Efficient Data Access Control for Cloud Computing With Large Universe and Traceable Attribute-Based Encryption

2020 ◽  
Vol 9 (4) ◽  
pp. 61-81
Author(s):  
G. Sravan Kumar
Keyword(s):  
Access Control ◽  
Data Access ◽  
Fine Grained ◽  
Data Access Control ◽  
Attribute Based Encryption ◽  
Efficient Data ◽  
Commercial Applications ◽  
Setup Phase ◽  
Ciphertext Policy ◽  
Access Policies

Ciphertext-policy attribute-based encryption (CP-ABE) schemes provide fine-grained access control for the data stored in cloud computers. However, commercial CP-ABE applications need a new encryption scheme for providing two properties such as: supporting large universe attribute and traceability. First, a large universe attribute allows the attribute authority to use any number of attributes in the system. i.e., the attribute universe is dynamic, and it is not fixed at the setup phase. Second, traceable CP-ABE systems trace the dishonest users who intentionally leak the private key for their profit. In this article, a large universe CP-ABE system with white box traceability has been proposed. The attribute universe of the proposed technique is exponentially larger, and it is polynomially unbound. Further, this technique will trace the identity of users who involve in malicious activities. In addition, the proposed scheme can express any kind of monotonic tree access policies into linear secret sharing structure (LSSS). Compared with the existing schemes that are presented to achieve the same property, proposed scheme has achieved better experimental results and so it is applicable for commercial applications.

scholarly journals Secure Data Access Control with Cipher Text Update and Computation Outsourcing in Fog Computing for Internet of Things

2021 ◽  
Vol 12 (2) ◽  
pp. 1592-1597
Author(s):  
Shaik Jaffer Vali , Et. al.
Keyword(s):  
Access Control ◽  
Fog Computing ◽  
Information Access ◽  
Security Analysis ◽  
Data Access ◽  
The Novel ◽  
Fine Grained ◽  
Cipher Text ◽  
Data Access Control ◽  
Ciphertext Policy

Fog Computing is a region of Computer Science that is under steady construction and development, and related to data security, the worldview turns out to be more solid and secure for IoT's edge stages. The verification of limited memory devices has serious issues since memory utilization is high when applied with different models that have the motivation behind shared confirmation. In this paper, we propose the Novel cipher text-based encryption model (NCEM) which has an information access control plot dependent on Ciphertext-Policy it give information privacy, fine-grained control, and mysterious validation in a multi-authority fog computing framework. The sign cryption and plan cryption overhead for the client is altogether diminished by redistributing the bothersome calculation tasks to fog hubs. The proposed conspire is demonstrated to be secure in the standard model and can give trait repudiation and public unquestionable status. The security analysis, asymptotic multifaceted nature examination, and implementation results demonstrate that our construction can offset the security objectives with useful effectiveness in calculation.

scholarly journals Multi-Level Attribute-Based Encryption Access Control Scheme for Big Data

2018 ◽  
Vol 173 ◽  
pp. 03047
Author(s):  
Zhao Li ◽  
Shuiyuan Huan
Keyword(s):  
Big Data ◽  
Access Control ◽  
Data Processing ◽  
Data Access ◽  
Big Data Processing ◽  
Fine Grained ◽  
Computational Overhead ◽  
Data Access Control ◽  
Attribute Based Encryption ◽  
Multi Level

There are many security threats such as data’s confidentiality and privacy protection in the new application scenario of big data processing, and for the problems such as coarse granularity and low sharing capability existing in the current research on big data access control, a new model to support fine-grained access control and flexible attribute change is proposed. Based on CP-ABE method, a multi-level attribute-based encryption scheme is designed to solve fine-grained access control problem. And to solve the problem of attribute revocation, the technique of re-encryption and version number tag is integrated into the scheme. The analysis shows that the proposed scheme can meet the security requirement of access control in big data processing environment, and has an advantage in computational overhead compared with the previous schemes.

scholarly journals Multi-Authority Criteria-Based Encryption Scheme for IoT

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Jianguo Sun ◽  
Yang Yang ◽  
Zechao Liu ◽  
Yuqing Qiao
Keyword(s):  
Data Access ◽  
Sensitive Information ◽  
Time Data ◽  
Access Policy ◽  
Fine Grained ◽  
Data Access Control ◽  
Diffie Hellman ◽  
Efficient Data ◽  
Real Time Data Processing ◽  
Ciphertext Policy

Currently, the Internet of Things (IoT) provides individuals with real-time data processing and efficient data transmission services, relying on extensive edge infrastructures. However, those infrastructures may disclose sensitive information of consumers without authorization, which makes data access control to be widely researched. Ciphertext-policy attribute-based encryption (CP-ABE) is regarded as an effective cryptography tool for providing users with a fine-grained access policy. In prior ABE schemes, the attribute universe is only managed by a single trusted central authority (CA), which leads to a reduction in security and efficiency. In addition, all attributes are considered equally important in the access policy. Consequently, the access policy cannot be expressed flexibly. In this paper, we propose two schemes with a new form of encryption named multi-authority criteria-based encryption (CE) scheme. In this context, the schemes express each criterion as a polynomial and have a weight on it. Unlike ABE schemes, the decryption will succeed if and only if a user satisfies the access policy and the weight exceeds the threshold. The proposed schemes are proved to be secure under the decisional bilinear Diffie–Hellman exponent assumption (q-BDHE) in the standard model. Finally, we provide an implementation of our works, and the simulation results indicate that our schemes are highly efficient.

scholarly journals A Fine-Grained IoT Data Access Control Scheme Combining Attribute-Based Encryption and Blockchain

2021 ◽  
Vol 2021 ◽  
pp. 1-13
Author(s):  
Xiaofeng Lu ◽  
Songbing Fu ◽  
Cheng Jiang ◽  
Pietro Lio
Keyword(s):  
Access Control ◽  
Distributed Storage ◽  
Data Access ◽  
Security And Privacy ◽  
Privacy And Security ◽  
Fine Grained ◽  
Blockchain Technology ◽  
Data Access Control ◽  
Attribute Based Encryption ◽  
Control Scheme

IoT technology has been widely valued and applied, and the resulting massive IoT data brings many challenges to the traditional centralized data management, such as performance, privacy, and security challenges. This paper proposes an IoT data access control scheme that combines attribute-based encryption (ABE) and blockchain technology. Symmetric encryption and ABE algorithms are utilized to realize fine-grained access control and ensure the security and openness of IoT data. Moreover, blockchain technology is combined with distributed storage to solve the storage bottleneck of blockchain systems. Only the hash values of the data, the hash values of the ciphertext location, the access control policy, and other important information are stored on the blockchain. In this scheme, smart contract is used to implement access control. The results of experiments demonstrate that the proposed scheme can effectively protect the security and privacy of IoT data and realize the secure sharing of data.

Fine-Grained Access Control with Efficient Revocation in Cloud Storage

2014 ◽  
Vol 571-572 ◽  
pp. 79-89
Author(s):  
Ting Zhong ◽  
You Peng Sun ◽  
Qiao Liu
Keyword(s):  
Access Control ◽  
Cloud Storage ◽  
Storage System ◽  
Fine Grained ◽  
Computational Overhead ◽  
Attribute Based Encryption ◽  
Encrypt Data ◽  
User Revocation ◽  
Ciphertext Policy ◽  
Access Policies

In the cloud storage system, the server is no longer trusted, which is different from the traditional storage system. Therefore, it is necessary for data owners to encrypt data before outsourcing it for sharing. Simultaneously, the enforcement of access policies and support of policies updates becomes one of the most challenging issues. Ciphertext-policy attribute-based encryption (CP-ABE) is an appropriate solution to this issue. However, it comes with a new obstacle which is the attribute and user revocation. In this paper, we propose a fine-grained access control scheme with efficient revocation based on CP-ABE approach. In the proposed scheme, we not only realize an efficient and immediate revocation, but also eliminate some burden of computational overhead. The analysis results indicate that the proposed scheme is efficient and secure for access control in cloud storage systems.

scholarly journals A Review of fine grained access control techniques

2018 ◽  
Vol 7 (2.7) ◽  
pp. 20 ◽  
Author(s):  
Rakesh Shirsath ◽  
Dr K. V. Daya Sagar
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Data Access ◽  
Control Approach ◽  
Access Policy ◽  
Fine Grained ◽  
Data Access Control ◽  
Encrypt Data ◽  
Cloud Server ◽  
Access Policies

Nowadays cloud computing is most demanding technology where computing resources are availed as per demand through Internet. Cloud computing model also brings many challenges for confidentiality, integrity, privacy of data and data access control. As cloud computing develops vigorously, an increasing number of enterprises and individuals are motivated to upload their data sources to the public cloud server for sharing. It is not entirely credible for enterprises and individuals to transfer data owing to the openness of the cloud server, so they must encrypt data before uploading and also loose direct control of data. Therefore, an elastic access control or fine-grained access control approach for data is urgently required and becomes a challenging open problem. In this paper, the issue of access control is discussed by defining traditional access policies. Attribute based access policy is analysed with its types. Finally, comparison is made among all policies with respect to various parameters.

scholarly journals A Key-Policy Searchable Attribute-Based Encryption Scheme for Efficient Keyword Search and Fine-Grained Access Control over Encrypted Data

Electronics ◽  
2019 ◽  
Vol 8 (3) ◽  
pp. 265 ◽  
Author(s):  
Hui Yin ◽  
Yinqiao Xiong ◽  
Jixin Zhang ◽  
Lu Ou ◽  
Shaolin Liao ◽  
...  
Keyword(s):  
Access Control ◽  
Large Scale ◽  
Keyword Search ◽  
Data Access ◽  
Encryption Scheme ◽  
Encrypted Data ◽  
Fine Grained ◽  
Data Access Control ◽  
Attribute Based Encryption ◽  
Key Policy

Attribute based encryption is a promising technique that achieves flexible and fine-grained data access control over encrypted data, which is very suitable for a secure data sharing environment such as the currently popular cloud computing. However, traditional attribute based encryption fails to provide an efficient keyword based search on encrypted data, which somewhat weakens the power of this encryption technique, as search is usually the most important approach to quickly obtain data of interest from large-scale dataset. To address this problem, attribute based encryption with keyword search (ABKS) is designed to achieve fine-grained data access control and keyword based search, simultaneously, by an ingenious combination of attribute based encryption and searchable encryption. Recently, several ABKS schemes have been constructed in secure cloud storage system for data access control and keyword search. Nonetheless, each of these schemes has some defects such as impractical computation overhead and insufficient access policy expression. To overcome these limitations, in this paper, we design a Key-Policy Searchable Attribute-based Encryption Scheme (KPSABES) based on the full-blown key-policy attribute-based encryption proposed by Vipul Goyal et al. By novel design, our scheme not only inherits all advantages of that scheme but also achieves efficient and secure keyword search over encrypted data. We provide the detailed performance analyses and security proofs for our scheme. Extensive experiments demonstrated that our proposed scheme is superior in many aspects to the similar work.

Sign in / Sign up

Export Citation Format

Share Document