Abstract
To manage dynamic access control and deter pirate attacks on outsourced databases, a dynamic access control scheme with tracing is proposed. In our scheme, we introduce the traitor tracing idea into outsource databases, and employ a polynomial function and filter function as the basic means of constructing encryption and decryption procedures to reduce computation, communication, and storage overheads. Compared to previous access control schemes for outsourced databases, our scheme can not only protect sensitive data from leaking and perform scalable encryption at the server side without shipping the outsourced data back to the data owner when group membership is changed, but also provide trace-and-revoke features. When malicious users clone and sell their decryption keys for profit, our scheme can trace the decryption keys to the malicious users and revoke them. Furthermore, our scheme avoids massive message exchanges for establishing the decryption key between the data owner and the user. Compared to previously proposed publickey traitor tracing schemes, our scheme can simultaneously achieve full collusion resistance, full recoverability, full revocation, and black-box traceability. The proof of security and analysis of performance show that our scheme is secure and efficient.
Similar content being viewed by others
References
Hacigümüus H, Iyer B, Mehrotra S, Li C. Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of the ACM SIGMOD’2002. 2002, 216–227
Agrawal R, Kierman J, Srikant R, Xu Y. Order preserving encryption for numeric data. In: Proceedings of ACM SIGMOD 2004. 2004, 563–574
Damiani E, Di Vimercati S D C, Foresti S, Jajodia S, Paraboschi S, Samarati P. Metadata management in outsourced encrypted databases. In: Proceedings of the 2nd VLDB Workshop on Secure Data Management. Norway, 2005, 16–32
Brinkman R, Doumen J, Jonker W. Using secret sharing for searching in encrypted data. In: Proceedings of the Secure Data Management Workshop. 2004, 18–27
Paraboschi S, Samarati P. Modeling and assessing inference exposure in encrypted databases. ACM Transactions on Information and System Security, 2005, 8(1): 119–152
Lanovenko A, Guo H. Dynamic group key management in outsourced databases. In: Proceedings of the World Congress on Engineering and Computer Science. 2007, 22–28
Di Vimercati S D C, Foresti S, Jajodia S, Paraboschi S, Samarati P. Over-encryption: management of access control evolution on outsourced data. In: Proceedings of the 33rd International Conference on Very Large Data Bases. 2007, 123–134
Liu S, Li W, Wang LY. Towards efficient over-encryption in outsourced databases using secret sharing. New Technologies, Mobilety and Security, Morocco, 2008, 1–5
Weng J, Chen M R, Chen K F, Deng R H. Cryptanalysis of a hierarchical identity-based encryption scheme. IEICE Transaction, 2010, 94-A(4): 854–856
Wang W, Li Z W, Owens R, Bhargava B. Secure and efficient access to outsourced data. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security, 2009, 55–56
Dai J, Zhou Q. A PKI-based mechanism for secure and efficient access to outsourced data. Networking and Digital Society, 2010, 640–643
Watanabe Y, Hanaoka G, Imai H. Efficient asymmetric public-key traitor tracing without trusted agents. In: Proceedings of CT-RSA 2001. Berlin: Springer-Verlag, 2001, 392–407
McGregor J P, Yin Y L, Ruby B. A traitor tracing scheme based on RSA for fast decryption. In: Proceedings of ACNS 2005. Berlin: Springer-Verlag, 2005, 56–75
Tatsuyuki M, Hideki I. A public-key black-box traitor tracing scheme with sublinear ciphertext size against self-defensive pirates. In: Proceedings of ASIACRYPT 2004. 2004, 260–275
Tzeng W G, Tzeng Z J. A public-key traitor tracing scheme with revocation using dynamic share. Designs, Codes and Cryptography, 2005, 35(1): 47–61
Dodis Y, Fazio N, Kiayias A, Yung M. Scalable public-key tracing and revoking. Distributed Computing, 2005, 17(4): 323–347
Wang Q L, Yang B, Han Z, Geng X H. Collusion-free public-key traitor tracing scheme. Journal on Communications, 2006, 27(12): 6–9
Boneh D, Sahai A, Waters B. Fully collusion resistant traitor tracing with short ciphertexts and private keys. In: Proceedings of the 13th ACM Conf on Computer and Communications Security. 2006, 211–220
Wang Q L, Han Z, Yang B. A traitor tracing scheme based on bilinear map. Journal of Computer Research and Developmen, 2009, 46(3): 384–389
Boneh D, Waters B. A full collusion resistant broadcast, trace, and revoke system. In: Proceedings of EUROCRYPT 2006. Berlin: Springer-Verlag, 2006, 573–592
Author information
Authors and Affiliations
Corresponding author
Additional information
Xiaoming Wang received her PhD in mathematics from Nankai University, China and is currently a professor of the Department of Computer Science at Jinan University, China. Her current research interests include cryptography and information security.
Guoxiang Yao is currently a professor and PhD supervisor of the College of Information Science and Technology at Jinan University, China. His main research fields are network security and cloud computing security.
Rights and permissions
About this article
Cite this article
Wang, X., Yao, G. Access control scheme with tracing for outsourced databases. Front. Comput. Sci. 6, 677–685 (2012). https://doi.org/10.1007/s11704-012-1193-0
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11704-012-1193-0