Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems

IEEE Transactions on Parallel and Distributed Systems (Impact Factor: 2.17). 08/2011; 22(7):1214 - 1221. DOI: 10.1109/TPDS.2010.203
Source: IEEE Xplore


Some of the most challenging issues in data outsourcing scenario are the enforcement of authorization policies and the support of policy updates. Ciphertext-policy attribute-based encryption is a promising cryptographic solution to these issues for enforcing access control policies defined by a data owner on outsourced data. However, the problem of applying the attribute-based encryption in an outsourced architecture introduces several challenges with regard to the attribute and user revocation. In this paper, we propose an access control mechanism using ciphertext-policy attribute-based encryption to enforce access control policies with efficient attribute and user revocation capability. The fine-grained access control can be achieved by dual encryption mechanism which takes advantage of the attribute-based encryption and selective group key distribution in each attribute group. We demonstrate how to apply the proposed mechanism to securely manage the outsourced data. The analysis results indicate that the proposed scheme is efficient and secure in the data outsourcing systems.

274 Reads
  • Source
    • "A new user can be allotted a new attribute by AA or any existing group user may lose the attribute to revoke their access rights. Though, existing attribute revocation schemes [10] [11] [12] [13] [14] [15] depends too on a trustworthy server or are short of efficiency, those were not appropriate to tackle with the attribute revocation issues in data access management in multi-authority based data storage systems. "

    International Journal of Computer Applications 11/2015; 129(1):975-8887. DOI:10.5120/ijca2015906807
  • Source
    • "Since the introduction of ABE, there have been advances in multiple directions . The application of outsourcing computation [18], [19] is one of an important direction. Green et al. [2] designed the first ABE with outsourced decryption scheme to reduce the computation cost during decryption . "

    IEEE Transactions on Parallel and Distributed Systems 01/2015; DOI:10.1109/TPDS.2015.2392752 · 2.17 Impact Factor
  • Source
    • "Aiming at reducing the computation overhead of data service manager, Xie et al. [44] proposed new CP-ABE construction with efficient user and attribute revocation. Compared with Hur and Noh's [43], in the key update phase, the computation overhead of the data service manager will be reduced by half. "
    [Show abstract] [Hide abstract]
    ABSTRACT: With the development of cryptography, the attribute-based encryption (ABE) draws widespread attention of the researchers in recent years. The ABE scheme, which belongs to the public key encryption mechanism, takes attributes as public key and associates them with the ciphertext or the user's secret key. It is an efficient way to solve open problems in access control scenarios, for example, how to provide data confidentiality and expressive access control at the same time. In this paper, we survey the basic ABE scheme and its two variants: the key-policy ABE (KP-ABE) scheme and the ciphertext-policy ABE (CP-ABE) scheme. We also pay attention to other researches relating to the ABE schemes, including multiauthority, user/attribute revocation, accountability, and proxy reencryption, with an extensive comparison of their functionality and performance. Finally, possible future works and some conclusions are pointed out.
    07/2014; 2014:193426. DOI:10.1155/2014/193426
Show more