Abstract
Cloud storage allows owners to host their data in the cloud, and provides users with online access anywhere and anytime. With CP-ABE, data owners are allowed to specify policy autonomously, which can realize fine-grained access control. However, some important problems have not been yet effectively solved: 1) Low efficiency for attribute revocation. 2) High computational cost on encryption and decryption. Even if direct revocation has been proposed for a user’s attributes, all ciphertexts with revoked attributes have to be re-encrypted. In this paper, we propose an access control scheme using version key to realize efficient direct cloud-aided attribute revocation without updating other user’s key or re-encrypting ciphertexts. Revocation of a user’s attributes just needs to update his own private key and version key stored in a cloud server, and most of decrypting work is transferred to the cloud. Moreover, we compare our scheme with two other schemes (DAC-MACS and HUR). The comparison shows a good trade-off between computation cost and storage overhead. Our simulation indicates that our scheme spends less time on a user’s attribute revocation.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Waters, B.: Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011)
Hohenberger, S., Waters, B.: Attribute-based encryption with fast decryption. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 162–179. Springer, Heidelberg (2013)
Yang, K., Jia, X., Ren, K., et al.: Dac-macs: Effective data access control for multi-authority cloud storage systems. In: 32th IEEE INFOCOM, pp. 2895–2903 (2013)
Yang, K., Jia, X.: DAC-MACS: Effective Data Access Control for Multi-Authority Cloud Storage Systems. In: Brauer, W. (ed.) GI 1973. LNCS, vol. 1, pp. 59–83. Springer, Heidelberg (1973)
Yang, K., Jia, X.: Attributed-based access control for multi-authority systems in cloud storage. In: 32th IEEE International Conference on Distributed Computing Systems (ICDCS), pp. 536–545 (2012)
Bobba, R., Khurana, H., Prabhakaran, M.: Attribute-sets: A practically motivated enhancement to attribute-based encryption. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 587–604. Springer, Heidelberg (2009)
Wan, Z., Liu, J., Deng, R.H.: HASBE: A hierarchical attribute-based solution for flexible and scalable access control in cloud computing. J. IEEE Transactions on Information Forensics and Security 12(7), 743–754 (2012)
Wan, Z., Liu, J., Zhang, R., et al.: A Collusion-Resistant Conditional Access System for Flexible-Pay-Per-Channel Pay-TV Broadcasting. J. IEEE Transactions on Multimedia 15(6), 1353–1364 (2013)
Ruj, S., Nayak, A., Stojmenovic, I.: DACC: Distributed access control in clouds. In: 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 91–98 (2011)
Zhu, Y., Hu, H., Ahn, G.J., et al.: Towards temporal access control in cloud computing. In: 31th IEEE INFOCOM, pp. 2576–2580 (2012)
Li, J., Huang, Q., Chen, X., et al.: Multi-authority ciphertext-policy attribute-based encryption with accountability. In: 6th ACM Symposium on Information, Computer and Communications Security, pp. 386–390 (2011)
Hur, J., Kang, K.: Secure Data Retrieval for Decentralized Disruption-Tolerant Military Networks. J. IEEE/ACM Transactions on Networking 22(1), 16–26 (2014)
Li, M., Yu, S., Zheng, Y., et al.: Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption. J. IEEE Transactions on Parallel and Distributed Systems. 24(1), 131–143 (2013)
Wu, Y., Wei, Z., Deng, R.H.: Attribute-Based Access to Scalable Media in Cloud-Assisted Content Sharing Networks. J. IEEE Transactions on Multimedia. 15(4), 778–788 (2013)
Müller, S., Katzenbeisser, S.: Hiding the policy in cryptographic access control. In: Meadows, C., Fernandez-Gago, C. (eds.) STM 2011. LNCS, vol. 7170, pp. 90–105. Springer, Heidelberg (2012)
Attrapadung, N., Imai, H.: Attribute-Based Encryption Supporting Direct/Indirect Revocation Modes. In: Parker, M.G. (ed.) Cryptography and Coding 2009. LNCS, vol. 5921, pp. 278–300. Springer, Heidelberg (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Shi, J., Huang, C., Wang, J., He, K., Wang, J. (2014). An Access Control Scheme with Direct Cloud-Aided Attribute Revocation Using Version Key. In: Sun, Xh., et al. Algorithms and Architectures for Parallel Processing. ICA3PP 2014. Lecture Notes in Computer Science, vol 8630. Springer, Cham. https://doi.org/10.1007/978-3-319-11197-1_33
Download citation
DOI: https://doi.org/10.1007/978-3-319-11197-1_33
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11196-4
Online ISBN: 978-3-319-11197-1
eBook Packages: Computer ScienceComputer Science (R0)