Abstract
Nowadays, many users outsource their data to a remote cloud server. Access control techniques are an indispensable tool to prevent unauthorized users from accessing the data stored in the remote server. Ciphertext-policy attribute-based encryption (CP-ABE) would be a promising tool to resolve the secure data sharing issues in cloud computing to facilitate the authorized users to access their data. Many of the CP-ABE-based existing works suffer from higher computational at the user end. We propose a scheme named centralized multi-authority cloud storage with revocation (CEMAR) to withstand challenging scenarios. In the proposed model, the decryption process is partly outsourced to the cloud server to reduce the computational burden at the user end without violating its security. Besides this, the required key is stored in the cloud server to improve the communication cost of the decryption process. Further, we used the Random-Oracle assumption to establish the soundness of the model under the chosen plain text attack and showed that CEMAR is secure.
Similar content being viewed by others
References
Attrapadung N, Libert B, De Panafieu E (2011) Expressive key-policy attribute-based encryption with constant-size ciphertexts. In: International workshop on public key cryptography. Springer, pp 90–108
Babenko M, Chervyakov N, Tchernykh A, Kucherov N, Deryabin M, Radchenko G, Navaux PO, Svyatkin V (2018) Security analysis of homomorphic encryption scheme for cloud computing: Known-plaintext attack. In: 2018 IEEE conference of Russian, young researchers in electrical and electronic engineering (EIConRus). IEEE, pp 270–274
Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, 2007 SP’07. IEEE, pp 321–334
Boneh D, Franklin M (2001) Identity-based encryption from the weil pairing. In: Annual International Cryptology Conference. Springer, pp 213–229
Chase M (2007) Multi-authority attribute based encryption. In: Theory of cryptography conference. Springer, pp 515–534
Chase M, Chow SS (2009) Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM Conference on Computer and Communications Security. ACM, pp 121–130
Chen Y, Song L, Yang G (2016) Attribute-based access control for multi-authority systems with constant size ciphertext in cloud computing. China Commun 13(2):146–162
Dhal K, Pattnaik PK, Rai SC (2016a) Critique of some fine-grained access control models in cloud computing environment. In: 2016 International Conference on Information Technology (ICIT). IEEE, pp 206–211
Dhal K, Pattnaik PK, Rai SC (2016b) Efficient attribute revocation scheme for multi-authority attribute cloud storage system. In: 2016 International Conference on Information Technology (ICIT). IEEE, pp 200–205
Dhal K, Pattnaik PK, Rai SC (2019a) Racc: an efficient and revocable fine grained access control model for cloud storage. Int J Knowl Based Intell Eng Syst 23(1):21–32
Dhal K, Rai SC, Pattnaik PK, Tripathy S (2019b) Keysed: an efficient keyword based search over encrypted data in cloud environment. In: 2019 International Conference on Data Science and Engineering (ICDSE). IEEE, pp 133–138
Dhal K, Rai SC, Pattnaik PK (2020) Likc: a liberty of encryption and decryption through imploration from k-cloud servers. J King Saud Univ Comput Inf Sci
Doshi N, Jinwala D (2011) Constant ciphertext length in multi-authority ciphertext policy attribute based encryption. In: 2011 2nd International Conference on Computer and Communication Technology (ICCCT). IEEE, pp 451–456
Emura K, Miyaji A, Nomura A, Omote K, Soshi M (2009) A ciphertext-policy attribute-based encryption scheme with constant ciphertext length. In: International Conference on Information Security Practice and Experience. Springer, pp 13–23
Fan K, Liu M, Dong G, Shi W (2020) Enhancing cloud storage security against a new replay attack with an efficient public auditing scheme. J Supercomput 76(7):4857–4883
Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security. ACM, pp 89–98
Guo R, Li X, Zheng D, Zhang Y (2020) An attribute-based encryption scheme with multiple authorities on hierarchical personal health record in cloud. J Supercomput 76(7):4884–4903
Hur J (2013) Improving security and efficiency in attribute-based data sharing. IEEE Trans Knowl Data Eng 25(10):2271–2282
Hur J, Noh DK (2011) Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans Parallel Distrib Syst 22(7):1214–1221
Kocabas O, Soyata T (2015a) Towards privacy-preserving medical cloud computing using homomorphic encryption. In: Enabling Real-Time Mobile Cloud Computing Through Emerging Technologies. IGI Global, pp 213–246
Kocabas O, Soyata T (2015b) Utilizing homomorphic encryption to implement secure and private medical cloud computing. In: 2015 IEEE 8th International Conference on Cloud Computing (CLOUD). IEEE, pp 540–547
Lai J, Deng RH, Guan C, Weng J (2013) Attribute-based encryption with verifiable outsourced decryption. IEEE Trans Inf Forensics Security 8(8):1343–1354
Lewko A, Waters B (2011) Decentralizing attribute-based encryption. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, pp 568–588
Li X, Tang S, Xu L, Wang H, Chen J (2017) Two-factor data access control with efficient revocation for multi-authority cloud storage systems. IEEE Access 5:393–405
Lindell Y, Katz J (2014) Introduction to modern cryptography. Chapman and Hall/CRC, London
Liu Z, Jiang ZL, Wang X, Yiu SM (2018) Practical attribute-based encryption. J Netw Comput Appl 108(C):112–123
Nesterenko M, Patera J (2009) Quasicrystal models in cryptography. In: AIP Conference Proceedings, vol 1191. American Institute of Physics, pp 148–159
Oppermann A, Grasso-Toro F, Yurchenko A, Seifert JP (2017) Secure cloud computing: communication protocol for multithreaded fully homomorphic encryption for remote data processing. In: 2017 IEEE International Symposium on Parallel and Distributed Processing with Applications and 2017 IEEE International Conference on Ubiquitous Computing and Communications (ISPA/IUCC). IEEE, pp 503–510
Ostrovsky R, Sahai A, Waters B (2007) Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM, pp 195–203
Qin B, Deng RH, Liu S, Ma S (2015) Attribute-based encryption with efficient verifiable outsourced decryption. IEEE Trans Inf Forensic Secur 10(7):1384–1393
Ruj S, Nayak A, Stojmenovic I (2011) Dacc: Distributed access control in clouds. In: 2011 IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). IEEE, pp 91–98
Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, pp 457–473
Tebaa M, El Hajji S, El Ghazi A (2012) Homomorphic encryption applied to the cloud computing security. Proc World Congress Eng 1:4–6
Wu X, Jiang R, Bhargava B (2017) On the security of data access control for multiauthority cloud storage systems. IEEE Trans Serv Comput 10(2):258–272
Yang K, Jia X (2012) Attributed-based access control for multi-authority systems in cloud storage. In: 2012 IEEE 32nd International Conference on Distributed Computing Systems (ICDCS). IEEE, pp 536–545
Yang K, Jia X (2014a) Dac-macs: Effective data access control for multi-authority cloud storage systems. In: Security for cloud storage systems. Springer, pp 59–83
Yang K, Jia X (2014b) Expressive, efficient, and revocable data access control for multi-authority cloud storage. IEEE Trans Parallel Distrib Syst 25(7):1735–1744
Yu S, Wang C, Ren K, Lou W (2010) Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security. ACM, pp 261–270
Zhang Y, Chen X, Li J, Wong DS, Li H, You I (2017) Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing. Inf Sci 379:42–61
Zuo C, Shao J, Wei G, Xie M, Ji M (2018) CCA-secure ABE with outsourced decryption for fog computing. Future Gen Comput Syst 78:730–738
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Dhal, K., Rai, S.C., Pattnaik, P.K. et al. CEMAR: a fine grained access control with revocation mechanism for centralized multi-authority cloud storage. J Supercomput 78, 987–1009 (2022). https://doi.org/10.1007/s11227-021-03908-z
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-021-03908-z