Multi-authority Decentralized Attribute-Based Authorization Framework

Sok, Kimheng; Colin, Jean Noël; Po, Kimtho

doi:10.1007/978-3-031-07478-3_2

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 451))

Included in the following conference series:

International Conference on Advanced Information Systems Engineering

402 Accesses

Abstract

The advancement in collaborative work among multiple institutions results in tremendous data sharing and, at the same time raises concerns about data security and privacy. Current systems are mostly built upon a centralized model, so the system requires one authority to concede another authority or mitigate trust to a trusted third party.

In this paper, we propose a multi-authority decentralized attribute-based authorization framework illustrated in an eHealth scenario that provides resilience and transparency, enforces data privacy, and allows each authority to enforce their access policy on the shared data. The framework operates on Blockchain technology and multi-authority attribute-based encryption. Our framework protects against malicious single authority who aims to grant permission to users to the shared data. Moreover, we optimize the user key structure that could reduce the key size of the key set by a factor of up to n! where n is the number of attributes in the user key to eliminate brute-force attacks. We implement the framework, show the system performance, and prove the efficiency of our proposed framework.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 44.99; Price excludes VAT (USA)

Softcover Book: USD 59.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Health Insurance Portability and Accoutnability Act HIPAA. https://www.hhs.gov/hipaa/index.html. Accessed 7 Sept 2021
General Data Protection Regulation. https://www.gdpr.eu. Accessed 7 Sept 2021
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008)
Google Scholar
Szabo, N.: The idea of smart contracts (1994)
Google Scholar
Adam, S., Sara, R., Luke, B.: MediChain: a secure decentralized medical data asset management system. IEEE (2018). https://doi.org/10.1109/Cybermatics_2018.2018.00258
Mark, N., Chien-Chung, S., Hao, G., Wanxin, L.: Access control for electronic health records with hybrid blockchain edge architecture. IEEE (2019)
Google Scholar
Hyperledger homepage. https://hyperledger.org. Accessed 7 Sept 2021
Aura, R., Damiano, P.M.: Blockchain based access control service. IEEE (2018). https://doi.org/10.1109/Cybermatics_2018.2018.00237
Chien-Chung, S., Hao, G., Ehsan, M.: Multi-authority attribute-based access control with smart contract. In: ICBCT (2019). https://doi.org/10.1145/3320154.3320164
Ethereum homepage. https://ethereum.org. Accessed 7 Sept 2021
Zhang, Y., Zheng, D., Chen, X., Li, J., Li, H.: Computationally efficient ciphertext-policy attribute-based encryption with constant-size ciphertexts. In: Chow, S.S.M., Liu, J.K., Hui, L.C.K., Yiu, S.M. (eds.) ProvSec 2014. LNCS, vol. 8782, pp. 259–273. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-12475-9_18
Chapter Google Scholar
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27
Chapter Google Scholar
Waters, B., Sahai, A.: Attribute based encryption for fine-grained access control of encrypted data. ACM (2006)
Google Scholar
Bethencourt, J., Sabai, A., Waters, B.: Ciphertext-policy attribute-based encryption. IEEE (2007)
Google Scholar
Water, B., Rouselakis, Y.: Efficient statically-secure large-universe multi-authority attribute-based encryption, pp. 315–332 (2015)
Google Scholar
Sok, K., Colin, J.N., Po, K.: Blockchain and internet of things opportunity and challenges, pp. 150–154. ACM (2018). https://doi.org/10.1145/3287921.3287933
Colin, J.N., Laurent, E.: A flexible and centralized approach for access control in heterogeneous IoT environment (2019). https://doi.org/10.4018/IJHIoT.2019010102

Download references

Author information

Authors and Affiliations

NaDI Research Institute, University of Namur, Namur, Belgium
Kimheng Sok & Jean Noël Colin
Institute of Technology of Cambodia, Phnom Penh, Cambodia
Kimtho Po

Authors

Kimheng Sok
View author publications
You can also search for this author in PubMed Google Scholar
Jean Noël Colin
View author publications
You can also search for this author in PubMed Google Scholar
Kimtho Po
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kimheng Sok .

Editor information

Editors and Affiliations

Chalmers | University of Gothenburg, Gothenburg, Sweden
Jennifer Horkoff
KU Leuven, Brussels, Belgium
Estefania Serral
Stockholm University, Stockholm, Sweden
Jelena Zdravkovic

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Sok, K., Colin, J.N., Po, K. (2022). Multi-authority Decentralized Attribute-Based Authorization Framework. In: Horkoff, J., Serral, E., Zdravkovic, J. (eds) Advanced Information Systems Engineering Workshops. CAiSE 2022. Lecture Notes in Business Information Processing, vol 451. Springer, Cham. https://doi.org/10.1007/978-3-031-07478-3_2

Download citation

DOI: https://doi.org/10.1007/978-3-031-07478-3_2
Published: 25 May 2022
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-07477-6
Online ISBN: 978-3-031-07478-3
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics