Skip to main content
SpringerLink
Log in

CEMAR: a fine grained access control with revocation mechanism for centralized multi-authority cloud storage

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Nowadays, many users outsource their data to a remote cloud server. Access control techniques are an indispensable tool to prevent unauthorized users from accessing the data stored in the remote server. Ciphertext-policy attribute-based encryption (CP-ABE) would be a promising tool to resolve the secure data sharing issues in cloud computing to facilitate the authorized users to access their data. Many of the CP-ABE-based existing works suffer from higher computational at the user end. We propose a scheme named centralized multi-authority cloud storage with revocation (CEMAR) to withstand challenging scenarios. In the proposed model, the decryption process is partly outsourced to the cloud server to reduce the computational burden at the user end without violating its security. Besides this, the required key is stored in the cloud server to improve the communication cost of the decryption process. Further, we used the Random-Oracle assumption to establish the soundness of the model under the chosen plain text attack and showed that CEMAR is secure.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Attrapadung N, Libert B, De Panafieu E (2011) Expressive key-policy attribute-based encryption with constant-size ciphertexts. In: International workshop on public key cryptography. Springer, pp 90–108

  2. Babenko M, Chervyakov N, Tchernykh A, Kucherov N, Deryabin M, Radchenko G, Navaux PO, Svyatkin V (2018) Security analysis of homomorphic encryption scheme for cloud computing: Known-plaintext attack. In: 2018 IEEE conference of Russian, young researchers in electrical and electronic engineering (EIConRus). IEEE, pp 270–274

  3. Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, 2007 SP’07. IEEE, pp 321–334

  4. Boneh D, Franklin M (2001) Identity-based encryption from the weil pairing. In: Annual International Cryptology Conference. Springer, pp 213–229

  5. Chase M (2007) Multi-authority attribute based encryption. In: Theory of cryptography conference. Springer, pp 515–534

  6. Chase M, Chow SS (2009) Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM Conference on Computer and Communications Security. ACM, pp 121–130

  7. Chen Y, Song L, Yang G (2016) Attribute-based access control for multi-authority systems with constant size ciphertext in cloud computing. China Commun 13(2):146–162

    Google Scholar 

  8. Dhal K, Pattnaik PK, Rai SC (2016a) Critique of some fine-grained access control models in cloud computing environment. In: 2016 International Conference on Information Technology (ICIT). IEEE, pp 206–211

  9. Dhal K, Pattnaik PK, Rai SC (2016b) Efficient attribute revocation scheme for multi-authority attribute cloud storage system. In: 2016 International Conference on Information Technology (ICIT). IEEE, pp 200–205

  10. Dhal K, Pattnaik PK, Rai SC (2019a) Racc: an efficient and revocable fine grained access control model for cloud storage. Int J Knowl Based Intell Eng Syst 23(1):21–32

    Google Scholar 

  11. Dhal K, Rai SC, Pattnaik PK, Tripathy S (2019b) Keysed: an efficient keyword based search over encrypted data in cloud environment. In: 2019 International Conference on Data Science and Engineering (ICDSE). IEEE, pp 133–138

  12. Dhal K, Rai SC, Pattnaik PK (2020) Likc: a liberty of encryption and decryption through imploration from k-cloud servers. J King Saud Univ Comput Inf Sci

  13. Doshi N, Jinwala D (2011) Constant ciphertext length in multi-authority ciphertext policy attribute based encryption. In: 2011 2nd International Conference on Computer and Communication Technology (ICCCT). IEEE, pp 451–456

  14. Emura K, Miyaji A, Nomura A, Omote K, Soshi M (2009) A ciphertext-policy attribute-based encryption scheme with constant ciphertext length. In: International Conference on Information Security Practice and Experience. Springer, pp 13–23

  15. Fan K, Liu M, Dong G, Shi W (2020) Enhancing cloud storage security against a new replay attack with an efficient public auditing scheme. J Supercomput 76(7):4857–4883

    Article  Google Scholar 

  16. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security. ACM, pp 89–98

  17. Guo R, Li X, Zheng D, Zhang Y (2020) An attribute-based encryption scheme with multiple authorities on hierarchical personal health record in cloud. J Supercomput 76(7):4884–4903

    Article  Google Scholar 

  18. Hur J (2013) Improving security and efficiency in attribute-based data sharing. IEEE Trans Knowl Data Eng 25(10):2271–2282

    Article  Google Scholar 

  19. Hur J, Noh DK (2011) Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans Parallel Distrib Syst 22(7):1214–1221

    Article  Google Scholar 

  20. Kocabas O, Soyata T (2015a) Towards privacy-preserving medical cloud computing using homomorphic encryption. In: Enabling Real-Time Mobile Cloud Computing Through Emerging Technologies. IGI Global, pp 213–246

  21. Kocabas O, Soyata T (2015b) Utilizing homomorphic encryption to implement secure and private medical cloud computing. In: 2015 IEEE 8th International Conference on Cloud Computing (CLOUD). IEEE, pp 540–547

  22. Lai J, Deng RH, Guan C, Weng J (2013) Attribute-based encryption with verifiable outsourced decryption. IEEE Trans Inf Forensics Security 8(8):1343–1354

    Article  Google Scholar 

  23. Lewko A, Waters B (2011) Decentralizing attribute-based encryption. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, pp 568–588

  24. Li X, Tang S, Xu L, Wang H, Chen J (2017) Two-factor data access control with efficient revocation for multi-authority cloud storage systems. IEEE Access 5:393–405

    Article  Google Scholar 

  25. Lindell Y, Katz J (2014) Introduction to modern cryptography. Chapman and Hall/CRC, London

    MATH  Google Scholar 

  26. Liu Z, Jiang ZL, Wang X, Yiu SM (2018) Practical attribute-based encryption. J Netw Comput Appl 108(C):112–123

    Article  Google Scholar 

  27. Nesterenko M, Patera J (2009) Quasicrystal models in cryptography. In: AIP Conference Proceedings, vol 1191. American Institute of Physics, pp 148–159

  28. Oppermann A, Grasso-Toro F, Yurchenko A, Seifert JP (2017) Secure cloud computing: communication protocol for multithreaded fully homomorphic encryption for remote data processing. In: 2017 IEEE International Symposium on Parallel and Distributed Processing with Applications and 2017 IEEE International Conference on Ubiquitous Computing and Communications (ISPA/IUCC). IEEE, pp 503–510

  29. Ostrovsky R, Sahai A, Waters B (2007) Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM, pp 195–203

  30. Qin B, Deng RH, Liu S, Ma S (2015) Attribute-based encryption with efficient verifiable outsourced decryption. IEEE Trans Inf Forensic Secur 10(7):1384–1393

    Article  Google Scholar 

  31. Ruj S, Nayak A, Stojmenovic I (2011) Dacc: Distributed access control in clouds. In: 2011 IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). IEEE, pp 91–98

  32. Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, pp 457–473

  33. Tebaa M, El Hajji S, El Ghazi A (2012) Homomorphic encryption applied to the cloud computing security. Proc World Congress Eng 1:4–6

    Google Scholar 

  34. Wu X, Jiang R, Bhargava B (2017) On the security of data access control for multiauthority cloud storage systems. IEEE Trans Serv Comput 10(2):258–272

    Article  Google Scholar 

  35. Yang K, Jia X (2012) Attributed-based access control for multi-authority systems in cloud storage. In: 2012 IEEE 32nd International Conference on Distributed Computing Systems (ICDCS). IEEE, pp 536–545

  36. Yang K, Jia X (2014a) Dac-macs: Effective data access control for multi-authority cloud storage systems. In: Security for cloud storage systems. Springer, pp 59–83

  37. Yang K, Jia X (2014b) Expressive, efficient, and revocable data access control for multi-authority cloud storage. IEEE Trans Parallel Distrib Syst 25(7):1735–1744

    Article  Google Scholar 

  38. Yu S, Wang C, Ren K, Lou W (2010) Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security. ACM, pp 261–270

  39. Zhang Y, Chen X, Li J, Wong DS, Li H, You I (2017) Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing. Inf Sci 379:42–61

    Article  Google Scholar 

  40. Zuo C, Shao J, Wei G, Xie M, Ji M (2018) CCA-secure ABE with outsourced decryption for fog computing. Future Gen Comput Syst 78:730–738

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of CSE, Silicon Institute of Technology, Bhubaneswar, Odisha, India

    K. Dhal & S. C. Rai

  2. School of Computer Engineering, KIIT University, Bhubaneswar, Odisha, India

    P. K. Pattnaik

  3. Department of CSE, Indian Institute of Technology, Patna, Bhita, Bihar, India

    S. Tripathy

Authors
  1. K. Dhal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. S. C. Rai
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. P. K. Pattnaik
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. S. Tripathy
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to K. Dhal.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Dhal, K., Rai, S.C., Pattnaik, P.K. et al. CEMAR: a fine grained access control with revocation mechanism for centralized multi-authority cloud storage. J Supercomput 78, 987–1009 (2022). https://doi.org/10.1007/s11227-021-03908-z

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-021-03908-z

Keywords

Search

Navigation