Article

Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems

Authors:
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

Some of the most challenging issues in data outsourcing scenario are the enforcement of authorization policies and the support of policy updates. Ciphertext-policy attribute-based encryption is a promising cryptographic solution to these issues for enforcing access control policies defined by a data owner on outsourced data. However, the problem of applying the attribute-based encryption in an outsourced architecture introduces several challenges with regard to the attribute and user revocation. In this paper, we propose an access control mechanism using ciphertext-policy attribute-based encryption to enforce access control policies with efficient attribute and user revocation capability. The fine-grained access control can be achieved by dual encryption mechanism which takes advantage of the attribute-based encryption and selective group key distribution in each attribute group. We demonstrate how to apply the proposed mechanism to securely manage the outsourced data. The analysis results indicate that the proposed scheme is efficient and secure in the data outsourcing systems.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... The proposed system also simulated and compared it to the [44], [45] and [46] schemes to expressly demonstrate the effectiveness of the proposed work. The experimental results shown in Fig. 11 implies a clear relationship between the size of the attribute universe and the setup computation time for various schemes ( [44], [45], [46]). ...
... The proposed system also simulated and compared it to the [44], [45] and [46] schemes to expressly demonstrate the effectiveness of the proposed work. The experimental results shown in Fig. 11 implies a clear relationship between the size of the attribute universe and the setup computation time for various schemes ( [44], [45], [46]). The computation times for all systems are constant to the number of attributes. ...
... The computation times for all systems are constant to the number of attributes. It means [45], and Jang et al. [46] schemes shows that the proposed work generates more setup calculation time. The proposed work takes into account the list of attributes from 5 to 25. Setup time takes 120 ms with 5 attributes as well as 25 attributes. ...
Article
Full-text available
Fog computing offers a viable solution to the overwhelming demands placed on cloud-based medical data processing, addressing issues related to low latency, storage, and bandwidth optimization for IoT applications. However, fog computing also presents challenges, particularly concerning privacy and security. Attribute-based encryption (ABE) has emerged as a robust cryptographic technique for ensuring the secure sharing of medical data. Despite its potential, existing systems face unresolved issues such as collusion induced by compromised users, trusted third-party attacks, bottleneck concerns in key generation, and inefficient key distribution. This study introduces both user and file-specific attributes-based encryption. It incorporates Chebyshev chaotic map to generate hash functions, enabling efficient session-based and mutual authenticated key setup in fog-based data-sharing scenarios. The proposed method offers a significant benefit through its authenticated session management, ensuring that confidential data is shared exclusively with authenticated users. Moreover, the approach effectively reduces third-party processing overheads and enhances protection against diverse cryptographic attacks like sybil attack, reply attack, guessing attack and modify attack. The proposed method effectively addresses crucial security aspects like authenticity, integrity and unpredictability. The comparison of computational and communication times with current systems underscores the significance of integrating ABE and the Chebyshev chaotic map for data sharing on devices with limited resources.
... The policy updating feature in ABE is usually achieved by the technique of proxy re-encryption ABE. The concept of PRE aims to make [17,62] KP [19] KP y [23] KP Central [24] CP Central Indirect Indirect [25] CP Central Direct [26] CP Central Authority [29] KP Decentral [27,28] CP Decentral [30] CP Decentral User [30] CP Decentral User [32] KP Authority [36] CP User Direct [31,35] CP User [33,34] CP Both [37,38,40,41] CP y [39] CP y y [42,43] CP y y y [44] CP y y [45] CP y Direct y [46] CP y y y [47,48] CP Indirect Indirect [49] CP Indirect [50] KP Indirect AU [52,53] CP Direct Direct [51] CP Direct [54] KP Direct y [55] KP Direct AU [58][59][60][61] CP y [57] CP Direct y [56] CP data sharing more efficient. The basic technique of PRE allows semitrusted parties, the so-called proxies, to transform the ciphertexts. ...
... Chase et al. [23] ( + 1) + ( + 1) ( + 1) + ( + 2)exp ( + 1)pair+ exp Li et al. [24] ( + + 1) + (2 + + ) (2 1 + 1) + (3 + 2)exp Goyalet al. [17] Tree Selective DBDH Ostrovsky et al. [19] LSSS Selective DBDH Lai et al. [62] LSSS full DBDH Chase et al. [23] Threshold Selective DBDH Li et al. [24] LSSS Full New Yu et al. [25] LSSS Selective q-type Xue et al. [26] LSSS Selective q-type Han et al. [29] Threshold Selective q-type Chase et al. [27] Threshold Selective DBDH Lewko et al. [28] LSSS Full New Zhang et al. [30] LSSS Selective q-type Wang et al. [32] Tree Selective mDBDH Liu et al. [36] LSSS Selective SDH Ning et al. [35] LSSS Full q-type Li et al. [31] AND Selective DBDH,D-lin Zhang et al. [34] LSSS Selective SDH, new Ning et al. [33] LSSS Full SDH, new Nishide et al. [37] And Selective DBDH,D-lin Lai et al. [38] And Full New Phuong et al. [39] And Selective DBDH,D-lin Zhang et al. [41] LSSS Full New Zhang et al. [40] LSSS Full New Liang et al. [42] And Selective ADBDH,CTDH Luo et al. [43] And Selective DBDH,CBDH Liang et al. [44] LSSS Full q-type,new Yang et al. [45] Tree Selective DBDH Zhang et al. [46] And Selective DBDH,D-lin,CBDH Hur et al. [47] Tree Selective BDH Yang et al. [48] LSSS Selective q-type Cui et al. [49] LSSS Selective q-type Xu et al. [50] LSSS Selective DBDH Yang et al. [51] And Selective q-type Fan et al. [52] Tree Full DBDH Zhang et al. [53] And Selective q-type Lewko et al. [54] Non-Mono Selective q-type Shi et al. [55] LSSS Selective multilin. DDH Deng et al. [58] LSSS Full New Li et al. [61] LSSS Full New Teng et al. [60] Threshold Selective q-type Wan et al. [57] Tree Selective BDH Wang et al. [56] DNF Selective BDH Wang et al. [59] Tree Selective DBDH in an indirect manner. ...
... In terms of access policies, the schemes [48,49] supported expressive LSSS-based access structures. The schemes [47,51,52] used tree-based access structures, while [53] only provided access structures with AND-gates. Both user and attribute revocation were realized in [47,48,52,53] , while the remaining schemes [49][50][51]54,55] only provided user revocation. ...
Article
Full-text available
Access control, a key feature of digital business models, such as streaming, relies on the implementation of encryption schemes. The diverse use of encryption schemes has led to the development of schemes with a variety of properties. This variety and a lack of comprehensive overview make it difficult for developers to select an appropriate scheme. To bridge this gap, we envision a cryptography encyclopedia. In this survey, we create a sub-encyclopedia for attribute-based encryption (ABE) schemes. More specifically, we provide an overview of relevant features and performance metrics and a taxonomy for ABE schemes. We also perform a performance and feature evaluation of 42 ABE schemes and apply our proposed topology to these approaches. %The content related to Section in the body of this document is not displayed in the PDF. Please confirm the addition of Section numbers or paragraph names.
... Attribute-based encryption (ABE) [1], as a cryptographic method that enables finegrained access control, attracts widespread attention from IoT researchers [2]. Due to its ability to provide a more flexible and dynamic access management mechanism, ABE encryption technology is particularly well-suited for data sharing and access control in the IoT. ...
... Hur and Noh [2], Liang et al. [4], and Xie et al. [5] proposed efficient CP-ABE schemes that enhance revocation capabilities through unique user identifiers, dual encryption methods, and outsourcing computation services. These approaches address the challenges of secure, fine-grained access control in data outsourcing systems. ...
Article
Full-text available
With the development and application of the Internet of Things (IoT), the volume of data generated daily by IoT devices is growing exponentially. These IoT devices, such as smart wearable devices, produce data containing sensitive personal information. However, since IoT devices and users often operate in untrusted external environments, their encrypted data remain vulnerable to potential privacy leaks and security threats from malicious coercion. Additionally, access control and management of these data remain critical issues. To address these challenges, this paper proposes a novel coercion-resistant ciphertext-policy attribute-based encryption scheme. The scheme leverages chameleon hashing to enhance deniable encryption, achieving coercion resistance, thereby enabling IoT data to resist coercion attacks. Moreover, the scheme employs attribute-based encryption to secure IoT data, enabling fine-grained access control and dynamic user access management, providing a secure and flexible solution for vast IoT data. We construct the scheme on a composite order bilinear group and provide formal proofs for its coercion resistance, correctness, and security. Finally, through experimental comparisons, we demonstrate the efficiency and feasibility of the proposed scheme.
... Specifically, machine learning algorithms are employed to monitor and analyze cloud storage environments in real-time, detecting potential threats and anomalies as they arise [10]. Concurrently, blockchain technology is utilized to secure access controls, ensuring that all data transactions are transparent, immutable, and resistant to tampering [11]. ...
... Beyond threat detection, ML has also been applied to optimize access control mechanisms in cloud environments. Hur J, Noh DK [11] proposed a dynamic access control framework that leverages machine learning to adapt to changing user behavior, thereby reducing the risk of unauthorized access. This flexible strategy has been successful in safeguarding system security while also enhancing operational efficiency. ...
... The summary of related work in terms of the methodology and approaches is depicted in Table 1. [17] CP-ABE × × [18] KP-ABE × × × [19] ABE × × × [20] ABE × × × [21] ABE × × [22] Fully policy-hidden CP-ABE × × [23] Hierarchy CP-ABE × × [24] ABE × × [25] CP-ABE × × [26] CP-MA-ABE × × [13] MA-ABE × × [27] MA-ABE × × [28] MA-ABE × × [29] Chase's scheme × × [30] MA-ABE × × [31] MA-ABE × × [32] ABE × × [33] Proxy Re-encryption × × [34] Access control policies × × [35] MR-ABE × × [14] CA-CP-ABE × × [36] AR-ABE × × [37] AR-ABE × × [38] Privacy protection × × [39] CPA and RCCA × × [40] ABE and CCA × × [41] CP-ABE × × [42] Fine-grained access control × × [43] FS-PKSE × × [44] MA-ABE × Our Method MA-CP-ABE ...
... The proposed scheme deals with data outsourcing and enforces authorization policies and policy updates. The authors of [34] suggested the notion of access-control policies and end-user revocation capabilities. The system produces the group keys to the revocation list in this case. ...
Article
Full-text available
Fog computing accredits by utilizing the network edge while still rendering the possibility to interact with the cloud. Nevertheless, the features of fog computing are encountering several security challenges. The security of end users and/or fog servers brings a significant dilemma in implementing fog computing. The computational power of the resources constrains Internet of Things (IoT) devices in the fog-computing environment. Therefore, an attacker can easily attack. The traditional methods like attribute-based encryption (ABE) techniques are inappropriate for resource-constraint devices with protracted computing and limited computational capabilities. In this regard, we investigate a multiauthority ciphertext policy-attribute-based encryption (MA-CP-ABE) method that enables multiauthority attribute revocation and computation outsourcing. Moreover, the encryption and decryption processes of resource-constraint IoT devices are outsourced to the fog nodes. In this way, it also reduces the computational burden of the resource-constraint IoT devices. Hence, we propose MA-CP-ABE for encryption and decryption, attribute revocation and outsourcing by reducing the computational burden and securing the system. We compare the computational offloading approach with the existing techniques to prove that the proposed approach outperforms the existing approaches. The proposed method reduces the operation time for the encryption and decryption process. We outsource cryptography operations to the fog node, reducing the end user’s computational cost. Eventually, simulated outcomes are used to assess the algorithm’s computational cost.
... Therefore, a fixed-size ciphertext helps to reduce the dependency and data traffic. Fixed-size ciphertext schemes use access structure languages that are not very expressive, whereas variable-size ciphertext schemes use access structure languages that are more expressive, enabling the development of APs that are not possible in fixed-size ciphertext schemes [96][97][98]. Ref. [99] also contains ciphertext of the smallest size and is very poorly expressive. ...
... An attribute-wise revocation scheme that is not reliable for the data generator is discussed in [74]. On the other hand, in schemes such as [95,98], there is no need for the producers to download anything following a revocation. Therefore, to enforce the revocation, a producer should always encrypt data using the same public parameters before uploading the ciphertext to the data store. ...
Article
Full-text available
Most data nowadays are stored in the cloud; therefore, cloud computing and its extension—fog computing—are the most in-demand services at the present time. Cloud and fog computing platforms are largely used by Internet of Things (IoT) applications where various mobile devices, end users, PCs, and smart objects are connected to each other via the internet. IoT applications are common in several application areas, such as healthcare, smart cities, industries, logistics, agriculture, and many more. Due to this, there is an increasing need for new security and privacy techniques, with attribute-based encryption (ABE) being the most effective among them. ABE provides fine-grained access control, enables secure storage of data on unreliable storage, and is flexible enough to be used in different systems. In this paper, we survey ABE schemes, their features, methodologies, benefits/drawbacks, attacks on ABE, and how ABE can be used with IoT and its applications. This survey reviews ABE models suitable for IoT platforms, taking into account the desired features and characteristics. We also discuss various performance indicators used for ABE and how they affect efficiency. Furthermore, some selected schemes are analyzed through simulation to compare their efficiency in terms of different performance indicators. As a result, we find that some schemes simultaneously perform well in one or two performance indicators, whereas none shines in all of them at once. The work will help researchers identify the characteristics of different ABE schemes quickly and recognize whether they are suitable for specific IoT applications. Future work that may be helpful for ABE is also discussed.
... However, the above schemes only support coarse-grained user revocation. Hur et al. (2010) introduced the concept of attribute groups, providing a foundation for fine-grained attribute revocation. Wang et al. (2018) proposed a revocation method that involves a third party's assistance, and the user's key consists of two parts: user key and group key. ...
Article
An effective method to protect cloud data is access control. But, the efficiency of key distribution by a single authority is low, and it is difficult to achieve dynamic attribute revocation when system properties are shared by multiple users. Existing attribute revocation mechanisms face challenges in terms of functional complexity and computational efficiency, which hinder their practical application. To address these issues, this paper put forward a Hierarchical CP-ABE scheme with Traceable Fine-grained User Revocation for Cloud Storage (FUR-HABE). In this scheme, most of the decryption calculations are outsourced to cloud servers. It employs a layered key authorization mechanism to provide flexible and scalable key delegation. Additionally, the scheme supports key encapsulation key (KEK) attribute revocation and user revocation to accommodate different revocation needs, enabling flexible revocation.
... The drawback is that the authority needs to be online constantly for updates, and the owner needs to determine the expiration date with the authority when publishing the ciphertext. Hur et al. [12] proposed a CP-ABE-based access control scheme with efficient attribute and user revocation functions. However, the scheme's group keys and attribute keys are independent, making it vulnerable to collusion attacks between non-revoked and revoked users. ...
Article
Full-text available
With the development of cloud computing and big data, data security and privacy protection in multi-user environments have become particularly important. Existing encryption schemes exhibit significant deficiencies in addressing the flexible revocation of user attributes and dynamic changes in access permissions, leading to unauthorized users illicitly accessing and tampering with data. Therefore, we propose a Blockchain-based Traceable Multi-Level Revocable Attribute-Based Encryption Scheme (BTMAR-ABE). This scheme combines the advantages of Attribute-Based Encryption (ABE) technology and blockchain, achieving real-time attribute updates and verification through smart contracts, thereby avoiding reliance on a single centralized management server and introducing uniquely associated random numbers to prevent collusion attacks. To achieve flexible and secure data access control, we designed a multi-level revocation mechanism for both temporary and permanent revocation to address short-term and long-term permission change requirements. Performance evaluation and security analysis indicate that the BTMAR-ABE scheme can effectively resist chosen plaintext attacks, attribute revocation attacks, and collusion attacks, while demonstrating significant efficiency advantages in computational cost. Simulation results further demonstrate that this scheme has high practical value in data security and access control.
... In terms of data sharing, there have been numerous studies focusing on data security and privacy leakage during the process of data sharing. Many encryption technologies have been applied in their researches, including attribute-based encryption [46], [49], proxy re-encryption [47], [50], [51], SGX [11], [48], etc. In [46], ABE technology is used to encrypt each patient's personal health record (PHR) to achieve fine-grained and extensible data access control. ...
Article
Full-text available
In our data-centric society, major service providers have access to vast amounts of user information (e.g., user-generated content such as social media posts, and device-generated content such as geolocation data) for convenient and efficient services. There are privacy implications when users authorize share personal data managed by service providers. To make authorization private and controllable, in this paper, we propose a private authorization scheme oriented service providers. A decentralized publicly-verifiable re-encryption method based on IPFS is proposed to minimize the reliance on service providers, by shifting to a distributed storage and computation model. Besides, we propose a trustless authorization authentication method that hides the authorization relationship to protect user privacy. We also evaluate the security of our scheme, as well as its performance to demonstrate utility.
... However, the above schemes only support coarse-grained user revocation. Hur et al. [22] introduced the concept of attribute groups, providing a foundation for fine-grained attribute revocation. Wang et al. [23] proposed a revocation method that involves a third party's assistance and the user's key consists of two parts: user key and group key. ...
Preprint
Full-text available
An effective method to protect cloud data is access control. But, the efficiency of key distribution by a single authority is low, and it is difficult to achieve dynamic attribute revocation when system properties are shared by multiple users. Existing attribute revocation mechanisms face challenges in terms of functional complexity and computational efficiency, which hinder their practical application. To address these issues, this paper put forward a Hierarchical CP-ABE scheme with Traceable Fine-grained User Revocation for Cloud Storage (FUR-HABE). In this scheme, most of the decryption calculations are outsourced to cloud servers. It employs a layered key authorization mechanism to provide flexible and scalable key delegation. Additionally, the scheme supports key encapsulation key (KEK) attribute revocation and user revocation to accommodate different revocation needs, enabling flexible revocation. Experimental results show that the proposed scheme is proven to be IND-CPA secure under the chosen plaintext attack strategy based on the decision-making q-BDHE assumption in the standard model. Compared to related work, this scheme exhibits superiority.
... Zhang et al. [36] proposed a CP-ABE scheme based on an "AND" gate structure with attribute revocation, but this scheme has poor access structure expression abilities. Hur et al. [37] proposed an access control scheme with coercive revocation capabilities to solve a problem in the access permissions caused by changes in the users' identity in the system. They introduced the concept of attribute groups. ...
Article
Full-text available
In smart cities, large amounts of multi-source data are generated all the time. A model established via machine learning can mine information from these data and enable many valuable applications. With concerns about data privacy, it is becoming increasingly difficult for the publishers of these applications to obtain users’ data, which hinders the previous paradigm of centralized training through collecting data on a large scale. Federated learning is expected to prevent the leakage of private data by allowing users to train models locally. The existing works generally ignore architectures designed in real scenarios. Thus, there still exist some challenges that have not yet been explored in federated learning applied in smart cities, such as avoiding sharing models with improper parties under privacy requirements and designing satisfactory incentive mechanisms. Therefore, we propose an efficient attribute-based participant selecting scheme to ensure that only someone who meets the requirements of the task publisher can participate in training under the premise of high privacy requirements, so as to improve the efficiency and avoid attacks. We further extend our scheme to encourage clients to take part in federated learning and provide an audit mechanism using a consortium blockchain. Finally, we present an in-depth discussion of the proposed scheme by comparing it to different methods. The results show that our scheme can improve the efficiency of federated learning by enabling reliable participant selection and promote the extensive use of federated learning in smart cities.
... To solve this problem, Many Abe schemes are proposed to reduce the burden of resource-constrained users. For example, outsourcing computing to cloud service providers [45], [53], designing ciphertext of constant size, compacting policy [83] and improving policy management [87]. More concretly, Li et al. [53] presented an outsourcing KP-ABE scheme with efficient query processing, which implements outsourcing key-issuing and outsourcing decryption. ...
Article
Full-text available
The new development trends including Internet of Things (IoT), smart city, enterprises digital transformation and world's digital economy are at the top of the tide. The continuous growth of data storage pressure drives the rapid development of the entire storage market on account of massive data generated. By providing data storage and management, cloud storage system becomes an indispensable part of the new era. Currently, the governments, enterprises and individual users are actively migrating their data to the cloud. Such a huge amount of data can create magnanimous wealth. However, this increases the possible risk, for instance, unauthorized access, data leakage, sensitive information disclosure and privacy disclosure. Although there are some studies on data security and privacy protection, there is still a lack of systematic surveys on the subject in cloud storage system. In this paper, we make a comprehensive review of the literatures on data security and privacy issues, data encryption technology, and applicable countermeasures in cloud storage system. Specifically, we first make an overview of cloud storage, including definition, classification, architecture and applications. Secondly, we give a detailed analysis on challenges and requirements of data security and privacy protection in cloud storage system. Thirdly, data encryption technologies and protection methods are summarized. Finally, we discuss several open research topics of data security for cloud storage.
... Exceptionally, in DAC-MACS [1], other than proposing a multi authority CP-ABE plot for cloud storage, the creators asserted that the attribute renouncement component [5]. The client's entrance authorization relies upon the attributes the client holds in the CP-ABE based access control framework, and each attribute might be controlled by numerous data clients [7]. CP-ABE plot was proposed to totally conceal the entrance strategy. ...
Article
Full-text available
In order to ensure the classification of reappropriated information while also providing adaptable information access to cloud clients whose information is not under their physical control, secure distributed storage is a growing cloud administration trend. One of the most promising methods for verifying the administration's certification is cypher text-policy attribute-based encryption (CP-ABE). Due to the inherent "win big or bust" unscrambling feature of CP-ABE, the adoption of CP-ABE may result in an inescapable security breach known as the abuse of access accreditation (for example, decoding privileges). Here, we focus on two key cases in which a cloud client's access qualification is abused by a semi-believed specialist. CryptCloud+, a distributed storage platform with white-box discernibility and review, is proposed as a way to limit the exploitation of the system. Additionally, we demonstrate the framework's usefulness by conducting studies.
... Similarly, reference [102] also used CP-ABE to manage shared PHR, and introduced the concept of social or professional fields. Literature [103,106] proposed two types of CP-ABE schemes with direct attribute revocation capabilities have been introduced, instead of periodic revocation. ...
Article
Full-text available
Physical sensors, intelligent sensors, and output recommendations are all examples of smart health technology that can be used to monitor patients’ health and change their behavior. Smart health is an Internet-of-Things (IoT)-aware network and sensing infrastructure that provides real-time, intelligent, and ubiquitous healthcare services. Because of the rapid development of cloud computing, as well as related technologies such as fog computing, smart health research is progressively moving in the right direction. Cloud, fog computing, IoT sensors, blockchain, privacy and security, and other related technologies have been the focus of smart health research in recent years. At the moment, the focus in cloud and smart health research is on how to use the cloud to solve the problem of enormous health data and enhance service performance, including cloud storage, retrieval, and calculation of health big data. This article reviews state-of-the-art edge computing methods that has shifted to the collection, transmission, and calculation of health data, which includes various sensors and wearable devices used to collect health data, various wireless sensor technologies, and how to process health data and improve edge performance, among other things. Finally, the typical smart health application cases, blockchain’s application in smart health, and related privacy and security issues were reviewed, as well as future difficulties and potential for smart health services. The comparative analysis provides a reference for the the mobile edge computing in healthcare systems.
... In response, researchers have explored the use of attribute-based encryption (ABE) to streamline data sharing and access between users and devices, as evidenced in the literature [8,9]. Hur and Noh [10] proposed a revocable attribute-based encryption system, utilizing a proxy for permission revocation, with the user list being publicly accessible to the proxy. Li et al. [11] applied scalable ABE in cloud computing for sharing personal health records. ...
Article
Full-text available
In virtual power plants, diverse business scenarios involving user data, such as queries, transactions, and sharing, pose significant privacy risks. Traditional attribute-based encryption (ABE) methods, while supporting fine-grained access, fall short of fully protecting user privacy as they require attribute input, leading to potential data leaks. Addressing these limitations, our research introduces a novel privacy protection scheme using zero-knowledge proof and distributed attribute-based encryption (DABE). This method innovatively employs Merkel trees for aggregating user attributes and constructing commitments for zero-knowledge proof verification, ensuring that user attributes and access policies remain confidential. Our solution not only enhances privacy but also fortifies security against man-in-the-middle and replay attacks, offering attribute indistinguishability and tamper resistance. A comparative performance analysis demonstrates that our approach outperforms existing methods in efficiency, reducing time, cost, and space requirements. These advancements mark a significant step forward in ensuring robust user privacy and data security in virtual power plants.
... Although encryption and verification ensure that the service provider does not access or tamper with the data, the access control mechanisms are essential to prevent external attackers from accessing the encrypted database (S. Hur & Noh, 2010;Wei et al., 2021). They serve as gatekeepers that govern data accessibility within an encrypted database. ...
Article
Full-text available
Limited by the local storage resource, data users have to encrypt their data and outsource the encrypted databases to cloud servers to enjoy low-cost, professional data management services, which promotes the rapid development of outsourcing database technology. Despite this, the complex underlying setting and loosely coupled database architecture lead to various security risks and performance bottlenecks, while there is currently no work to achieve a comprehensive evaluation of existing encrypted database solutions from the aspects of underlying settings, security levels, functions, etc. In this work, we first propose an evaluation model to assess SQL functionalities and security from multiple dimensions. Secondly, we categorise the existing SQL query schemes into three categories: software-based construction, hardware-based construction, and hybrid-based construction, that is, a combination of software and hardware components. On this basis, we analyse the framework, advantages, and limitations of classic and state-of-the-art schemes. Finally, we summarise the software-based and hardware-based approaches from dimensions of SQL functionality, security, and efficiency, thus clarifying their ideal application scenarios. Notably, SQL query schemes that exhibit minimal equality of pair leakage and support strong obliviousness can achieve higher levels of security. In addition, hardware-based solutions can achieve more complex SQL queries and superior performance without designing complex and functionally-limited cryptographic tools.
... Therefore, the forward and backward secrecy could not be achieved. Hur et al. [47] proposed a subset cover binary tree-based and indirect revocation scheme. The scheme validated all attributes and stored the path/walk key for the users. ...
Article
Full-text available
The modern medical system is convergence of cutting-edge technologies and advancements in the healthcare environment. In the modern medical system, the storage of electronic health records is generally leased out to third-party cloud service providers (CSPs). But, CSPs cannot be entirely relied upon due to the potential security and privacy issues. This article presents Multi-Authority and Hierarchical Attribute-Based Encryption Scheme (MH-ABE) scheme to promote secure information sharing and protect patient’s privacy. The utilization of CP-ABE in conjunction with multiple Attribute Authorities within the proposed MH-ABE scheme presents a scalable and fine-grained approach to data access control. The proposed MH-ABE scheme incorporates the utilization of a Hierarchical Access Tree to effectively encrypt numerous files concurrently, hence reducing the computational and storage cost. The proposed scheme has also been evaluated using a comparative analysis with existing schemes, emphasizing the assessment of computational and storage costs. The findings of this analysis demonstrate improved performance and efficiency of the proposed ciphertext policy based encryption scheme. The proposed MH-ABE scheme incorporates features such as policy hiding and revocation, and it exhibits resilience against attacks, including collusion resistance, Indistinguishability under chosen-plaintext attack and forward secrecy.
... In this strategy each document is encoded independently and their encryption effectiveness expanded by hierarchical property based encryption scheme. [20] First centre on active schemes for encrypting a single access schemes. This is not possible to share documents to IEEEXplore Digital library. ...
... In contrast, indirect revocation can achieve finer-grained attribute revocation and offers greater flexibility. In 2011, Hur et al. [22] introduced an indirect revocation CP-ABE scheme. Although this scheme supports attribute revocation, it is unable to effectively defend against collaborative attacks initiated by users. ...
Article
Full-text available
The emerging cloud storage technology has significantly improved efficiency and productivity in the traditional electronic healthcare field. However, it has also brought about many security concerns. Ciphertext policy attribute-based encryption (CP-ABE) holds immense potential in achieving fine-grained access control, providing robust security for electronic healthcare data in the cloud. However, current CP-ABE schemes still face issues such as inflexible attribute revocation, relatively lower computational capabilities, and key management. To address these issues, this paper introduces a revocable and traceable undeniable ciphertext policy attribute-based encryption scheme (MA-RUABE). MA-RUABE not only enables fast and accurate data traceability, effectively preventing malicious user key leakage, but also includes a direct revocation feature, significantly enhancing computational efficiency. Furthermore, the introduction of a multi-permission mechanism resolves the issue of centralization of power caused by single-attribute permissions. Furthermore, a security analysis demonstrates that our system ensures resilience against chosen plaintext attacks. Experimental results demonstrate that MA-RUABE incurs lower computational overhead, effectively enhancing system performance and ensuring data-sharing security in cloud-based electronic healthcare systems.
... Other theoretical solutions to this problem were presented in Refs. [32,33], but they suffered from revocation collision attacks, (i.e., a revoked user can collaborate with a non-revoked user to recover the decryption capability of the revoked user accessing data that they could not get separately). ...
Article
Full-text available
Collaborative manufacturing is a key enabler of Industry 4.0 that requires secure data sharing among multiple parties. However, intercompany data-sharing raises important privacy and security concerns, particularly given intellectual property and business-sensitive information collected by many devices. In this paper, we propose a solution that combines four technologies to address these challenges: Attribute-Based Encryption for data access control, blockchain for data integrity and non-repudiation, Hardware Security Modules for authenticity, and the Interplanetary File System for data scalability. We also use OpenID for dynamic client identification and propose a new method for user revocation in Attribute-Based Encryption. Our evaluation shows that the solution can scale up to 2,000,000 clients while maintaining all security guarantees.
Chapter
This paper proposes a new identity, and its underlying meta-data, model. The approach enables secure spanning of identity meta-data across many boundaries such as health-care, financial and educational institutions, including all others that store and process sensitive personal data. It introduces the new concepts of Compound Personal Record (CPR) and Compound Identifiable Data (CID) ontology, which aim to move toward own your own data model. The CID model ensures authenticity of identity meta-data; high availability via unified Cloud-hosted XML data structure; and privacy through encryption, obfuscation and anonymity applied to Ontology-based XML distributed content. Additionally CID via XML ontologies is enabled for identity federation. The paper also suggests that access over sensitive data should be strictly governed through an access control model with granular policy enforcement on the service side. This includes the involvement of relevant access control model entities, which are enabled to authorize an ad-hoc break-glass data access, which should give high accountability for data access attempts.
Article
Ciphertext Policy Attribute-Based Encryption (CP-ABE) is one of the most prevalent cryptographic primitives for realizing privacy and fine-grained access control in cloud computing. However, most of the existing CP-ABE schemes constructed using Paring-Based Cryptography (PBC) from Discrete Logarithm Problem (DLP) or Diffie Hellman Problem (DHP) assumptions are susceptible to quantum attacks, whereas CP-ABE schemes constructed using lattice-based cryptography based on Learning with Errors (LWE) and Ring-LWE (R-LWE) assumptions are quantum-safe and ensure fine-grained access control. This paper comprehensively surveys the existing Lattice-based CP-ABE (LCP-ABE) schemes based on LWE and R-LWE assumptions. Further, this paper analyzes and compares the security and performance features of existing LCP-ABE schemes. Finally, this paper identifies the open issues and future directions that need further investigation on LCP-ABE schemes.
Article
Full-text available
An efficient revocation of access rights in ciphertext policy attribute-based encryption (CPABE) schemes has multiple challenges, particularly for lightweight devices. Thus, extensive research on the existing studies enforcing and governing access control has been conducted. The methodologies used in the existing CPABE (bilinear pairing cryptography based) schemes to revoke users at the system and attribute levels have been focused on in the current study. The existing studies have been examined on the basis of the following parameters for revocation: type of revocation addressed, level of collusion resistance, dynamicity achieved, scalability of revocation, and computational cost incurred. It has been observed in the study that no single scheme achieves all the revocation properties and addresses both types of revocation. The module proposed in proxy-based and collusion-resistant multi-authority revocable CPABE (PCMR-CPABE) efficiently addresses both types of revocation and is fully collusion-resistant, dynamic, and scalable. The present paper extends the study on PCMRCPABE and presents a performance analysis of the module in terms of functional specifications and computational cost. The presented analysis has compared the performance of the existing cutting-edge schemes with the PCMR-CPABE module and has proved that the proposed module is better in terms of functionality and is computationally inexpensive.
Article
The cloud-edge collaborative data sharing supporting data confidentiality can be realized by adopting outsourced Attribute-Based Encryption (ABE) schemes. Yet, most existing schemes in such kind of scenarios are facing challenges such as vulnerable terminal devices that are easy to be attacked, lack of flexible authorization management methods for a large number of devices, and lack methods to securely specify on-demand data sharing domains. In this paper, we propose a Domain-specific On-demand Access Control scheme with fully Independent Revocation (DOACIR), which not only realizes a three-layer on-demand data sharing framework for cloud-edge collaborative IoT environments but also allows data uploader to restrict the data sharing domain through a succinct way. The attribute authority and multiple edge servers perform data access authorization collaboratively to improve the data sharing efficiency as well as avoid the key-abuse problem and key-leakage problem. Fully independent user revocation is also realized in DOACIR to flexibly manage terminal devices in IoT. Further, we improve the scheme to support cross-domain data sharing, namely Cross-Domain DOACIR (CD-DOACIR), by improving the encryption phase allowing data uploader to specify any number of sharing domains while the size of ciphertext remains constant. We provide the security proofs of DOACIR and CD-DOACIR, and the experiment results demonstrate the effectiveness and efficiency of our solutions in cloud-edge collaborative on-demand data sharing.
Article
Users have become accustomed to storing data on the cloud using ciphertext policy attribute-based encryption (CP-ABE) for fine-grained access control. However, this encryption method does not consider the ability of malicious users to launch thousands of file download requests when launching an economic denial of sustainability attack (EDoS), which may be more expensive for data owners. Existing solutions typically use a cloud server to verify the download permissions of the data users. However, cloud servers are not completely trusted and cloud server providers and colluding data users can still launch an EDoS attack. With our scheme, using CP-ABE, a blockchain is introduced for verifying the download permission of data users. In addition, we propose a new mechanism to solve the problem of malicious user revocations under EDoS attacks by updating the ciphertext and symmetric encryption technology. A formal security proof has demonstrated that the proposed scheme is suitable for plaintext attack security. Theoretical and experimental analyses show that our scheme performs more efficiently than previous methods.
Article
Full-text available
This paper presents the design and implementation of Personal Health Records and providing security to them while they are stored at third party such as cloud. Personal Health Record is web based application that allows people to access and coordinate their lifelong health information. The patient have control over access to their own PHR. To achieve security of personal health records we use the attribute based encryption to encrypt the data before outsourcing it. Here we focus on multiple types of PHR owner scenario and division of personal health records users into multiple security domains which reduce key management complexity for owners and users. A high degree of patient's privacy is guaranteed. Our scheme gives personal health record owner full control of his/her data. Extensive security and performance analysis shows that the proposed scheme is highly efficient.
Article
Vehicle ad hoc networks (VANETs) provide a convenient mobile communication environment for vehicles, pedestrians, and infrastructure. However, data confidentiality, access permission leakage, and privacy disclosure, are major issues of concern in such systems. Therefore, we present a publicly accountable data-sharing scheme for VANETs based on an expressive ciphertext policy attribute-based encryption (CP-ABE) algorithm. In this paper, we use white-box traceability and auditing technology to enforce accountability of both traitors and the key authority, and we employ two authorities to generate user keys collaboratively to weaken the power of one component and prevent the authority from tampering with users' identities. Considering the flexible change of vehicle attributes, we implement the revocation of malicious users or vehicles by updating partial keys and ciphertexts related to revoked user's attributes. Our method also supports attribute revocation and attribute update to deal with the complex and changeable environments of VANETs and achieves privacy preservation by adopting partial policy hiding technology. Multiple fog nodes are deployed at the edge of the cloud server to assist users who are short on resources in completing the encryption and decryption calculations. Comprehensive experimental results indicate that the proposed scheme has many advantages over others in terms of key storage consumption and the computational time consumption of encryption and decryption operations.
Article
As Cloud computing is a new emergent technology despite having many beneficial factors, it faces many threats in various ways. To give the security with degrading the performance. In this project we propose an access control model featured with the efficient key update function in data outsourcing environment. Our access control is based on the combination of triple DES and role based access control (RBAC). The certificate is distributed in the form of token generated by the system and sent through the mail for secure transaction. In Our project a user’s key is incorporated into the token which will be used to decrypt the triple DES based on role based. This 3DES and RBAC together makes hybrid encryption and can be accessed using token generated key of that role user. This significantly reduces the overheads in updating and distributing keys of all users simultaneously compared to the existing 3DES based schemes. Decentralized Multi-Authority ABE (DMA), which is derived from 3DES that is resilient to these types of misbehaviour. Our system distinguishes between a data owner (DO) principal and attribute authorities (AAs): the DO owns the data but allows AAs to arbitrate access by providing attribute labels to users. The data is protected by policy encryption over these attributes. Finally our system is highly secured as hybrid encryption on 3DES and RBAC to secure the data and key to decrypt is token generated and shared in the distributed system. The decentralized system helps in the parallel computing the secure transaction between the users efficiently with high performance in cloud
Conference Paper
Healthcare Internet of Things (HIoT) systems are a step forward in improving the efficiency and quality of patients’ vital information. The HIoT system collects, encrypts, and outsources the patients’ sensitive data over the cloud server for storage and sharing purposes. Pairing-free ciphertext-policy attribute-based encryption (PF-CPABE) is the prominent solution to provide lightweight and fine-grained access control over shared encrypted healthcare data. However, the existing PF-CPABE constructions suffer from one or more limitations, including a key escrow problem and inefficient user revocation while achieving backward and forward secrecy. In this paper, we propose an Escrow and Pairing Free CP-ABE Scheme (EPFCS) with forward and backward secrecy for HIoT. The proposed EPFCS ensures a key escrow-free HIoT system, facilitates the secure distribution of users’ secret keys without using the secure channel in PF-CPABE, and enables efficient user revocation while achieving forward and backward secrecy even in dynamic healthcare scenarios. The security analysis confirms that the proposed EPFCS ensures confidentiality, key escrow freeness, forward and backward secrecy, and resistance against key collusion attacks. Furthermore, the performance analysis demonstrates that the proposed EPFCS is more effective and efficient in aspects of communication and computation costs than the existing schemes.
Article
Vehicular ad hoc network (VANET), as an important part of intelligent transportation system, attracts more and more attention since it can provide communication about traffic and vehicle conditions, and optimize the transportation. It is noted that it also faces a series of security challenges. One of core issues is how to achieve secure data sharing and access control. Ciphertext-policy attribute-based encryption (CP-ABE) technique is often used to achieve these goals simultaneously. However, in the execution process of applying CP-ABE to VANET, there are two crucial issues that need to be resolved. One is key-escrow issue, which means that all vehicles’ secret keys will be leaked once if the central attribute authority (CAA) is compromised, and another is the revocation issue of departing vehicles from current region. In order to resolve these two issues simultaneously, in this paper, we propose an efficient data sharing protocol for VANET with the key-escrow-free and vehicle-revocable properties. More specifically, we design a sub-protocol between CAA and vehicles, which interactively issues secret keys for these vehicles. But CAA does not know any user’s true secret key, which guarantees that it is still secure even if CAA is compromised. In addition, we additionally introduce an entity named group manager, which manages and updates the unrevoked users in the current group. In order to improve the efficiency of the whole system, we adopt the online/offline encryption method for data owner and outsourced decryption technique for the resource-constraint data users. Finally, the performance analysis show that our proposed protocol is competitive in the phases of online encryption, key generation and CAA-setup, and thus is useful in the practical applications of VANET.
Article
Nowadays, cloud computing and cloud storage services that can reduce the local workload are becoming increasingly popular, allowing individual and corporate users to upload data to the cloud. Since the user’s permissions in the system are not immutable, the users should have dynamic access. Revocation of users who have been granted access to data is also a strong need for cloud computing systems. In addition, we should ensure the data integrity after the cloud server performs a revocation. To address above issues, we propose a revocable attribute-based encryption scheme that protects the data integrity (RABE-DI). Our scheme is more efficient compared with existing RABE-DI schemes. In addition, we prove the semantic security and integrity of the scheme. Experimental result shows that the similar scheme is not as efficient as ours.
Article
The Industrial Internet is the combination of traditional industry and Internet technology to achieve intelligent, automated, information-based, and networked production modes. From the closed industrial environment to the open Internet network environment, data sharing in the industrial scenario is facing various risks brought by open network. Ciphertext policy attribute-based encryption (CP-ABE) can guarantee industrial data confidentiality while achieving precise and flexible access control. However, the current CP-ABE schemes cannot fully meet the requirements of the Industrial Internet, due to inefficient algorithms, incomplete functionality, poor dynamic monitoring capability, and separation from the Industrial Internet framework. Therefore, this paper proposes a unified CP-ABE data security sharing scheme matching the Industrial Internet framework. To decrease the local calculation cost of the industrial device, outsourced encryption is implemented by using multiple computing nodes to encrypt the subkeys respectively. Online/offline encryption can be outsourced to computing nodes. Attribute revocation can efficiently update the revoked users private key. Search-related costs are all constant. To enhance the dynamic monitoring, trust is set as an attribute and is updated adaptively in time through the attribute revocation algorithm. To further improve the security of data sharing, encapsulation is combined with on-chain ciphertext storage, which not only prevents symmetric ciphertext from being stolen and tampered with, but also modifies the ciphertext component of the key ciphertext as needed. The scheme also realizes functions including outsourced decryption and policy hiding. The scheme can resist the chosen plaintext and keyword attack, and ensure the forward and backward security of attribute revocation. By analysis and experiment, although our scheme achieves massive functions, it also has excellent algorithm efficiency.
Preprint
Ciphertext Policy Attribute Based Encryption (CPABE) emerged as a trusted solution to enforce access control in an untrusted cloud environment. CPABE allows data owners to implement one-to-many encryptions by defining an access policy. The data user’s secret key must comply with the access policy’s requirements before the key can successfully decrypt the ciphertext. However, efficient revocation of access rights in CPABE schemes has multiple challenges, particularly for lightweight devices. Thus, extensive research to enforce and govern access control is absolute need. The present study reviews the bilinear pairing cryptography-based revocable CPABE schemes. The methodologies used in the existing CPABE schemes to revoke users at the system and attribute levels have been focused on in the current study. The module proposed in Proxy-based and Collusion-Resistant Multi-Authority Revocable CPABE (PCMR-CPABE) efficiently addresses the revocation issue. The present paper extends the study on PCMR-CPABE and presents a performance analysis of the module. The presented analysis has compared the computational cost of the existing cutting-edge schemes with the PCMR-CPABE module. The study has proved that the proposed module is computationally inexpensive.
Article
Attribute based encryption (ABE) is a cryptographic technique allowing fine-grained access control by enabling one-to-many encryption. Existing ABE constructions suffer from at least one of the following limitations. First, single point of failure on security meaning that, once an authority is compromised, an adversary can either easily break the confidentiality of the encrypted data or effortlessly prevent legitimate users from accessing data; second, the lack of user and/or attribute revocation mechanism achieving forward and backward secrecy; third, a heavy computation workload is placed on data user; last but not least, the lack of adaptive security in standard models. In this paper, we propose the first single-point-of-failure free multi-authority ciphertext-policy ABE that simultaneously (1) ensures robustness for both decryption key issuing and access revocation while achieving both backward and forward secrecy; (2) enables outsourced decryption to reduce the decryption overhead for data users that have limited computational resources; and (3) achieves adaptive (full) security in standard models. The provided theoretical complexity comparison as well as the conducted experiments show that our construction introduces linear storage and computation overheads that occurs only once during its setup phase, which we believe to be a reasonable price to pay to achieve all previous features.
Article
Internet of Things (IoTs) has been a burgeoning field that transforms the ubiquitous objects to interconnected devices and intelligent system. Today, with the emerging of innovative technologies such as cloud computing, the IoT sector is in a race to leverage these novel technologies to achieve optimal performance. Naturally the Digital Twins (DTs) architecture acts as an indispensable intermediary bridge to couple the IoT domain with these lastest technologies together. However, a tremendous obstacle is that the current Revocable Attribute-Based Encryption (RABE) schemes applied in the DTs paradigm fail to balance the efficiency, security and scalability simultaneously. In this paper, we tackle this challenge by presenting an unbounded and efficient direct RABE scheme with adaptive security. Compared with the previous schemes in this domain, our approach achieves revocable and fine-grained access control efficiently by employing the arithmetic span program (ASP) as the access structure. In this way, the expensive bilinear pairing and exponentiation operations are reduced significantly. Moreover, the unbounded property is satisfied in our scheme since the parameters are not required to be predefined in the setup phase. At last, with the support of the Matrix Decisional Diffie-Hellman (MDDH) assumption, the proposed scheme is proved to achieve adaptive security by adopting dual system encryption methodology. Theoretical comparison and implementation results demonstrate our proposed scheme possesses prominent practicability, scalability and efficiency.
Article
Full-text available
With the quick advance of the PC innovation, cloud-based administrations accept angry into a hotly debated issue.
Article
Attribute‐based encryption (ABE) is a prominent cryptographic tool for secure data sharing in the cloud because it can be used to enforce very expressive and fine‐grained access control on outsourced data. The revocation in ABE remains a challenging problem as most of the revocation techniques available today, suffer from the collusion attack. The revocable ABE schemes which are collusion resistant require a semi‐trusted manager to update the secret keys of nonrevoked users in order to achieve revocation. This introduces computation and communication overhead, and also increases the overall security vulnerability. In this paper, we propose two collusion resistant revocable ABE schemes that do not require any semi‐trusted entity. Our first scheme supports revocation at the user‐level that is equivalent to revoking all the attributes from a user. Our second scheme supports revocation at the attribute‐level that enables more fine‐grained revocation by allowing selective attribute(s) revocation from a user. We call them user‐level revocable ABE (ULR‐ABE) and attribute‐level revocable ABE (ALR‐ABE), respectively. For both the schemes, the secret keys of the nonrevoked users are never affected and the decryption algorithm has the same performance as the baseline ABE scheme. We are able to achieve these at the cost of some increase (compared to the baseline scheme) in the size of the secret key and the ciphertext.
Chapter
Cloud computing facilitates data exchange and outsourcing. Any business or organization may exchange data for societal and individual benefit. Organizations lose control of their data when they upload files to the cloud. As a method of restricting access to data in a cloud setting, attribute-based encryption (ABE) has gained popularity. However, current ABE schemes have some limitations. First, contemporary ABE techniques are incapable of depicting the real-world situations of corporate data exchange, particularly when the companies are hierarchically structured. Second, they have scalability constraints when it comes to key management. Third, it is necessary to streamline the revocation methods in order to accommodate hierarchical data sharing. In this paper, we extend our multi-authority scheme HD-MAABE, by incorporating a delegation service between the root master authorities and the domain master authorities, allowing for greater security and scalability. Using mediation server and keeping an attribute revocation list on the cloud server makes the revocation procedure simple. The scheme supports the LSSS policy structure’s adaptability. Proof of security is based on q-parallel BDHE security assumptions. We show that the proposed method is secure as well as computationally and functionally efficient through the use of cost analysis, feature comparison and security analysis.KeywordsAccess controlAttribute-based encryptionHierarchically structured organizationsCloudData sharing
Article
With the rapid deployment of storage services, secure and efficient user authorization and revocation data shared through the cloud have become a grand challenge hindering cloud data applications. When previous direct and indirect user revocation schemes implemented large-scale user revocation, they faced heavy communication and computational costs. To address these challenges, this study presents a new encryption scheme that combines ciphertext-policy attribute-based encryption (CP-ABE) with puncturable encryption to achieve efficient and flexible user revocation. We design a proxy server to reduce the computational overhead in the decryption phase. Because the puncture process is performed on a semi-honest cloud, we use the digital signature method to verify the correctness of its operation. Furthermore, we prove the security of our scheme under the chosen-plaintext attack (CPA), and compare it with other schemes to highlight its advantages. Numerical analysis and experimental simulation results reveal that our scheme is more suitable than other schemes for use in a cloud environment for user revocation.
Article
Presently, the focus of target detection is shifting towards the integration of information acquired from multiple sensors. When faced with a vast amount of data from various sensors, ensuring data security during transmission and storage in the cloud becomes a primary concern. Data files can be encrypted and stored in the cloud. When using data, the required data files can be returned through ciphertext retrieval, and then searchable encryption technology can be developed. However, the existing searchable encryption algorithms mainly ignore the data explosion problem in a cloud computing environment. The issue of authorised access under cloud computing has yet to be solved uniformly, resulting in a waste of computing power by data users when processing more and more data. Furthermore, to save computing resources, ECS (encrypted cloud storage) may only return a fragment of results in response to a search query, lacking a practical and universal verification mechanism. Therefore, this article proposes a lightweight, fine-grained searchable encryption scheme tailored to the cloud edge computing environment. We generate ciphertext and search trap gates for terminal devices based on bilinear pairs and introduce access policies to restrict ciphertext search permissions, which improves the efficiency of ciphertext generation and retrieval. This scheme allows for encryption and trapdoor calculation generation on auxiliary terminal devices, with complex calculations carried out on edge devices. The resulting method ensures secure data access, fast search in multi-sensor network tracking, and accelerates computing speed while maintaining data security. Ultimately, experimental comparisons and analyses demonstrate that the proposed method improves data retrieval efficiency by approximately 62%, reduces the storage overhead of the public key, ciphertext index, and verifiable searchable ciphertext by half, and effectively mitigates delays in data transmission and computation processes.
Conference Paper
Full-text available
Identity-based encryption (IBE) is an exciting alterna- tive to public-key encryption, as IBE eliminates the need for a Public Key Infrastructure (PKI). Any setting, PKI- or identity-based, must provide a means to revoke users from the system. Efficient revocation is a well-studied problem in the traditional PKI setting. However in the setting of IBE, there has been little work on studying the revocation mechanisms. The most practical solution re- quires the senders to also use time periods when encrypt- ing, and all the receivers (regardless of whether their keys have been compromised or not) to update their private keys regularly by contacting the trusted authority. We note that this solution does not scale well - as the num- ber of users increases, the work on key updates becomes bottleneck. We propose an IBE scheme that significantly improves key-update efficiency on the side of the trusted party (from linear to logarithmic in the number of users), while staying efficient for the users. Our scheme builds on the ideas of the Fuzzy IBE primitive and binary tree data structure, and is provably secure.
Conference Paper
Full-text available
Online social networks (OSNs) are immensely popular, with some claiming over 200 million users. Users share private content, such as personal information or photographs, using OSN applications. Users must trust the OSN service to protect personal information even as the OSN provider benefits from examining and sharing that information. We present Persona, an OSN where users dictate who may access their information. Persona hides user data with attribute-based encryption (ABE), allowing users to apply fine-grained policies over who may view their data. Persona provides an effective means of creating applications in which users, not the OSN, define policy over access to private data. We demonstrate new cryptographic mechanisms that enhance the general applicability of ABE. We show how Persona provides the functionality of existing online social networks with additional privacy benefits. We describe an implementation of Persona that replicates Facebook applications and show that Persona provides acceptable performance when browsing privacy-enhanced web pages, even on mobile devices.
Conference Paper
Online social networks (OSNs) are immensely popular, with some claiming over 200 million users. Users share private content, such as personal information or photographs, using OSN applications. Users must trust the OSN service to protect personal information even as the OSN provider benefits from examining and sharing that information. We present Persona, an OSN where users dictate who may access their information. Persona hides user data with attribute-based encryption (ABE), allowing users to apply fine-grained policies over who may view their data. Persona provides an effective means of creating applications in which users, not the OSN, define policy over access to private data. We demonstrate new cryptographic mechanisms that enhance the general applicability of ABE. We show how Persona provides the functionality of existing online social networks with additional privacy benefits. We describe an implementation of Persona that replicates Facebook applications and show that Persona provides acceptable performance when browsing privacy-enhanced web pages, even on mobile devices.
Article
Attributes define, classify, or annotate the datum to which they are assigned. However, traditional attribute architectures and cryptosystems are ill-equipped to provide security in the face of diverse access requirements and environments. In this paper, we introduce a novel secure information management architecture based on emerging attribute-based encryption (ABE) primitives. A policy system that meets the needs of complex policies is defined and illustrated. Based on the needs of those policies, we propose cryptographic optimizations that vastly improve enforcement efficiency. We further explore the use of such policies in two proposed applications: a HIPAA compliant distributed file system and a social network. A performance analysis and characterization of ABE primitives demonstrates the ability to reduce cryptographic costs by as much as 98% over previously proposed constructions. Through this, we demonstrate that our attribute system is an efficient solution for securely managing information in large, loosely-coupled, distributed systems.
Article
Revocation is a vital open problem in almost every cryp- tosystem dealing with malicious behaviors. In ciphertext policy attribute based encryption, unlike traditional public key cryptosystem, different users may hold the same func- tional secret keys related with the same attribute set leading to additional difficulties in designing revocation mechanism. In this paper, we propose the ciphertext policy attribute based encryption scheme with efficient revocation which can be proved secure in the standard model. Our construction uses linear secret sharing and binary tree techniques as the underlying tools. In addition to assigned attribute set, each user is also assigned with a unique identifier. Therefore, a user can be easily revoked by using his/her unique identifier; on the other hand, the encryption and decryption algorithms of ABE (Attribute Based Encryption) can be done without any involvement of these unique identifiers. Then, we prove the chosen plaintext security of our construction based on Decisional Bilinear Diffie-Hellman (DBDH) assumption in the standard model. Finally, we provide some discussion on the efficiency of our scheme and the extensions including delegation capability and chosen ciphertext security.
Conference Paper
As more sensitive data is shared and stored by third-party sites on the Internet, there will be a need to encrypt data stored at these sites. One drawback of encrypting data, is that it can be selectively shared only at a coarse-grained level (i.e., giving another party your private key). We develop a new cryptosystem for flne-grained sharing of encrypted data that we call Key-Policy Attribute-Based Encryption (KP-ABE). In our cryptosystem, ciphertexts are labeled with sets of attributes and private keys are associated with access structures that control which ciphertexts a user is able to decrypt. We demonstrate the applicability of our construction to sharing of audit-log information and broadcast encryption. Our construction supports delegation of private keys which subsumes Hierarchical Identity-Based Encryption (HIBE).
Conference Paper
Ciphertext-Policy Attribute Based Encryption (CP-ABE) is a promising cryptographic primitive for fine-grained access control of shared data. In CP-ABE, each user is associated with a set of attributes and data are encrypted with access structures on attributes. A user is able to decrypt a ciphertext if and only if his attributes satisfy the ciphertext access structure. Beside this basic property, practical applications usually have other requirements. In this paper we focus on an important issue of attribute revocation which is cumbersome for CP-ABE schemes. In particular, we resolve this challenging issue by considering more practical scenarios in which semi-trustable on-line proxy servers are available. As compared to existing schemes, our proposed solution enables the authority to revoke user attributes with minimal effort. We achieve this by uniquely integrating the technique of proxy re-encryption with CP-ABE, and enable the authority to delegate most of laborious tasks to proxy servers. Formal analysis shows that our proposed scheme is provably secure against chosen ciphertext attacks. In addition, we show that our technique can also be applicable to the Key-Policy Attribute Based Encryption (KP-ABE) counterpart.
Conference Paper
Data outsourcing is becoming today a successful solution that allows users and organizations to exploit external servers for the distribution of resources. Some of the most challenging issues in such a scenario are the enforcement of authorization policies and the support of policy updates. Since a common approach for protecting the outsourced data consists in encrypting the data themselves, a promising ap-proach for solving these issues is based on the combination of access control with cryptography. This idea is in itself not new, but the problem of applying it in an outsourced architecture introduces several challenges. In this paper, we first illustrate the basic principles on which an architecture for combining access control and cryp-tography can be built. We then illustrate an approach for enforcing authorization policies and supporting dynamic au-thorizations, allowing policy changes and data updates at a limited cost in terms of bandwidth and computational power.
Conference Paper
Attributes define, classify, or annotate the datum to which they are assigned. However, traditional attribute architec- tures and cryptosystems are ill-equipped to provide security in the face of diverse access requirements and environments. In this paper, we introduce a novel secure information man- agement architecture based on emerging attribute-based en- cryption (ABE) primitives. A policy system that meets the needs of complex policies is defined and illustrated. Based on the needs of those policies, we propose cryptographic op- timizations that vastly improve enforcement e! ciency. We further explore the use of such policies in two example ap- plications: a HIPAA compliant distributed file system and a social network. A performance analysis of our ABE system and example applications demonstrates the ability to reduce cryptographic costs by as much as 98% over previously pro- posed constructions. Through this, we demonstrate that our attribute system is an e! cient solution for securely manag- ing information in large, loosely-coupled, distributed sys- tems.
Conference Paper
Attribute-based encryption (ABE) system enables an access control mechanism over encrypted data by specifying access policies among private keys and ciphertexts. There are two flavors of ABE, namely key-policy and ciphertext-policy, depending on which of private keys or ciphertexts that access policies are associated with. In this paper we propose a new cryptosystem called Broadcast ABE for both flavors. Broadcast ABE can be used to construct ABE systems with direct revocation mechanism. Direct revocation has a useful property that revocation can be done without affecting any non-revoked users; in particular, it does not require users to update keys periodically. For key-policy variant, our systems appear to be the first fully-functional directly revocable schemes. For ciphertext-policy variant, our systems improve the efficiency from the previously best revocable schemes; in particular, one of our schemes admits ciphertext and private key sizes roughly the same as the currently best (non-revocable) ciphertext-policy ABE. Broadcast ABE can also be utilized to construct multi-authority ABE in the disjunctive setting.
Conference Paper
Data outsourcing is emerging today as a successful paradigm allowing users and organizations to exploit external services for the distribution of resources. A crucial problem to be addressed in this context concerns the enforcement of selec- tive authorization policies and the support of policy updates in dynamic scenarios. In this paper, we present a novel solution to the enforce- ment of access control and the management of its evolution. Our proposal is based on the application of selective encryp- tion as a means to enforce authorizations. Two layers of encryption are imposed on data: the inner layer is imposed by the owner for providing initial protection, the outer layer is imposed by the server to reflect policy modifications. The combination of the two layers provides an efficient and ro- bust solution. The paper presents a model, an algorithm for the management of the two layers, and an analysis to iden- tify and therefore counteract possible information exposure risks.
Conference Paper
In Ciphertext-Policy Attribute-Based Encryption (CP-ABE), a user secret key is associated with a set of attributes, and the ciphertext is associated with an access policy over attributes. The user can decrypt the ciphertext if and only if the attribute set of his secret key satisfies the access policy specified in the ciphertext. Several CP-ABE schemes have been proposed, however, some practical problems, such as attribute revocation, still needs to be addressed. In this paper, we propose a mediated Ciphertext-Policy Attribute-Based Encryption (mCP-ABE) which extends CP-ABE with instantaneous attribute revocation. Furthermore, we demonstrate how to apply the proposed mCP-ABE scheme to securely manage Personal Health Records (PHRs).
Conference Paper
Protecting identity in the Internet age requires the ability to go beyond the identification of explicitly identifying infor- mation like social security numbers, to also find the broadly- held attributes that, when taken together, are identifying. We present a system that can work in conjunction with nat- ural language processing algorithms or user-generated tags, to protect identifying attributes in text. The system uses a new attribute-based encryption protocol to control access to such identifying attributes and thus protects identity. The system supports the definition of user access rights based on role or identity. We extend the existing model of attribute- based encryption to support threshold access rights and pro- vide a heuristic instantiation of revocation.
Article
Group communication can benefit from IP multicast to achieve scalable exchange of messages. However, there is a challenge of effectively controlling access to the transmitted data. IP multicast by itself does not provide any mechanisms for preventing nongroup members to have access to the group communication. Although encryption can be used to protect messages exchanged among group members, distributing the cryptographic keys becomes an issue. Researchers have proposed several different approaches to group key management. These approaches can be divided into three main classes: centralized group key management protocols, decentralized architectures and distributed key management protocols. The three classes are described here and an insight given to their features and goals. The area of group key management is then surveyed and proposed solutions are classified according to those characteristics.
Article
We construct an Attribute-Based Encryption (ABE) scheme that allows a user's private key to be expressed in terms of any access formula over attributes. Previous ABE schemes were limited to expressing only monotonic access structures. We provide a proof of security for our scheme based on the Decisional Bilinear Die-Hellman (BDH) assumption. Furthermore, the performance of our new scheme compares favorably with existing, less-expressive schemes.
Article
We deal with the problem of a center sending a message to a group of users such that some subset of the users is considered revoked and should not be able to obtain the content of the message. We concentrate on the stateless receiver case, where the users do not (necessarily) update their state from session to session. We present a framework called the Subset-Cover framework, which abstracts a variety of revocation schemes including some previously known ones. We provide sufficient conditions that guarantee the security of a revocation algorithm in this class. We describe two explicit Subset-Cover revocation algorithms; these algorithms are very flexible and work for any number of revoked users. The schemes require storage at the receiver of logN and 1 2log 2 N keys respectively (N is the total number of users), and in order to revoke r users the required message lengths are of rlogN and 2r keys respectively. We also provide a general traitor tracing mechanism that can be integrated with any Subset-Cover revocation scheme that satisfies a “bifurcation property”. This mechanism does not need an a priori bound on the number of traitors and does not expand the message length by much compared to the revocation of the same set of traitors. The main improvements of these methods over previously suggested methods, when adopted to the stateless scenario, are: (1) reducing the message length to O(r) regardless of the coalition size while maintaining a single decryption at the user’s end; (2) providing a seamless integration between the revocation and tracing so that the tracing mechanisms do not require any change to the revocation algorithm.
Conference Paper
In several distributed systems a user should only be able to access data if a user posses a certain set of credentials or attributes. Currently, the only method for enforcing such policies is to employ a trusted server to store the data and mediate access control. However, if any server storing the data is compromised, then the confidentiality of the data will be compromised. In this paper we present a system for realizing complex access control on encrypted data that we call Ciphertext-Policy Attribute-Based Encryption. By using our techniques encrypted data can be kept confidential even if the storage server is untrusted; moreover, our methods are secure against collusion attacks. Previous Attribute- Based Encryption systems used attributes to describe the encrypted data and built policies into user's keys; while in our system attributes are used to describe a user's credentials, and a party encrypting data determines a policy for who can decrypt. Thus, our methods are conceptually closer to traditional access control methods such as Role-Based Access Control (RBAC). In addition, we provide an implementation of our system and give performance measurements.
Conference Paper
We introduce a new type of Identity-Based Encryption (IBE) scheme that we call Fuzzy Identity-Based Encryption. In Fuzzy IBE we view an identity as set of descriptive attributes. A Fuzzy IBE scheme allows for a private key for an identity, ω, to decrypt a ciphertext encrypted with an identity, ω ′, if and only if the identities ω and ω ′ are close to each other as measured by the “set overlap” distance metric. A Fuzzy IBE scheme can be applied to enable encryption using biometric inputs as identities; the error-tolerance property of a Fuzzy IBE scheme is precisely what allows for the use of biometric identities, which inherently will have some noise each time they are sampled. Additionally, we show that Fuzzy-IBE can be used for a type of application that we term “attribute-based encryption”. In this paper we present two constructions of Fuzzy IBE schemes. Our constructions can be viewed as an Identity-Based Encryption of a message under several attributes that compose a (fuzzy) identity. Our IBE schemes are both error-tolerant and secure against collusion attacks. Additionally, our basic construction does not use random oracles. We prove the security of our schemes under the Selective-ID security model.
Computer Security Planning Study Air Force Electronic System Division
  • J Anderson
J. Anderson, " Computer Security Planning Study, " Air Force Electronic System Division, Technical Report 73-51, 1972.
Hur is with the University of Illinois at Urbana-Champaign, 4101 Siebel Center
  • Ieee Transactions On Parallel And Distributed
  • Systems
IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 22, NO. 7, JULY 2011. J. Hur is with the University of Illinois at Urbana-Champaign, 4101 Siebel Center, 201 North Goodwin Avenue, Urbana, IL 61801-2302.
Seo-gu, Daejeon 302-735, Republic of Korea. E-mail: donggeon.noh@gmail.com. Manuscript received 26 Recommended for acceptance by For information on obtaining reprints of this article, please send e-mail to: tpds@computer.org, and reference IEEECS Log Number
  • J C S Lui
E-mail: nsd0923@gmail.com.. D.K. Noh is with the Pai Chai University, 412 Information Science Building, 14 Yeon-Ja Gil, Seo-gu, Daejeon 302-735, Republic of Korea. E-mail: donggeon.noh@gmail.com. Manuscript received 26 May 2010; revised 4 Sept. 2010; accepted 20 Sept. 2010; published online 8 Nov. 2010. Recommended for acceptance by J.C.S. Lui. For information on obtaining reprints of this article, please send e-mail to: tpds@computer.org, and reference IEEECS Log Number TPDS-2010-05-0316.
Computer Security Planning Study,&rdquo, Air Force Electronic System Division
  • J Anderson
Bhattacharjee and D. Starin, &ldquo,Persona: An Online Social Network with User-Defined Privacy,&rdquo
  • R Baden
  • A Bender
  • N Spring
Waters, &ldquo,Secure Attribute-Based Systems,&rdquo
  • M Pirretti
  • P Traynor
  • P Mcdaniel
Waters, &ldquo,Fuzzy Identity-Based Encryption,&rdquo
  • A Sahai