Abstract
For mobile applications, mobile cloud computing (MCC) presents a revolutionary paradigm that allows mobile users to compute and store data on resource-rich cloud servers. However, this poses some problems for fine-grained access control, secure data storage, and user anonymity. On encrypted data, attribute-based encryption (ABE) provides, a fine-grained access control policy, and therefore applicable to provide authorized data privacy in the cloud storage. Nevertheless, in ABE, attributes assigned to a user are static, which presents the main problem. Therefore, as part of the encryption scheme it is advised to use the location. When the attributes of user are changed, attribute revocation supporting ABE is required to change user’s access privilege in a timely and efficient manner. In this paper, we propose an access control system based on multi-authority attributes supplied anonymity of users, protect user’s identity from malicious authorities and support the coexistence of authorities. Our scheme employs as policy some location range constraints with ABE and then users whose dynamic locations and time satisfying these access policies are authorized. Scyther tool is used to verify the security and analyze the correctness of the proposal followed by experiments to demonstrate its effectiveness. Our evaluation is based, in terms of computation time, on Java realization for CP-ABE (ciphertext policy-ABE) toolkit and it uses JPBC (Java pairing-based cryptography) library.
Similar content being viewed by others
Data availability
Not applicable.
Code availability
Not applicable.
References
Merdassi I, Ghazel C, Saidane L (2019) Private Security for the Cloud Mobile via a Strong Authentication Method. The 16th International Conference on Cooperative Design, Virtualization and Engineering (CDVE 2019) Proceedings. Lecture Notes in Computer Science (LNCS). Springer, Spain, pp 190–200
Yang K, Jia X, Ren K (2015) Secure and verifiable policy update outsourcing for big data access control in the cloud. IEEE Trans Parallel Distrib Syst 26:3461–3470
Sahai A, Waters B (2005) Fuzzy identity-based encryption. Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin Heidelberg, pp 457–473
Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria Virginia USA, pp 89–98
Chase M (2007) Multi-authority attribute based encryption. Theory of cryptography conference. Springer, Berlin Heidelberg, pp 515–534
Denisow I, Zickau S, Beierle F, Kupper A (2015) Dynamic location information in attribute-based encryption schemes. The 9th International Conference on Next Generation Mobile Applications Services and Technologies IEEE. Cambridge United Kingdom, Cambridge, pp 240–247
Androulaki E, Soriente C, Malisa L, Capkun S (2014) Enforcing location and time-based access control on cloud-stored data. In: The 34th International Conference on Distributed Computing Systems IEEE, Madrid Spain, pp 637-648
Zhu Y, Ma D, Huang D, Hu C (2013) Enabling secure location-based services in mobile cloud computing. In: The 13th Proceedings of the second ACM SIGCOMM workshop on Mobile cloud computing, Hong Kong China, pp. 27-32
Shao J, Lu R, Lin X (2014) FINE: A fine-grained privacy-preserving location-based service framework for mobile devices. In: IEEE INFOCOM 2014-IEEE Cconference on Computer Communications IEEE, Toronto ON Canada, pp 244–252
Jasim A.C, Hassoon I.A, Tapus N (2019) Cloud: Privacy for Locations Based-services’ through Access Control with dynamic multi-level policy. In: The 6th International Conference on Control, Decision and Information Technologies (CoDIT), Paris France, pp 1911–1916
Bouchaala M, Ghazel C, Saidane L (2021) TRAK-CPABE: A Novel traceable, revocable and accountable ciphertext-policy attribute-based encryption scheme in cloud computing. J Inform Secur Appl 61(10):190–200
Zheng F, Peng X, Li Z (2022) An efficient User’s attribute revocation scheme suitable for data outsourcing in cloud storage. Wireless Commun Mobile Comput. https://doi.org/10.1155/2022/5175754
Li Q, Ma J, Li R, Liu X, Xiong J, Chen D (2016) Secure, efficient and revocable multi-authority access control system in cloud storage. Comput Secur 59:45–59. https://doi.org/10.1016/j.cose.2016.02.002
Zhu Y, Hu H, Ahn G, Yu M, Zhao H (2012) Comparison based encryption for fine-grained access control in clouds. In: Proceedings of the Second ACM Conference on Data and Application Security and Privacy, New York, pp 105-116
Wang Z, Huang D, Zhu Y, Li B, Chung CJ (2015) Efficient attribute-based comparable data access control. IEEE Trans Comput 64(12):3430–3443
Waters B (2011) Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. Public key cryptography-PKC 2011, vol 6571. Springer, Berlin Heidelberg, pp 53–70
Bethencourt J, Sahai A, Waters B (2007) Ciphertext-Policy Attribute-Based Encryption. In: IEEE symposium on security and privacy (SP ’07), Berkeley France
Beimel A (1996) Secure Schemes for Secret Sharing and Key Distribution. PhD thesis, Dept. of Computer Science, Technion-Israel Institute of technology
Cremers C (2016) The scyther tool. www.cs.ox.ac.uk/people/cas.cremers/scyther/ [Online; Accessed on June 10, 2016]
Xie M, Ruan Y, Hong H, Shao J (2021) A CP-ABE scheme based on multi-authority in hybrid clouds for mobile devices. Futur Gener Comput Syst 121:114–122. https://doi.org/10.1016/j.future.2021.03.021
Li J, Zhang Y, Ning J, Huang X, Sen Poh G, Wang D (2022) Attribute based encryption with privacy protection and accountability for CloudIoT. IEEE Trans Cloud Comput. https://doi.org/10.1109/TCC.2020.2975184
Li W, Xue K, Xue Y, Hong J (2016) TMACS: a robust and verifiable threshold multi-authority access control system in public cloud storage. IEEE Trans Parallel Distrib Syst 27(5):1484–1496
Yang K, Jia X (2013) DAC-MACS: Effective data access control for multi-authority cloud storage systems. IEEE Trans Inf Forensics Secur 8(11):1790–1801
De Caro A, Iovino V (2011) jPBC: Java Pairing Based Cryptography. In: IEEE symposium on computers and communications (ISCC), Kerkyra Greece, pp 850–855
Liu Z, Jiang ZL, Wang X, Yiu SM (2018) Practical attribute-based encryption: outsourcing decryption, attribute revocation and policy updating. J Netw Comput Appl 108:112–123
Huang K (2021) secure efficient revocable large universe multi-authority attribute-based encryption for cloud-aided IoT. IEEE Access 9:53576–53588. https://doi.org/10.1109/ACCESS.2021.3070907
Qian H, Jing S, Hong X, Yong W (2020) HABEm: hierarchical attribute based encryption with multi-authority for the mobile cloud service. In: 2020 IEEE/CIC International Conference on Communications in China (ICCC), Chongqing China, pp 524–529
Huang K (2021) Secure efficient revocable large universe multi-authority attribute-based encryption for cloud-aided IoT. IEEE Access 9:53576–53588. https://doi.org/10.1109/ACCESS.2021.3070907
Das S, Namasudra S (2022) MACPABE: Multi-Authority-based CP-ABE with efficient attribute revocation for IoT-enabled healthcare infrastructure. International Journal of Network Management, e2200
Li W, Xue K, Xue Y, Hong J (2016) TMACS: a robust and verifiable threshold multi-authority access control system in public cloud storage. IEEE Trans Parallel Distrib Syst 27(5):1484–96. https://doi.org/10.1109/TPDS.2015.2448095
Funding
Not applicable.
Author information
Authors and Affiliations
Contributions
Not applicable
Corresponding author
Ethics declarations
Conflict of interest
Not applicable.
Ethics approval
Not applicable.
Consent to participate
Not applicable.
Consent for publication
Not applicable.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Merdassi, I., Ghazel, C. & Saidane, L. A new LTMA-ABE location and time access security control scheme for mobile cloud. J Supercomput 79, 12074–12105 (2023). https://doi.org/10.1007/s11227-023-05107-4
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-023-05107-4