Abstract
With the popular application of cloud storage and the diversification of terminal devices, especially the widespread popularization of smart terminals. Users have more and more requirements for how to access information in the cloud safely and efficiently. Ciphertext policy attribute-based encryption (CP-ABE) is an effective method to achieve fine-grained access control of cloud data. However, the large decryption overhead is a potential problem of attribute-based encryption. In this paper, a CP-ABE access control scheme based on proxy re-encryption is proposed, it helps markedly reduce the user’s decryption overhead. Meanwhile, attribute revocation is provided for key update while ensuring fine-grained access control, and an improved decryption key generation method is proposed, which solves the data leakage problem caused by illegal stealing private key in the traditional CP-ABE scheme. A comparison with other CP-ABE schemes shows that our scheme has better decryption performance for mobile devices accessing cloud data.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Sukhodolskiy, I.A., Zapechnikov, S.V.: An access control model for cloud storage using attribute-based encryption. In: Young Researchers in Electrical and Electronic Engineering, pp. 578–581. IEEE (2017)
Wang, S., Zhou, J., Liu, J.K., et al.: An efficient file hierarchy attribute-based encryption scheme in cloud computing. IEEE Trans. Inf. Forensics Secur. 11(6), 1265–1277 (2016)
De, S.J., Ruj, S.: Efficient decentralized attribute based access control for mobile clouds. IEEE Trans. Cloud Comput. PP(99), 1 (2017)
Sun, G., Dong, Y., Li, Y.: CP-ABE based data access control for cloud storage. J. Commun. 32(7), 146–152 (2011)
Yang, G., Wang, D.-Y., Zhang, T., et al.: Attribute-based access control with multi-authority structure in cloud computing. J. Nanjing Univ. Posts Telecommun. (Nat. Sci.) 34(2), 1–9 (2014)
Goyal, V., Pandey, O., Sahai, A., et al.: Attribute-based encryption for fine-grained access control of encrypted data. In: ACM Conference on Computer and Communications Security, pp. 89–98. ACM (2006)
Yan, X., Meng, H.: Ciphertext policy attribute-based encryption scheme supporting direct revocation. J. Commun. 37(5), 44–50 (2016)
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, pp. 321–334. IEEE Computer Society (2007)
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27
Green, M., Hohenberger, S., Waters, B.: Outsourcing the decryption of ABE ciphertexts. In: Usenix Conference on Security, p. 34. USENIX Association (2011)
Zhang, R., Chen, P.S.: A dynamic cryptographic access control scheme in cloud storage services. J. Inf. Process. Manag. 4(1), 50–55 (2012)
Ohigashi, T., Nishimura, K., Aibara, R., et al.: Implementation and evaluation of secure outsourcing scheme for secret sharing scheme on cloud storage services. In: Computer Software and Applications Conference Workshops, pp. 78–83. IEEE (2014)
Hur, J.: Improving security and efficiency in attribute-based data sharing. IEEE Trans. Knowl. Data Eng. 25(10), 2271–2282 (2013)
Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19379-8_4
Acknowledgments
This research is supported by Education Information Research funded topic in Jiangsu Province (20172105), Nanjing University of Posts and Telecommunications Teaching Reform Project (JG06717JX66) and the special topic of Modern Educational Technology Research in Jiangsu province (2017-R-59518). The authors thank the sponsors for their support and the reviewers for helpful comments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Wang, H., Peng, Y. (2018). A CP-ABE Access Control Scheme Based on Proxy Re-encryption in Cloud Storage. In: Sun, X., Pan, Z., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2018. Lecture Notes in Computer Science(), vol 11064. Springer, Cham. https://doi.org/10.1007/978-3-030-00009-7_38
Download citation
DOI: https://doi.org/10.1007/978-3-030-00009-7_38
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00008-0
Online ISBN: 978-3-030-00009-7
eBook Packages: Computer ScienceComputer Science (R0)