scholarly journals Ciphertext-Policy Attribute-based Encryption with Hidden Sensitive Policy for Recruitment in Smart City

2020 ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
End Users ◽  
The Other ◽  
Sensitive Information ◽  
Security Model ◽  
Access Policy ◽  
Computational Overhead ◽  
Attribute Based Encryption ◽  
Ciphertext Policy ◽  
Access Policies

Abstract Smart city, as a promising technical tendency, greatly facilitates citizens and generates innumerable data, some of which is very private and sensitive. To protect data from unauthorized users, ciphertext-policy attribute-based encryption (CP-ABE) enables data owner to specify an access policy on encrypted data. However, There are two drawbacks in traditional CP-ABE schemes. On the one hand, the access policy is revealed in the ciphertext so that sensitive information contained in the policy is exposed to anyone who obtains the ciphertext. For example, both the plaintext and access policy of an encrypted recruitment may reveal the company's future development plan. On the other hand, the decryption time scales linearly with the complexity of the access, which makes it unsuitable for resource-limited end users. In this paper, we propose a CP-ABE scheme with hidden sensitive policy for recruitment in smart city. Specifically, we introduce a new security model chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and fully hidden, only if user's attributes satisfy the public policy, it's possible for him/her to learn about the hidden policy, otherwise he/she cannot get any information (attribute name and its values) of it. When the user satisfies both access policies, he/she can obtain and decrypt the ciphertext. Compared with other CP-ABE schemes, our scheme supports a more expressive access policy, since the access policy of their schemes only work on the ``AND-gate'' structure. In addition, intelligent devices spread all over the smart city, so partial computational overhead of encryption of our scheme can be outsourced to these devices as fog nodes, while most part overhead in the decryption process is outsourced to the cloud. Therefore, our scheme is more applicable to end users with resource-constrained mobile devices. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals Ciphertext-Policy Attribute-based Encryption with Hidden Sensitive Policy from Keyword Search Techniques in Smarty City

2020 ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
Keyword Search ◽  
End Users ◽  
The Other ◽  
Sensitive Information ◽  
Security Model ◽  
Access Policy ◽  
Attribute Based Encryption ◽  
Ciphertext Policy ◽  
Access Policies

Abstract Smart city greatly facilitates citizens and generates innumerable data, some of which is very private and sensitive. To protect data from unauthorized users, ciphertext-policy attribute-based encryption (CP-ABE) enables data owner to specify an access policy on encrypted data. However, There are two drawbacks in traditional CP-ABE schemes. On the one hand, the access policy is revealed in the ciphertext so that sensitive information contained in the policy is exposed to anyone who obtains the ciphertext. For example, both the plaintext and access policy of an encrypted recruitment may reveal the company’s future development plan. On the other hand, the decryption time scales linearly with the complexity of the access, which makes it unsuitable for resource-limited end users. In this paper, we propose a CP-ABE scheme with hidden sensitive policy from keyword search (KS) techniques in smart city. Specifically, we introduce a new security model chosen sensitive policy security : two access policies embedded in the ciphertext, one is public and the other is sensitive and fully hidden, only if user’s attributes satisfy the public policy, it’s possible for him/her to learn about the hidden policy, otherwise he/she cannot get any information (attribute name and its values) of it. When the user satisfies both access policies, he/she can obtain and decrypt the ciphertext. Compared with other CP-ABE schemes, our scheme exploits KS techniques to achieve more expressive and efficient, while the access policy of their schemes only work on the “AND-gate” structure or their ciphertext size or decryption time maybe super-polynomial. In addition, intelligent devices spread all over the smart city, so partial computational overhead of encryption of our scheme can be outsourced to these devices as fog nodes, while most part overhead in the decryption process is outsourced to the cloud.Therefore, our scheme is more applicable to end users with resource-constrained mobile devices. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals Ciphertext-policy attribute-based encryption with hidden sensitive policy from keyword search techniques in smart city

2021 ◽  
Vol 2021 (1) ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
Keyword Search ◽  
Sensitive Information ◽  
Security Model ◽  
Computational Overhead ◽  
Diffie Hellman ◽  
Attribute Based Encryption ◽  
Iot Devices ◽  
Ciphertext Policy ◽  
Access Policies

AbstractCountless data generated in Smart city may contain private and sensitive information and should be protected from unauthorized users. The data can be encrypted by Attribute-based encryption (CP-ABE), which allows encrypter to specify access policies in the ciphertext. But, traditional CP-ABE schemes are limited because of two shortages: the access policy is public i.e., privacy exposed; the decryption time is linear with the complexity of policy, i.e., huge computational overheads. In this work, we introduce a novel method to protect the privacy of CP-ABE scheme by keyword search (KS) techniques. In detail, we define a new security model called chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and hidden. If user's attributes don't satisfy the public policy, he/she cannot get any information (attribute name and its values) of the hidden one. Previous CP-ABE schemes with hidden policy only work on the “AND-gate” access structure or their ciphertext size or decryption time maybe super-polynomial. Our scheme is more expressive and compact. Since, IoT devices spread all over the smart city, so the computational overhead of encryption and decryption can be shifted to third parties. Therefore, our scheme is more applicable to resource-constrained users. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals Outsourced ciphertext-policy attribute-based encryption with partial policy hidden

2020 ◽  
Vol 16 (5) ◽  
pp. 155014772092636
Author(s):  
Jinxia Yu ◽  
Guanghui He ◽  
Xixi Yan ◽  
Yongli Tang ◽  
Rongxia Qin
Keyword(s):  
Bilinear Pairing ◽  
Sensitive Information ◽  
Privacy Concerns ◽  
Access Policy ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
Cloud Server ◽  
And Performance ◽  
Ciphertext Policy ◽  
Access Policies

Attribute-based encryption is an efficient and flexible fine-grained access control scheme. However, how to realize the attribute privacy concerns in the access policy and optimize the heavy computing overhead have been not adequately addressed. First, in view of the open-access policies formulated by data owners in the cloud environment and the linear growth of bilinear pairing operations with the number of attributes in the decryption process, a verifiable outsourced attribute-based encryption with partial policy hidden scheme is proposed, in which the attribute name of access policy can be sent while attribute value involving sensitive information can be hidden, so nobody can infer information from the access policy. Second, the bilinear pairing operation and modular power operation are outsourced to the cloud server, then users only need to perform constant exponential operation to decrypt. In addition, the proposed scheme is based on the composite order bilinear group and satisfies full secure under the standard model. Finally, compared with other schemes in term of function and performance, it shows that this scheme is more efficient and suitable for resource-constrained mobile devices in outsourcing environment.

Fine-Grained Access Control with Efficient Revocation in Cloud Storage

2014 ◽  
Vol 571-572 ◽  
pp. 79-89
Author(s):  
Ting Zhong ◽  
You Peng Sun ◽  
Qiao Liu
Keyword(s):  
Access Control ◽  
Cloud Storage ◽  
Storage System ◽  
Fine Grained ◽  
Computational Overhead ◽  
Attribute Based Encryption ◽  
Encrypt Data ◽  
User Revocation ◽  
Ciphertext Policy ◽  
Access Policies

In the cloud storage system, the server is no longer trusted, which is different from the traditional storage system. Therefore, it is necessary for data owners to encrypt data before outsourcing it for sharing. Simultaneously, the enforcement of access policies and support of policies updates becomes one of the most challenging issues. Ciphertext-policy attribute-based encryption (CP-ABE) is an appropriate solution to this issue. However, it comes with a new obstacle which is the attribute and user revocation. In this paper, we propose a fine-grained access control scheme with efficient revocation based on CP-ABE approach. In the proposed scheme, we not only realize an efficient and immediate revocation, but also eliminate some burden of computational overhead. The analysis results indicate that the proposed scheme is efficient and secure for access control in cloud storage systems.

scholarly journals Unified Ciphertext-Policy Weighted Attribute-Based Encryption for Sharing Data in Cloud Computing

2018 ◽  
Vol 8 (12) ◽  
pp. 2519
Author(s):  
Wei Li ◽  
Wei Ni ◽  
Dongxi Liu ◽  
Ren Liu ◽  
Shoushan Luo
Keyword(s):  
Cloud Computing ◽  
Mutual Information ◽  
Data Sharing ◽  
Rapid Development ◽  
Sharing Scheme ◽  
Attribute Based Encryption ◽  
Share Data ◽  
Efficient Data ◽  
Ciphertext Policy ◽  
Access Policies

With the rapid development of cloud computing, it is playing an increasingly important role in data sharing. Meanwhile, attribute-based encryption (ABE) has been an effective way to share data securely in cloud computing. In real circumstances, there is often a mutual access sub-policy in different providers’ access policies, and the significance of each attribute is usual diverse. In this paper, a secure and efficient data-sharing scheme in cloud computing, which is called unified ciphertext-policy weighted attribute-based encryption (UCP-WABE), is proposed. The weighted attribute authority assigns weights to attributes depending on their importance. The mutual information extractor extracts the mutual access sub-policy and generates the mutual information. Thus, UCP-WABE lowers the total encryption time cost of multiple providers. We prove that UCP-WABE is selectively secure on the basis of the security of ciphertext-policy weighted attribute-based encryption (CP-WABE). Additionally, the results of the implementation shows that UCP-WABE is efficient in terms of time.

scholarly journals Ciphertext-Policy Attribute-Based Encryption for Cloud Storage: Toward Data Privacy and Authentication in AI-Enabled IoT System

Mathematics ◽  
2021 ◽  
Vol 10 (1) ◽  
pp. 68
Author(s):  
P. Chinnasamy ◽  
P. Deepalakshmi ◽  
Ashit Kumar Dutta ◽  
Jinsang You ◽  
Gyanendra Prasad Joshi
Keyword(s):  
Data Privacy ◽  
Partial Information ◽  
User Privacy ◽  
Access Policy ◽  
Insider Attack ◽  
Attribute Based Encryption ◽  
Encryption Schemes ◽  
A New Technique ◽  
Ciphertext Policy ◽  
Cloud Servers

People can store their data on servers in cloud computing and allow public users to access data via data centers. One of the most difficult tasks is to provide security for the access policy of data, which is also needed to be stored at cloud servers. The access structure (policy) itself may reveal partial information about what the ciphertext contains. To provide security for the access policy of data, a number of encryption schemes are available. Among these, CP-ABE (Ciphertext-Policy Attribute-Based Encryption) scheme is very significant because it helps to protect, broadcast, and control the access of information. The access policy that is sent as plaintext in the existing CP-ABE scheme along with a ciphertext may leak user privacy and data privacy. To resolve this problem, we hereby introduce a new technique, which hides the access policy using a hashing algorithm and provides security against insider attack using a signature verification scheme. The proposed system is compared with existing CP-ABE schemes in terms of computation and expressive policies. In addition, we can test the functioning of any access control that could be implemented in the Internet of Things (IoT). Additionally, security against indistinguishable adaptive chosen ciphertext attacks is also analyzed for the proposed work.

Data Security for Cloud Datasets With Bloom Filters on Ciphertext Policy Attribute Based Encryption

2019 ◽  
Vol 13 (4) ◽  
pp. 12-27
Author(s):  
G. Sravan Kumar ◽  
A. Sri Krishna
Keyword(s):  
Access Control ◽  
Data Storage ◽  
Private Information ◽  
Data Security ◽  
Bloom Filters ◽  
Communication Overhead ◽  
Access Policy ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

Cloud data storage environments allow the data providers to store and share large amounts of datasets generated from various resources. However, outsourcing private data to a cloud server is insecure without an efficient access control strategy. Thus, it is important to protect the data and privacy of user with a fine-grained access control policy. In this article, a Bloom Filter-based Ciphertext-Policy Attribute-Based Encryption (BF-CP-ABE) technique is presented to provide data security to cloud datasets with a Linear Secret Sharing Structure (LSSS) access policy. This fine-grained access control scheme hides the whole attribute set in the ciphertext, whereas in previous CP-ABE methods, the attributes are partially hidden in the ciphertext which in turn leaks private information about the user. Since the attribute set of the BF-CP-ABE technique is hidden, bloom filters are used to identify the authorized users during data decryption. The BF-CP-ABE technique is designed to be selective secure under an Indistinguishable-Chosen Plaintext attack and the simulation results show that the communication overhead is significantly reduced with the adopted LSSS access policy.

Sign in / Sign up

Export Citation Format

Share Document