A Novel Access Control Security Model Based on Ciphertext Policy Attribute-Based Encryption for Smart Homes

2020 ◽  
Author(s):  
Hmdah Alsolami ◽  
Omaimah Bamasag ◽  
Asia Aljahdali
Keyword(s):  
Access Control ◽  
Smart Homes ◽  
Security Model ◽  
Model Based ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

scholarly journals Ciphertext-policy attribute-based encryption with hidden sensitive policy from keyword search techniques in smart city

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
Keyword Search ◽  
Sensitive Information ◽  
Security Model ◽  
Computational Overhead ◽  
Diffie Hellman ◽  
Attribute Based Encryption ◽  
Iot Devices ◽  
Ciphertext Policy ◽  
Access Policies

AbstractCountless data generated in Smart city may contain private and sensitive information and should be protected from unauthorized users. The data can be encrypted by Attribute-based encryption (CP-ABE), which allows encrypter to specify access policies in the ciphertext. But, traditional CP-ABE schemes are limited because of two shortages: the access policy is public i.e., privacy exposed; the decryption time is linear with the complexity of policy, i.e., huge computational overheads. In this work, we introduce a novel method to protect the privacy of CP-ABE scheme by keyword search (KS) techniques. In detail, we define a new security model called chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and hidden. If user's attributes don't satisfy the public policy, he/she cannot get any information (attribute name and its values) of the hidden one. Previous CP-ABE schemes with hidden policy only work on the “AND-gate” access structure or their ciphertext size or decryption time maybe super-polynomial. Our scheme is more expressive and compact. Since, IoT devices spread all over the smart city, so the computational overhead of encryption and decryption can be shifted to third parties. Therefore, our scheme is more applicable to resource-constrained users. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals Ciphertext-Policy Attribute-based Encryption with Hidden Sensitive Policy for Recruitment in Smart City

2020 ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
End Users ◽  
The Other ◽  
Sensitive Information ◽  
Security Model ◽  
Access Policy ◽  
Computational Overhead ◽  
Attribute Based Encryption ◽  
Ciphertext Policy ◽  
Access Policies

Abstract Smart city, as a promising technical tendency, greatly facilitates citizens and generates innumerable data, some of which is very private and sensitive. To protect data from unauthorized users, ciphertext-policy attribute-based encryption (CP-ABE) enables data owner to specify an access policy on encrypted data. However, There are two drawbacks in traditional CP-ABE schemes. On the one hand, the access policy is revealed in the ciphertext so that sensitive information contained in the policy is exposed to anyone who obtains the ciphertext. For example, both the plaintext and access policy of an encrypted recruitment may reveal the company's future development plan. On the other hand, the decryption time scales linearly with the complexity of the access, which makes it unsuitable for resource-limited end users. In this paper, we propose a CP-ABE scheme with hidden sensitive policy for recruitment in smart city. Specifically, we introduce a new security model chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and fully hidden, only if user's attributes satisfy the public policy, it's possible for him/her to learn about the hidden policy, otherwise he/she cannot get any information (attribute name and its values) of it. When the user satisfies both access policies, he/she can obtain and decrypt the ciphertext. Compared with other CP-ABE schemes, our scheme supports a more expressive access policy, since the access policy of their schemes only work on the ``AND-gate'' structure. In addition, intelligent devices spread all over the smart city, so partial computational overhead of encryption of our scheme can be outsourced to these devices as fog nodes, while most part overhead in the decryption process is outsourced to the cloud. Therefore, our scheme is more applicable to end users with resource-constrained mobile devices. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

Efficient Attribute-Based Data Sharing Scheme with Hidden Access Structures

2019 ◽  
Vol 62 (12) ◽  
pp. 1748-1760 ◽  
Author(s):  
Yang Chen ◽  
Wenmin Li ◽  
Fei Gao ◽  
Wei Yin ◽  
Kaitai Liang ◽  
...  
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Inner Product ◽  
Access Structure ◽  
Online Data ◽  
Fine Grained ◽  
Access Structures ◽  
Attribute Based Encryption ◽  
And Performance ◽  
Ciphertext Policy

AbstractOnline data sharing has become a research hotspot while cloud computing is getting more and more popular. As a promising encryption technique to guarantee the security shared data and to realize flexible fine-grained access control, ciphertext-policy attribute-based encryption (CP-ABE) has drawn wide attentions. However, there is a drawback preventing CP-ABE from being applied to cloud applications. In CP-ABE, the access structure is included in the ciphertext, and it may disclose user’s privacy. In this paper, we find a more efficient method to connect ABE with inner product encryption and adopt several techniques to ensure the expressiveness of access structure, the efficiency and security of our scheme. We are the first to present a secure, efficient fine-grained access control scheme with hidden access structure, the access structure can be expressed as AND-gates on multi-valued attributes with wildcard. We conceal the entire attribute instead of only its values in the access structure. Besides, our scheme has obvious advantages in efficiency compared with related schemes. Our scheme can make data sharing secure and efficient, which can be verified from the analysis of security and performance.

An Attribute-Based Searchable Encryption Scheme for Non-Monotonic Access Structure

2020 ◽  
pp. 263-283 ◽  
Author(s):  
Mamta ­ ◽  
Brij B. Gupta
Keyword(s):  
Access Control ◽  
Searchable Encryption ◽  
Access Structure ◽  
Encryption Scheme ◽  
Security Model ◽  
Secret Key ◽  
Fine Grained ◽  
Diffie Hellman ◽  
Attribute Based Encryption ◽  
Encryption Schemes

Attribute based encryption (ABE) is a widely used technique with tremendous application in cloud computing because it provides fine-grained access control capability. Owing to this property, it is emerging as a popular technique in the area of searchable encryption where the fine-grained access control is used to determine the search capabilities of a user. But, in the searchable encryption schemes developed using ABE it is assumed that the access structure is monotonic which contains AND, OR and threshold gates. Many ABE schemes have been developed for non-monotonic access structure which supports NOT gate, but this is the first attempt to develop a searchable encryption scheme for the same. The proposed scheme results in fast search and generates secret key and search token of constant size and also the ciphertext components are quite fewer than the number of attributes involved. The proposed scheme is proven secure against chosen keyword attack (CKA) in selective security model under Decisional Bilinear Diffie-Hellman (DBDH) assumption.

Research on Access Control Based on CP-ABE Algorithm and Cloud Computing

2014 ◽  
Vol 513-517 ◽  
pp. 2273-2276
Author(s):  
Shao Min Zhang ◽  
Jun Ran ◽  
Bao Yi Wang
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Control Policy ◽  
Massive Data ◽  
Access Control Policy ◽  
Fine Grained ◽  
Network Bandwidth ◽  
Private Key ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

Ciphertext-Policy Attribute-based encryption (CP-ABE) mechanism is an extension of attribute-based encryption which associates the ciphertext and user's private key with the attribute by taking the attribute as a public key. It makes the representation of the access control policy more flexible, thus greatly reduces the network bandwidth and processing overhead of sending node brought by fine-grained access control of data sharing. According to the principle of CP-ABE encryption mechanism for this mechanism, an improved cloud computing-based encryption algorithm was proposed in this paper to overcome the deficiencies of permission changing process under the massive data. Experimental results show that compared with traditional methods, the new mechanism significantly reduces time-consuming.

Sign in / Sign up

Export Citation Format

Share Document