Abstract
CP-ABE (Cipher-text Policy Attribute Based Encryption) can help providing reliable, fine-grained access control in untrusted cloud storage environment, since users can access to data files only if their attributes satisfy the access policies associated with the files. However, CP-ABE has two main drawbacks: its policies are not expressed using standard languages and it can’t support non-monotonic policies. So we extended CP-ABE to support XACML (eXtensible Access Control Markup Language) based policy transformation and to support logical NOT in policies through De Morgan’s Laws. And then we applied it to a secure overlay cloud storage system called FADE to deploy access control for Amazon S3 cloud storage service. The simulation results show that our proposal is practical and time efficient.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: Proceedings of the 2007 IEEE symposium on security and privacy ieee computer society, pp 321–334
eXtensible Access Control Markup Language (XACML) Version 3.0 (2013). http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html
CPABE toolkit (2011). http://hms.isi.jhu.edu/acsc/cpabe/
Tang Y, Lee PPC, Lui JCS, Perlman R (2012) Secure overlay cloud storage with access control and assured deletion. IEEE Trans Dependable Sec Comput 9(6):903–916
FADE - Secure Overlay Cloud Storage with File Assured Deletion (2011). http://ansrlab.cse.cuhk.edu.hk/software/fade/
The XML C parser and toolkit of Gnome libxml (2015). http://xmlsoft.org/
De Morgan’s laws (2015). http://en.wikipedia.org/wiki/De_Morgans_laws
Shamir A (1979) How to share a secret. Commun ACM 22(11):612–613
Shamir’s Secret Sharing Scheme (2013). http://point-at-infinity.org/ssss/
Blind signature (2014). http://en.wikipedia.org/wiki/Blind_signature
Acknowledgments
This work is supported by the Key Project of National Defense Basic Research Program of China under Grant No. B1120132031, and by the Opening Project of Key Lab of Information Network Security of Ministry of Public Security (The Third Research Institute of Ministry of Public Security) of China under Grant No.C10604.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing Switzerland
About this paper
Cite this paper
Wang, Y., Wei, L., Tong, X., Zhao, X., Li, M. (2017). CP-ABE Based Access Control for Cloud Storage. In: Balas, V., Jain, L., Zhao, X. (eds) Information Technology and Intelligent Transportation Systems. Advances in Intelligent Systems and Computing, vol 455. Springer, Cham. https://doi.org/10.1007/978-3-319-38771-0_45
Download citation
DOI: https://doi.org/10.1007/978-3-319-38771-0_45
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-38769-7
Online ISBN: 978-3-319-38771-0
eBook Packages: EngineeringEngineering (R0)