scholarly journals Fine-Grained Access Control for Cloud Data Sharing by Secure and Efficient Attribute-Revocable Ciphertext-Policy Attribute-Based Encryption

2016 ◽  
Vol 10 (10) ◽  
pp. 303-320
Author(s):  
Nyamsuren Vaanchig ◽  
Wei Chen ◽  
Zhiguang Qin
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Cloud Data ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

Efficient Attribute-Based Data Sharing Scheme with Hidden Access Structures

2019 ◽  
Vol 62 (12) ◽  
pp. 1748-1760 ◽  
Author(s):  
Yang Chen ◽  
Wenmin Li ◽  
Fei Gao ◽  
Wei Yin ◽  
Kaitai Liang ◽  
...  
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Inner Product ◽  
Access Structure ◽  
Online Data ◽  
Fine Grained ◽  
Access Structures ◽  
Attribute Based Encryption ◽  
And Performance ◽  
Ciphertext Policy

AbstractOnline data sharing has become a research hotspot while cloud computing is getting more and more popular. As a promising encryption technique to guarantee the security shared data and to realize flexible fine-grained access control, ciphertext-policy attribute-based encryption (CP-ABE) has drawn wide attentions. However, there is a drawback preventing CP-ABE from being applied to cloud applications. In CP-ABE, the access structure is included in the ciphertext, and it may disclose user’s privacy. In this paper, we find a more efficient method to connect ABE with inner product encryption and adopt several techniques to ensure the expressiveness of access structure, the efficiency and security of our scheme. We are the first to present a secure, efficient fine-grained access control scheme with hidden access structure, the access structure can be expressed as AND-gates on multi-valued attributes with wildcard. We conceal the entire attribute instead of only its values in the access structure. Besides, our scheme has obvious advantages in efficiency compared with related schemes. Our scheme can make data sharing secure and efficient, which can be verified from the analysis of security and performance.

Data Security for Cloud Datasets With Bloom Filters on Ciphertext Policy Attribute Based Encryption

2021 ◽  
pp. 1431-1447
Author(s):  
G. Sravan Kumar ◽  
A. Sri Krishna
Keyword(s):  
Access Control ◽  
Data Security ◽  
Bloom Filters ◽  
Communication Overhead ◽  
Cloud Data ◽  
Access Policy ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
Cloud Data Storage ◽  
Ciphertext Policy

Cloud data storage environments allow the data providers to store and share large amounts of datasets generated from various resources. However, outsourcing private data to a cloud server is insecure without an efficient access control strategy. Thus, it is important to protect the data and privacy of user with a fine-grained access control policy. In this article, a Bloom Filter-based Ciphertext-Policy Attribute-Based Encryption (BF-CP-ABE) technique is presented to provide data security to cloud datasets with a Linear Secret Sharing Structure (LSSS) access policy. This fine-grained access control scheme hides the whole attribute set in the ciphertext, whereas in previous CP-ABE methods, the attributes are partially hidden in the ciphertext which in turn leaks private information about the user. Since the attribute set of the BF-CP-ABE technique is hidden, bloom filters are used to identify the authorized users during data decryption. The BF-CP-ABE technique is designed to be selective secure under an Indistinguishable-Chosen Plaintext attack and the simulation results show that the communication overhead is significantly reduced with the adopted LSSS access policy.

Research on Access Control Based on CP-ABE Algorithm and Cloud Computing

2014 ◽  
Vol 513-517 ◽  
pp. 2273-2276
Author(s):  
Shao Min Zhang ◽  
Jun Ran ◽  
Bao Yi Wang
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Control Policy ◽  
Massive Data ◽  
Access Control Policy ◽  
Fine Grained ◽  
Network Bandwidth ◽  
Private Key ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

Ciphertext-Policy Attribute-based encryption (CP-ABE) mechanism is an extension of attribute-based encryption which associates the ciphertext and user's private key with the attribute by taking the attribute as a public key. It makes the representation of the access control policy more flexible, thus greatly reduces the network bandwidth and processing overhead of sending node brought by fine-grained access control of data sharing. According to the principle of CP-ABE encryption mechanism for this mechanism, an improved cloud computing-based encryption algorithm was proposed in this paper to overcome the deficiencies of permission changing process under the massive data. Experimental results show that compared with traditional methods, the new mechanism significantly reduces time-consuming.

Data Security for Cloud Datasets With Bloom Filters on Ciphertext Policy Attribute Based Encryption

2019 ◽  
Vol 13 (4) ◽  
pp. 12-27
Author(s):  
G. Sravan Kumar ◽  
A. Sri Krishna
Keyword(s):  
Access Control ◽  
Data Storage ◽  
Private Information ◽  
Data Security ◽  
Bloom Filters ◽  
Communication Overhead ◽  
Access Policy ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

Cloud data storage environments allow the data providers to store and share large amounts of datasets generated from various resources. However, outsourcing private data to a cloud server is insecure without an efficient access control strategy. Thus, it is important to protect the data and privacy of user with a fine-grained access control policy. In this article, a Bloom Filter-based Ciphertext-Policy Attribute-Based Encryption (BF-CP-ABE) technique is presented to provide data security to cloud datasets with a Linear Secret Sharing Structure (LSSS) access policy. This fine-grained access control scheme hides the whole attribute set in the ciphertext, whereas in previous CP-ABE methods, the attributes are partially hidden in the ciphertext which in turn leaks private information about the user. Since the attribute set of the BF-CP-ABE technique is hidden, bloom filters are used to identify the authorized users during data decryption. The BF-CP-ABE technique is designed to be selective secure under an Indistinguishable-Chosen Plaintext attack and the simulation results show that the communication overhead is significantly reduced with the adopted LSSS access policy.

scholarly journals An Efficient ECC-Based CP-ABE Scheme for Power IoT

Processes ◽  
2021 ◽  
Vol 9 (7) ◽  
pp. 1176
Author(s):  
Rui Cheng ◽  
Kehe Wu ◽  
Yuling Su ◽  
Wei Li ◽  
Wenchao Cui ◽  
...  
Keyword(s):  
Access Control ◽  
Elliptic Curve Cryptography ◽  
Energy Production ◽  
Control Function ◽  
Rapid Development ◽  
Bilinear Pairing ◽  
Security And Privacy ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

The rapid development of the power Internet of Things (IoT) has greatly enhanced the level of security, quality and efficiency in energy production, energy consumption, and related fields. However, it also puts forward higher requirements for the security and privacy of data. Ciphertext-policy attribute-based encryption (CP-ABE) is considered a suitable method to solve this issue and can implement fine-grained access control. However, its internal bilinear pairing operation is too expensive, which is not suitable for power IoT with limited computing resources. Hence, in this paper, a novel CP-ABE scheme based on elliptic curve cryptography (ECC) is proposed, which replaces the bilinear pairing operation with simple scalar multiplication and outsources most of the decryption work to edge devices. In addition, time and location attributes are combined in the proposed scheme, allowing the data users to access only within the range of time and locations set by the data owners to achieve a more fine-grained access control function. Simultaneously, the scheme uses multiple authorities to manage attributes, thereby solving the performance bottleneck of having a single authority. A performance analysis demonstrates that the proposed scheme is effective and suitable for power IoT.

scholarly journals Securing E-health Data using Ciphertext-Policy Attribute-Based Encryption with Dynamic User Revocation

2019 ◽  
Vol 8 (3) ◽  
pp. 7244-7250
Keyword(s):  
Access Control ◽  
Service Providers ◽  
Health Data ◽  
Security And Privacy ◽  
Unique Identifier ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
User Revocation ◽  
Role Based ◽  
Ciphertext Policy

E-health systems hold a massive amount of medical data that is stored and shared across healthcare service providers to deliver health facilities. However, security and privacy worries increase when sharing this data over distributed settings. As a result, Cryptography techniques have been considered to secure e-health data from unauthorized access. The Ciphertext Policy Attribute-Based Encryption (CP-ABE) is commonly utilized in such a setting, which provides role-based and fine-grained access control over encrypted data. The CP-ABE suffers from the problem of user revocation where the entire policy must be changed even when only one user is revoked or removed from the policy. In this paper, we proposed a CP-ABE based access control model to support user revocation efficiently. Specifically, the proposed model associates a unique identifier to each user. This identifier is added to the policy attributes and removed dynamically when the user is added/revoked. A tree structure (PolicyPathTree) is designed specifically for our model. It can facilitate fast access to policy's attributes during the verification process; The model is analyzed using Information Theory Tools. Results show that our model outperforms other notable work in terms of computational overheads.,

Sign in / Sign up

Export Citation Format

Share Document