scholarly journals Accounting and Privacy Preserving of Data Owner in Cloud Storage

2021 ◽  
Vol 10 (6) ◽  
pp. 14-17
Author(s):  
Mohan A. ◽  
vamshikrishna P.
Keyword(s):  
Distributed Computing ◽  
Cloud Storage ◽  
Cloud Provider ◽  
Confidential Information ◽  
Encrypted Data ◽  
Access Policy ◽  
Attribute Based Encryption ◽  
Data Owner ◽  
Edos Attacks ◽  
Ciphertext Policy

People use the support of distributed computing however can't completely believe the cloud suppliers to have protection and confidential information. To guarantee secrecy, data owners relocate encoded information rather than plain texts. To divide the encoded documents with different clients, Ciphertext-Policy Attribute-based Encryption (CP-ABE) can be utilized. But this cannot become secure against some other assaults. Many other schemes did not gave guarantee that the cloud provider has the power to check whether a downloader can unscramble or not. Consequently, these files are accessible to everybody who is approachable to the cloud storage. An intentionally harmful assailant can download a great many records to start Economic Denial of Sustainability (EDoS) attacks, it will to a great extent expend the cloud asset. The owner will bear all the expenses for the cloud storage but the cloud provider doesn’t provide the whole information about the access or usage. There is no transparency for the owner. We have to solve these concerns. In order to this we are going to propose a solution for securing the encrypted data from EDoS attacks and providing the owner whole usage information about the cloud storage. We are implementing by using the arbitrary access policy of CP-ABE.

scholarly journals Towards Virtuous Cloud Data Storage Using Access Policy Hiding in Ciphertext Policy Attribute-Based Encryption

2021 ◽  
Vol 13 (11) ◽  
pp. 279
Author(s):  
Siti Dhalila Mohd Satar ◽  
Masnida Hussin ◽  
Zurina Mohd Hanapi ◽  
Mohamad Afendee Mohamed
Keyword(s):  
Data Storage ◽  
Cloud Storage ◽  
Security Analysis ◽  
Data Access ◽  
Logical Connective ◽  
Encrypted Data ◽  
Cloud Data ◽  
Access Policy ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

Managing and controlling access to the tremendous data in Cloud storage is very challenging. Due to various entities engaged in the Cloud environment, there is a high possibility of data tampering. Cloud encryption is being employed to control data access while securing Cloud data. The encrypted data are sent to Cloud storage with an access policy defined by the data owner. Only authorized users can decrypt the encrypted data. However, the access policy of the encrypted data is in readable form, which results in privacy leakage. To address this issue, we proposed a reinforcement hiding in access policy over Cloud storage by enhancing the Ciphertext Policy Attribute-based Encryption (CP-ABE) algorithm. Besides the encryption process, the reinforced CP-ABE used logical connective operations to hide the attribute value of data in the access policy. These attributes were converted into scrambled data along with a ciphertext form that provides a better unreadability feature. It means that a two-level concealed tactic is employed to secure data from any unauthorized access during a data transaction. Experimental results revealed that our reinforced CP-ABE had a low computational overhead and consumed low storage costs. Furthermore, a case study on security analysis shows that our approach is secure against a passive attack such as traffic analysis.

scholarly journals Revocable attribute-based proxy re-encryption

2021 ◽  
Vol 15 (1) ◽  
pp. 465-482
Author(s):  
Fucai Luo ◽  
Saif Al-Kuwari
Keyword(s):  
Cloud Storage ◽  
Security Model ◽  
Encrypted Data ◽  
Practical Applications ◽  
Access Policy ◽  
Attribute Based Encryption ◽  
The Standard Model ◽  
Identity Based ◽  
Learning With Errors ◽  
Predicate Encryption

Abstract Attribute-based proxy re-encryption (ABPRE), which combines the notions of proxy re-encryption (PRE) and attribute-based encryption (ABE), allows a semi-trusted proxy with re-encryption key to transform a ciphertext under a particular access policy into a ciphertext under another access policy, without revealing any information about the underlying plaintext. This primitive is very useful in applications where encrypted data need to be stored in untrusted environments, such as cloud storage. In many practical applications, and in order to address scenarios where users misbehave or the re-encryption keys are compromised, an efficient revocation mechanism is necessary for ABPRE. Previously, revocation mechanism was considered in the settings of identity-based encryption (IBE), ABE, predicate encryption (PE), and broadcast PRE, but not ABPRE, which is what we set to do in this paper. We first formalize the concept of revocable ABPRE and its security model. Then, we propose a lattice-based instantiation of revocable ABPRE. Our scheme not only supports an efficient revocation mechanism but also supports polynomial-depth policy circuits and has short private keys, where the size of the keys is dependent only on the depth of the supported policy circuits. In addition, we prove that our scheme is selectively chosen-plaintext attack (CPA) secure in the standard model, based on the learning with errors assumption.

scholarly journals Modified Ciphertext-Policy Attribute-Based Encryption Scheme with Efficient Revocation for PHR System

2017 ◽  
Vol 2017 ◽  
pp. 1-10 ◽  
Author(s):  
Hongying Zheng ◽  
Jieming Wu ◽  
Bo Wang ◽  
Jianyong Chen
Keyword(s):  
Cloud Storage ◽  
Personal Health Record ◽  
Storage System ◽  
Personal Health ◽  
Encryption Scheme ◽  
Promising Technique ◽  
Access Policy ◽  
Attribute Based Encryption ◽  
Role Based ◽  
Ciphertext Policy

Attribute-based encryption (ABE) is considered a promising technique for cloud storage where multiple accessors may read the same file. For storage system with specific personal health record (PHR), we propose a modified ciphertext-policy attribute-based encryption scheme with expressive and flexible access policy for public domains. Our scheme supports multiauthority scenario, in which the authorities work independently without an authentication center. For attribute revocation, it can generate different update parameters for different accessors to effectively resist both accessor collusion and authority collusion. Moreover, a blacklist mechanism is designed to resist role-based collusion. Simulations show that the proposed scheme can achieve better performance with less storage occupation, computation assumption, and revocation cost compared with other schemes.

scholarly journals Large Universe Ciphertext-Policy Attribute-Based Encryption with Attribute Level User Revocation in Cloud Storage

2019 ◽  
Vol 17 (1) ◽  
pp. 107-117 ◽  
Author(s):  
Huijie Lian ◽  
Qingxian Wang ◽  
Guangbo Wang
Keyword(s):  
Cloud Storage ◽  
Attribute Level ◽  
Cloud Provider ◽  
Secret Key ◽  
Computational Load ◽  
Attribute Based Encryption ◽  
The Standard Model ◽  
Important Challenge ◽  
User Revocation ◽  
Ciphertext Policy

Ciphertext-Policy Attribute-Based Encryption (CP-ABE), especially large universe CP-ABE that is not bounded with the attribute set, is getting more and more extensive application in the cloud storage. However, there exists an important challenge in original large universe CP-ABE, namely dynamic user and attribute revocation. In this paper, we propose a large universe CP-ABE with efficient attribute level user revocation, namely the revocation to an attribute of some user cannot influence the common access of other legitimate attributes. To achieve the revocation, we divide the master key into two parts: delegation key and secret key, which are sent to the cloud provider and user separately. Note that, our scheme is proved selectively secure in the standard model under "q-type" assumption. Finally, the performance analysis and experimental verification have been carried out in this paper, and the experimental results show that, compared with the existing revocation schemes, although our scheme increases the computational load of storage Service Provider (CSP) in order to achieve the attribute revocation, it does not need the participation of Attribute Authority (AA), which reduces the computational load of AA. Moreover, the user does not need any additional parameters to achieve the attribute revocation except of the private key, thus saving the storage space greatly

scholarly journals Multiauthority Attribute-Based Encryption with Traceable and Dynamic Policy Updating

2021 ◽  
Vol 2021 ◽  
pp. 1-13
Author(s):  
Jie Ling ◽  
Junwei Chen ◽  
Jiahui Chen ◽  
Wensheng Gan
Keyword(s):  
Cloud Storage ◽  
Storage Security ◽  
Access Policy ◽  
Fine Grained ◽  
Security Models ◽  
Attribute Based Encryption ◽  
Dynamic Policy ◽  
Ciphertext Policy ◽  
Experimental Comparisons ◽  
Better Than

Ciphertext policy attribute-based encryption (CP-ABE) is an encryption mechanism that can provide fine-grained access control and adequate cloud storage security for Internet of Things (IoTs). In this field, the original CP-ABE scheme usually has only a single trusted authority, which will become a bottleneck in IoTs. In addition, different users may illegally share their private keys to obtain improper benefits. Besides, the data owners also require the flexibility to change their access policy. In this paper, we construct a multiauthority CP-ABE scheme on prime order groups over a large attribute universe. Our scheme can support white-box traceability along with policy updates to solve the abovementioned three problems and, thus, can fix the potential requirements of IoTs. More precisely, the proposed scheme supports multiple authority, white box traceability, large attribute domains, access policy updates, and high expressiveness. We prove that our designed scheme is static secure and traceable secure based on the state-of-the-art security models. Moreover, by theoretical comparison, our scheme has better performance than other schemes. Finally, extensive experimental comparisons show that our proposed algorithm can be better than the baseline algorithms.

Efficient revocation in ciphertext-policy attribute-based encryption based cryptographic cloud storage

2013 ◽  
Vol 14 (2) ◽  
pp. 85-97 ◽  
Author(s):  
Yong Cheng ◽  
Zhi-ying Wang ◽  
Jun Ma ◽  
Jiang-jiang Wu ◽  
Song-zhu Mei ◽  
...  
Keyword(s):  
Cloud Storage ◽  
Attribute Based Encryption ◽  
Ciphertext Policy

scholarly journals Ciphertext-Policy Attribute-based Encryption with Hidden Sensitive Policy for Recruitment in Smart City

2020 ◽  
Author(s):  
Fei Meng ◽  
Leixiao Cheng ◽  
Mingqiang Wang
Keyword(s):  
Smart City ◽  
End Users ◽  
The Other ◽  
Sensitive Information ◽  
Security Model ◽  
Access Policy ◽  
Computational Overhead ◽  
Attribute Based Encryption ◽  
Ciphertext Policy ◽  
Access Policies

Abstract Smart city, as a promising technical tendency, greatly facilitates citizens and generates innumerable data, some of which is very private and sensitive. To protect data from unauthorized users, ciphertext-policy attribute-based encryption (CP-ABE) enables data owner to specify an access policy on encrypted data. However, There are two drawbacks in traditional CP-ABE schemes. On the one hand, the access policy is revealed in the ciphertext so that sensitive information contained in the policy is exposed to anyone who obtains the ciphertext. For example, both the plaintext and access policy of an encrypted recruitment may reveal the company's future development plan. On the other hand, the decryption time scales linearly with the complexity of the access, which makes it unsuitable for resource-limited end users. In this paper, we propose a CP-ABE scheme with hidden sensitive policy for recruitment in smart city. Specifically, we introduce a new security model chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and fully hidden, only if user's attributes satisfy the public policy, it's possible for him/her to learn about the hidden policy, otherwise he/she cannot get any information (attribute name and its values) of it. When the user satisfies both access policies, he/she can obtain and decrypt the ciphertext. Compared with other CP-ABE schemes, our scheme supports a more expressive access policy, since the access policy of their schemes only work on the ``AND-gate'' structure. In addition, intelligent devices spread all over the smart city, so partial computational overhead of encryption of our scheme can be outsourced to these devices as fog nodes, while most part overhead in the decryption process is outsourced to the cloud. Therefore, our scheme is more applicable to end users with resource-constrained mobile devices. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

scholarly journals Traceable Attribute-Based Secure Data Sharing with Hidden Policies in Mobile Health Networks

2020 ◽  
Vol 2020 ◽  
pp. 1-12
Author(s):  
Xueyan Liu ◽  
Yukun Luo ◽  
Xiaotao Yang
Keyword(s):  
Bilinear Pairing ◽  
Health Networks ◽  
Access Policy ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
Data Owner ◽  
Data User ◽  
Efficient Scheme ◽  
And Performance ◽  
The One

The growing need to store, share, and manage medical and health records has resulted in electronic medical health sharing system (mHealth), which provides intelligent medical treatment for people. Attribute-based encryption (ABE) is regarded as a new cryptology to enhance fine-grained access control over encrypted sharing data in mHealth. However, some existing attribute-based mHealth systems not only violate the one-to-many application characteristics of attribute-based encryption mechanism but also destroy the anonymity of user. In this study, an efficient scheme is proposed to tackle the above defaults and offer two-way anonymity of data owner and data user by introducing a pseudoidentity. The computation of hidden access policy is reduced by removing the bilinear pairing, whereas the interaction between cloud storage and data user is avoided to save bandwidth during trapdoor generation. We also consider the temporal factor of the uploaded information by introducing access validity. Security and performance analyses show that the proposed scheme is efficient without reducing security.

Sign in / Sign up

Export Citation Format

Share Document