Skip to main content
SpringerLink
Log in

Self-contained Data Protection Scheme Based on CP-ABE

  • Conference paper
  • First Online:
E-Business and Telecommunications (ICETE 2013)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 456))

Included in the following conference series:

Abstract

Self-protection capabilities of outsourced data become noteworthily important in cloud computing. Ciphertext-Policy Attribute Based Encryption (CP-ABE) can dynamically control the user group of the encrypted data by defining decryption attributes; hence has certain ability of access control. Although there are different schemes of CP-ABE, as far as we know, most of these schemes can only express simple policies with AND, OR and threshold attribute operations, which cannot support traditional access control policies. In order to effectively integrate access control with encryption to build a self-contained data protection mechanism, this paper proposed an Extended CP-ABE (ECP-ABE) scheme based on the existing CP-ABE scheme. The ECP-ABE scheme can express any Attribute Based Access Control (ABAC) policies represented by arithmetic comparison and logical expressions that involve \(NOT,<,\le ,>,\ge , [\ ], (\ ), (\ ]\) and \([\ )\) operators in addition to AND, OR and threshold operators. We prove the Chosen-plaintext Attack (CPA) security of our scheme under the Decisional Bilinear Diffie-Hellman (DBDH) assumption in the standard model, and also discuss the experimental results of the efficiency of ECP-ABE.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Samarati, P., di Vimercati, S.D.C.: Data protection in outsourcing scenarios: issues and directions. In: Proceedings of the 5th ACM Symposium on Informational Computer and Communications Security, ACM, pp. 1–14 (2010)

    Google Scholar 

  2. Vimercati, S.D.C.D., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Encryption policies for regulating access to outsourced data. ACM Trans. Database Syst. (TODS) 35, 12 (2010)

    Article  Google Scholar 

  3. Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)

    Chapter  Google Scholar 

  4. Sahai, A., Waters, B.: Fuzzy Identity-Based Encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  5. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, ACM, pp. 89–98 (2006)

    Google Scholar 

  6. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: 2007 IEEE Symposium on Security and Privacy, SP’07, IEEE, pp. 321–334 (2007)

    Google Scholar 

  7. Hur, J., Noh, D.K.: Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans. Parallel Distrib. Syst. 22, 1214–1221 (2011)

    Article  Google Scholar 

  8. Lang, B., Foster, I., Siebenlist, F., Ananthakrishnan, R., Freeman, T.: A flexible attribute based access control method for grid computing. J. Grid Comput. 7, 169–180 (2009)

    Article  Google Scholar 

  9. Wang, G., Liu, Q., Wu, J.: Hierarchical attribute-based encryption for fine-grained access control in cloud storage services. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, ACM, pp. 735–737 (2010)

    Google Scholar 

  10. Su, J.S., Cao, D., Wang, X.F., Sun, Y.P., Hu, Q.L.: Attribute based encryption schemes. J. Softw. 22, 1299–1315 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  11. Cheung, L., Newport, C.: Provably secure ciphertext policy ABE. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, ACM, pp. 456–465 (2007)

    Google Scholar 

  12. Goyal, V., Jain, A., Pandey, O., Sahai, A.: Bounded ciphertext policy attribute based encryption. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 579–591. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  13. Nishide, T., Yoneyama, K., Ohta, K.: Attribute-based encryption with partially hidden encryptor-specified access structures. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 111–129. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  14. Emura, K., Miyaji, A., Nomura, A., Omote, K., Soshi, M.: A ciphertext-policy attribute-based encryption scheme with constant ciphertext length. In: Bao, F., Li, H., Wang, G. (eds.) ISPEC 2009. LNCS, vol. 5451, pp. 13–23. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  15. Ibraimi, L., Tang, Q., Hartel, P., Jonker, W.: Efficient and provable secure ciphertext-policy attribute-based encryption schemes. In: Bao, F., Li, H., Wang, G. (eds.) ISPEC 2009. LNCS, vol. 5451, pp. 1–12. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  16. Shamir, A.: How to share a secret. Commun. ACM 22, 612–613 (1979)

    Article  MathSciNet  MATH  Google Scholar 

  17. Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  18. Junod, P., Karlov, A.: An efficient public-key attribute-based broadcast encryption scheme allowing arbitrary access policies. In: Proceedings of the Tenth Annual ACM Workshop on Digital Rights Management, ACM, pp. 13–24 (2010)

    Google Scholar 

  19. Chen, C., Zhang, Z., Feng, D.: Efficient ciphertext policy attribute-based encryption with constant-size ciphertext and constant computation-cost. In: Boyen, X., Chen, X. (eds.) ProvSec 2011. LNCS, vol. 6980, pp. 84–101. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  20. Li, J., Wang, Q., Wang, C., Ren, K.: Enhancing attribute-based encryption with attribute hierarchy. Mob. Netw. Appl. 16, 553–561 (2011)

    Article  Google Scholar 

  21. Attrapadung, N., Libert, B., de Panafieu, E.: Expressive key-policy attribute-based encryption with constant-size ciphertexts. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 90–108. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  22. Attrapadung, N., Herranz, J., Laguillaumie, F., Libert, B., De Panafieu, E., Ràfols, C.: Attribute-based encryption schemes with constant-size ciphertexts. Theor. Comput. Sci. 422, 15–38 (2012)

    Article  MATH  Google Scholar 

  23. Wan, Z., Liu, J., Deng, R.H.: Hasbe: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE Trans. Inf. Forensics Secur. 7, 743–754 (2012)

    Article  Google Scholar 

  24. Beimel, A.: Secure schemes for secret sharing and key distribution. Ph.D. thesis. Israel Institute of Technology, Technion, Haifa, Israel (1996)

    Google Scholar 

  25. Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

Download references

Acknowledgments

This work was supported by the National Natural Science Foundation of China (Grant No.61170088) and Foundation of the State Key Laboratory of Software Development Environment (Grant No. SKLSDE-2013ZX-05).

Author information

Authors and Affiliations

  1. State Key Laboratory of Software Development Environment, School of Computer Science and Engineering, Beihang University, Beijing, 100191, China

    Bo Lang, Runhua Xu & Yawei Duan

Authors
  1. Bo Lang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Runhua Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yawei Duan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bo Lang .

Editor information

Editors and Affiliations

  1. Department of Computer Science, Monmouth University, West Long Branch, New Jersey, USA

    Mohammad S. Obaidat

  2. Polytechnic Institute of Setúbal, INSTICC, Setúbal, Portugal

    Joaquim Filipe

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lang, B., Xu, R., Duan, Y. (2014). Self-contained Data Protection Scheme Based on CP-ABE. In: Obaidat, M., Filipe, J. (eds) E-Business and Telecommunications. ICETE 2013. Communications in Computer and Information Science, vol 456. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44788-8_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-44788-8_18

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-44787-1

  • Online ISBN: 978-3-662-44788-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation