Abstract
Cloud storage allows owners to host their data in the cloud, and provides users with online access anywhere and anytime. With CP-ABE, data owners are allowed to specify policy autonomously, which can realize fine-grained access control. However, some important problems have not been yet effectively solved: 1) Low efficiency for attribute revocation. 2) High computational cost on encryption and decryption. Even if direct revocation has been proposed for a user’s attributes, all ciphertexts with revoked attributes have to be re-encrypted. In this paper, we propose an access control scheme using version key to realize efficient direct cloud-aided attribute revocation without updating other user’s key or re-encrypting ciphertexts. Revocation of a user’s attributes just needs to update his own private key and version key stored in a cloud server, and most of decrypting work is transferred to the cloud. Moreover, we compare our scheme with two other schemes (DAC-MACS and HUR). The comparison shows a good trade-off between computation cost and storage overhead. Our simulation indicates that our scheme spends less time on a user’s attribute revocation.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Waters, B.: Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011)
Hohenberger, S., Waters, B.: Attribute-based encryption with fast decryption. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 162–179. Springer, Heidelberg (2013)
Yang, K., Jia, X., Ren, K., et al.: Dac-macs: Effective data access control for multi-authority cloud storage systems. In: 32th IEEE INFOCOM, pp. 2895–2903 (2013)
Yang, K., Jia, X.: DAC-MACS: Effective Data Access Control for Multi-Authority Cloud Storage Systems. In: Brauer, W. (ed.) GI 1973. LNCS, vol. 1, pp. 59–83. Springer, Heidelberg (1973)
Yang, K., Jia, X.: Attributed-based access control for multi-authority systems in cloud storage. In: 32th IEEE International Conference on Distributed Computing Systems (ICDCS), pp. 536–545 (2012)
Bobba, R., Khurana, H., Prabhakaran, M.: Attribute-sets: A practically motivated enhancement to attribute-based encryption. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 587–604. Springer, Heidelberg (2009)
Wan, Z., Liu, J., Deng, R.H.: HASBE: A hierarchical attribute-based solution for flexible and scalable access control in cloud computing. J. IEEE Transactions on Information Forensics and Security 12(7), 743–754 (2012)
Wan, Z., Liu, J., Zhang, R., et al.: A Collusion-Resistant Conditional Access System for Flexible-Pay-Per-Channel Pay-TV Broadcasting. J. IEEE Transactions on Multimedia 15(6), 1353–1364 (2013)
Ruj, S., Nayak, A., Stojmenovic, I.: DACC: Distributed access control in clouds. In: 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 91–98 (2011)
Zhu, Y., Hu, H., Ahn, G.J., et al.: Towards temporal access control in cloud computing. In: 31th IEEE INFOCOM, pp. 2576–2580 (2012)
Li, J., Huang, Q., Chen, X., et al.: Multi-authority ciphertext-policy attribute-based encryption with accountability. In: 6th ACM Symposium on Information, Computer and Communications Security, pp. 386–390 (2011)
Hur, J., Kang, K.: Secure Data Retrieval for Decentralized Disruption-Tolerant Military Networks. J. IEEE/ACM Transactions on Networking 22(1), 16–26 (2014)
Li, M., Yu, S., Zheng, Y., et al.: Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption. J. IEEE Transactions on Parallel and Distributed Systems. 24(1), 131–143 (2013)
Wu, Y., Wei, Z., Deng, R.H.: Attribute-Based Access to Scalable Media in Cloud-Assisted Content Sharing Networks. J. IEEE Transactions on Multimedia. 15(4), 778–788 (2013)
Müller, S., Katzenbeisser, S.: Hiding the policy in cryptographic access control. In: Meadows, C., Fernandez-Gago, C. (eds.) STM 2011. LNCS, vol. 7170, pp. 90–105. Springer, Heidelberg (2012)
Attrapadung, N., Imai, H.: Attribute-Based Encryption Supporting Direct/Indirect Revocation Modes. In: Parker, M.G. (ed.) Cryptography and Coding 2009. LNCS, vol. 5921, pp. 278–300. Springer, Heidelberg (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Shi, J., Huang, C., Wang, J., He, K., Wang, J. (2014). An Access Control Scheme with Direct Cloud-Aided Attribute Revocation Using Version Key. In: Sun, Xh., et al. Algorithms and Architectures for Parallel Processing. ICA3PP 2014. Lecture Notes in Computer Science, vol 8630. Springer, Cham. https://doi.org/10.1007/978-3-319-11197-1_33
Download citation
DOI: https://doi.org/10.1007/978-3-319-11197-1_33
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11196-4
Online ISBN: 978-3-319-11197-1
eBook Packages: Computer ScienceComputer Science (R0)