shortages: the access policy is public i.e., privacy exposed; the decryption time is linear with the complexity of policy, i.e., huge computational overheads. In this work, we introduce a novel method to protect the privacy of CP-ABE scheme by keyword search (KS) techniques. In detail, we define a new security model called chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and hidden. If user's attributes don't satisfy the public policy, he/she cannot get any information (attribute name and its values) of the hidden one. Previous CP-ABE schemes with hidden policy only work on the “AND-gate” access structure or their ciphertext size or decryption time maybe super-polynomial. Our scheme is more expressive and compact. Since, IoT devices spread all over the smart city, so the computational overhead of encryption and decryption can be shifted to third parties. Therefore, our scheme is more applicable to resource-constrained users. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals Ciphertext-Policy Attribute-based Encryption with Hidden Sensitive Policy for Recruitment in Smart City

2020 ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
End Users ◽  
The Other ◽  
Sensitive Information ◽  
Security Model ◽  
Access Policy ◽  
Computational Overhead ◽  
Attribute Based Encryption ◽  
Ciphertext Policy ◽  
Access Policies

Abstract Smart city, as a promising technical tendency, greatly facilitates citizens and generates innumerable data, some of which is very private and sensitive. To protect data from unauthorized users, ciphertext-policy attribute-based encryption (CP-ABE) enables data owner to specify an access policy on encrypted data. However, There are two drawbacks in traditional CP-ABE schemes. On the one hand, the access policy is revealed in the ciphertext so that sensitive information contained in the policy is exposed to anyone who obtains the ciphertext. For example, both the plaintext and access policy of an encrypted recruitment may reveal the company's future development plan. On the other hand, the decryption time scales linearly with the complexity of the access, which makes it unsuitable for resource-limited end users. In this paper, we propose a CP-ABE scheme with hidden sensitive policy for recruitment in smart city. Specifically, we introduce a new security model chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and fully hidden, only if user's attributes satisfy the public policy, it's possible for him/her to learn about the hidden policy, otherwise he/she cannot get any information (attribute name and its values) of it. When the user satisfies both access policies, he/she can obtain and decrypt the ciphertext. Compared with other CP-ABE schemes, our scheme supports a more expressive access policy, since the access policy of their schemes only work on the ``AND-gate'' structure. In addition, intelligent devices spread all over the smart city, so partial computational overhead of encryption of our scheme can be outsourced to these devices as fog nodes, while most part overhead in the decryption process is outsourced to the cloud. Therefore, our scheme is more applicable to end users with resource-constrained mobile devices. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals RSA-CP-IDABE: A Secure Framework for Multi-User and Multi-Owner Cloud Environment

Information ◽  
2020 ◽  
Vol 11 (8) ◽  
pp. 382
Author(s):  
Sonali Chandel ◽  
Geng Yang ◽  
Sumit Chakravarty
Keyword(s):  
Low Cost ◽  
Cloud Environment ◽  
Cloud Data ◽  
The Public ◽  
Security Issues ◽  
Attribute Based Encryption ◽  
Man In The Middle ◽  
Secret Keys ◽  
Encryption Decryption ◽  
Ciphertext Policy

Cloud has become one of the most widely used technologies to store data due to its availability, flexibility, and low cost. At the same time, the security, integrity, and privacy of data that needs to be stored on the cloud is the primary threat for cloud deployment. However, the increase in cloud utilization often results in the creation of a multi-user cloud environment, which requires its owners to manage and monitor the data more effectively. The security of information faces an additional threat, which is related to the increasing number of users and owners who deal with the data stored on the cloud. Many researchers have developed several frameworks and algorithms to address the security issues of the cloud environment. In the present work, a novel algorithm is proposed with the integration of Ciphertext Policy-Identity Attribute-based Encryption (CP-IDABE) and the Rivest–Shamir–Adelman (RSA) algorithm for securing the cloud. Both the owners and users are provided with the public and distinct secret keys that are generated by the Automated Certificate Authority (ACA). The attribute policy differentiates between the user and owner for accessing the cloud data. The proposed RSA-CP-IDABE algorithm also prevents the Man in the Middle (MITM) attack effectively. The performance of the proposed algorithm is evaluated for its time used for encryption, decryption, and execution for varying sizes of data. The obtained results are compared with the existing framework to show its effectiveness. The proposed algorithm can be enhanced with the revocation of privileges in the future.

scholarly journals BCAS: A blockchain-based ciphertext-policy attribute-based encryption scheme for cloud data security sharing

2021 ◽  
Vol 17 (3) ◽  
pp. 155014772199961
Author(s):  
Yuting Zuo ◽  
Zhaozhe Kang ◽  
Jian Xu ◽  
Zhide Chen
Keyword(s):  
Data Privacy ◽  
Discrete Logarithm ◽  
Third Parties ◽  
Third Party ◽  
Encryption Scheme ◽  
Cloud Data ◽  
Attribute Based Encryption ◽  
Encryption Schemes ◽  
Trusted Third Parties ◽  
Ciphertext Policy

It is the most important and challenging problem to share the data safely in cloud computing. Some so-called trusted third parties may also infringe users’ data privacy. It is an urgent problem for data owners to share data safely with the designated users rather than the third party or other users. Traditional encryption schemes utilize different keys to produce multiple encrypted copies of the same data for users. It is no longer applicable for cloud data sharing security. Attribute-based encryption can solve above problems, but it needs to rely on trusted third parties to protect the users’ privacy. In this article, in order to address the above problems, we propose a blockchain-based ciphertext-policy attribute-based encryption scheme for cloud data secure sharing without relying on any trusted third parties. Blockchain-based ciphertext-policy attribute-based encryption scheme can protect the rights and security of data owner. Compared with existing cloud security schemes, the proposed scheme has more advantages in terms of the six aspects: (1) data owners have the authority to decide who can decrypt the data; (2) the operations of users are retained permanently, and all records are tamper-proof; (3) our proposed scheme has the characteristic of “one-to-many” encryption, and data is encrypted only once; (4) our scheme does not rely on any trusted third party; (5) in terms of the discrete logarithm problem and decisional q parallel-bilinear Diffie–Hellman exponent problem, we prove that our proposed scheme is secure; and (6) experiment shows that our proposed scheme is more efficient than the comparative scheme.

scholarly journals Private Model Compression via Knowledge Distillation

2019 ◽  
Vol 33 ◽  
pp. 1190-1197 ◽  
Author(s):  
Ji Wang ◽  
Weidong Bao ◽  
Lichao Sun ◽  
Xiaomin Zhu ◽  
Bokai Cao ◽  
...  
Keyword(s):  
Mobile Devices ◽  
Differential Privacy ◽  
Service Providers ◽  
Sample Selection ◽  
Sensitive Information ◽  
Model Compression ◽  
Complex Models ◽  
Speed Up ◽  
Knowledge Distillation ◽  
And Control

The soaring demand for intelligent mobile applications calls for deploying powerful deep neural networks (DNNs) on mobile devices. However, the outstanding performance of DNNs notoriously relies on increasingly complex models, which in turn is associated with an increase in computational expense far surpassing mobile devices’ capacity. What is worse, app service providers need to collect and utilize a large volume of users’ data, which contain sensitive information, to build the sophisticated DNN models. Directly deploying these models on public mobile devices presents prohibitive privacy risk. To benefit from the on-device deep learning without the capacity and privacy concerns, we design a private model compression framework RONA. Following the knowledge distillation paradigm, we jointly use hint learning, distillation learning, and self learning to train a compact and fast neural network. The knowledge distilled from the cumbersome model is adaptively bounded and carefully perturbed to enforce differential privacy. We further propose an elegant query sample selection method to reduce the number of queries and control the privacy loss. A series of empirical evaluations as well as the implementation on an Android mobile device show that RONA can not only compress cumbersome models efficiently but also provide a strong privacy guarantee. For example, on SVHN, when a meaningful (9.83,10−6)-differential privacy is guaranteed, the compact model trained by RONA can obtain 20× compression ratio and 19× speed-up with merely 0.97% accuracy loss.

scholarly journals Ciphertext-Policy Attribute-based Encryption with Hidden Sensitive Policy from Keyword Search Techniques in Smarty City

2020 ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
Keyword Search ◽  
End Users ◽  
The Other ◽  
Sensitive Information ◽  
Security Model ◽  
Access Policy ◽  
Attribute Based Encryption ◽  
Ciphertext Policy ◽  
Access Policies

Abstract Smart city greatly facilitates citizens and generates innumerable data, some of which is very private and sensitive. To protect data from unauthorized users, ciphertext-policy attribute-based encryption (CP-ABE) enables data owner to specify an access policy on encrypted data. However, There are two drawbacks in traditional CP-ABE schemes. On the one hand, the access policy is revealed in the ciphertext so that sensitive information contained in the policy is exposed to anyone who obtains the ciphertext. For example, both the plaintext and access policy of an encrypted recruitment may reveal the company’s future development plan. On the other hand, the decryption time scales linearly with the complexity of the access, which makes it unsuitable for resource-limited end users. In this paper, we propose a CP-ABE scheme with hidden sensitive policy from keyword search (KS) techniques in smart city. Specifically, we introduce a new security model chosen sensitive policy security : two access policies embedded in the ciphertext, one is public and the other is sensitive and fully hidden, only if user’s attributes satisfy the public policy, it’s possible for him/her to learn about the hidden policy, otherwise he/she cannot get any information (attribute name and its values) of it. When the user satisfies both access policies, he/she can obtain and decrypt the ciphertext. Compared with other CP-ABE schemes, our scheme exploits KS techniques to achieve more expressive and efficient, while the access policy of their schemes only work on the “AND-gate” structure or their ciphertext size or decryption time maybe super-polynomial. In addition, intelligent devices spread all over the smart city, so partial computational overhead of encryption of our scheme can be outsourced to these devices as fog nodes, while most part overhead in the decryption process is outsourced to the cloud.Therefore, our scheme is more applicable to end users with resource-constrained mobile devices. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals Securing E-health Data using Ciphertext-Policy Attribute-Based Encryption with Dynamic User Revocation

2019 ◽  
Vol 8 (3) ◽  
pp. 7244-7250
Keyword(s):  
Access Control ◽  
Service Providers ◽  
Health Data ◽  
Security And Privacy ◽  
Unique Identifier ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
User Revocation ◽  
Role Based ◽  
Ciphertext Policy

E-health systems hold a massive amount of medical data that is stored and shared across healthcare service providers to deliver health facilities. However, security and privacy worries increase when sharing this data over distributed settings. As a result, Cryptography techniques have been considered to secure e-health data from unauthorized access. The Ciphertext Policy Attribute-Based Encryption (CP-ABE) is commonly utilized in such a setting, which provides role-based and fine-grained access control over encrypted data. The CP-ABE suffers from the problem of user revocation where the entire policy must be changed even when only one user is revoked or removed from the policy. In this paper, we proposed a CP-ABE based access control model to support user revocation efficiently. Specifically, the proposed model associates a unique identifier to each user. This identifier is added to the policy attributes and removed dynamically when the user is added/revoked. A tree structure (PolicyPathTree) is designed specifically for our model. It can facilitate fast access to policy's attributes during the verification process; The model is analyzed using Information Theory Tools. Results show that our model outperforms other notable work in terms of computational overheads.,

scholarly journals Towards Virtuous Cloud Data Storage Using Access Policy Hiding in Ciphertext Policy Attribute-Based Encryption

2021 ◽  
Vol 13 (11) ◽  
pp. 279
Author(s):  
Siti Dhalila Mohd Satar ◽  
Masnida Hussin ◽  
Zurina Mohd Hanapi ◽  
Mohamad Afendee Mohamed
Keyword(s):  
Data Storage ◽  
Cloud Storage ◽  
Security Analysis ◽  
Data Access ◽  
Logical Connective ◽  
Encrypted Data ◽  
Cloud Data ◽  
Access Policy ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

Managing and controlling access to the tremendous data in Cloud storage is very challenging. Due to various entities engaged in the Cloud environment, there is a high possibility of data tampering. Cloud encryption is being employed to control data access while securing Cloud data. The encrypted data are sent to Cloud storage with an access policy defined by the data owner. Only authorized users can decrypt the encrypted data. However, the access policy of the encrypted data is in readable form, which results in privacy leakage. To address this issue, we proposed a reinforcement hiding in access policy over Cloud storage by enhancing the Ciphertext Policy Attribute-based Encryption (CP-ABE) algorithm. Besides the encryption process, the reinforced CP-ABE used logical connective operations to hide the attribute value of data in the access policy. These attributes were converted into scrambled data along with a ciphertext form that provides a better unreadability feature. It means that a two-level concealed tactic is employed to secure data from any unauthorized access during a data transaction. Experimental results revealed that our reinforced CP-ABE had a low computational overhead and consumed low storage costs. Furthermore, a case study on security analysis shows that our approach is secure against a passive attack such as traffic analysis.

Sign in / Sign up

Export Citation Format

Share Document