Sage Journals: Discover world-class research

Abstract

Cloud data access control is a very important issue especially when data are outsourced into a third-party cloud server. Recently, some researchers are working to enhance the trust level of cloud users by developing the secured access control to store the data into a third-party server. CP-ABE (Ciphertext-Policy Attribute-Based Encryption) is a very fruitful technology for such situation providing a capability of encrypted data access control. The existing mechanisms for outsourced data access control are mostly centralized, where a single key distribution center works as attribute authority and generates attributes along with corresponding keys for all users. In some cases, multiple key distribution centers used to generate user attributes along with user secret keys to make the system decentralized. However, all such mechanisms are based on small universe CP-ABE, where attribute set need to define in the initial setup phase and therefore public parameters and ciphertext size are increased linearly with attribute numbers in the system. As the attribute numbers in an access control system in the cloud should not be defined initially or if new attribute required to add time to time in the system and the existing attribute may be required to revoke form the system, then small universe enabled CP-ABE is not scalable and efficient compared to large universe system. In a large universe system, initially the size of parameters is large but it makes the size of ciphertext short in the system. In the paper, we proposed an access control scheme using large universe CP-ABE with user revocation and to make more efficient using decryption computation outsourcing into the cloud. The proposed system helps efficiently decrypt the data using a lightweight device. We have analyzed the security, scalability, and performance of our proposed scheme with existing approaches with respect to communication and computation cost.

Keywords

Access control cloud computing data outsourcing collision resistance forward security backward security attribute revocation

Get full access to this article

View all access options for this article.

References

Debnath

and Bhuyan

, Efficient and scalable outsourced data access control with user revocation in the cloud: A comprehensive study, Multiagent and Grid Systems 14(14) (2018), 383–401.

Sahai

and Waters

, Fuzzy identity-based encryption, in: Annual International Conference on the Theory and Applications of Cryptographic Techniques, Springer, 2005, pp. 457–473.

Goyal

Pandey

Sahai

and Waters

, Attribute-based encryption for fine-grained access control of encrypted data, in: Proceedings of the 13th ACM Conference on Computer and Communications Security, ACM, 2006, pp. 89–98.

Cheung

and Newport

, Provably secure ciphertext policy abe, in: Proceedings of the 14th ACM Conference on Computer and Communications Security, ACM, 2007, pp. 456–465.

Ning

Cao

Dong

Wei

and Lin

, Large universe ciphertext-policy attribute-based encryption with white-box traceability, in: European Symposium on Research in Computer Security, Springer, 2014, pp. 55–72.

Waters

, Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization, in: International Workshop on Public Key Cryptography, Springer, 2011, pp. 53–70.

Melissa

, Multi-authority attribute based encryption, in: Theory of Cryptography Conference, Springer, 2007, pp. 515–534.

Xiong

and Liu

, Large universe decentralized key policy attribute based encryption, Security and Communication Networks 8(3) (2015), 501–509.

Green

Hohenberger

and Waters

, Outsourcing the decryption of ABE ciphertexts, In USENIX Security Symposium 2011(3) (2011, August).

10.

Lewko

Okamoto

Sahai

Takashima

and Waters

, Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption, in: Annual International Conference on the Theory and Applications of Cryptographic Techniques, Springer, 2010, pp. 62–91.

11.

Rouselakis

and Waters

, Efficient statically-secure large-universe multi-authority attribute-based encryption, in: International Conference on Financial Cryptography and Data Security, Springer, 2015, pp. 315–332.

12.

Nie

and Li

, Large universe attribute based access control with efficient decryption in cloud storage system, Journal of Systems and Software 135 (2018), 157–164.

13.

Liu

and Wong

D.S.

, Practical attribute-based encryption: traitor tracing, revocation and large universe, The Computer Journal 59(7) (2016), 983–1004.

14.

Yang

Jia

Ren

Zhang

and Xie

, Dac-macs: Effective data access control for multiauthority cloud storage systems, IEEE Transactions on Information Forensics and Security 8(11) (2013), 1790–1801.

15.

Debnath

Sahana

S.C.

and Bhuyan

, A distributed fine-grained access control mechanism for cloud data outsourcing, Science & Technology Journal 3(2) (2015), 78–85.

16.

Liu

Xiong

and Chen

, Secure, efficient and revocable multi-authority access control system in cloud storage, Computers & Security 59 (2016), 45–59.

17.

Yang

Jia

and Ren

, Secure and verifiable policy update outsourcing for big data access control in the cloud, IEEE Trans. Parallel Distrib. Syst. 26(12) (2015), 3461–3470.

18.

Fan

Wang

and Yang

, A secure and verifiable outsourced access control scheme in fog-cloud computing, Sensors 17(7) (2017), 1695.

19.

Huang

Yang

and Wang

, Secure data access control with ciphertext update and computation outsourcing in fog computing for internet of things, IEEE Access 5 (2017), 12941–12950.

20.

Zhang

Chen

Liu

J.K.

Liang

and Liu

, An efficient access control scheme with outsourcing capability and attribute update for fog computing, Future Generation Computer Systems 78 (2018), 753–762.

21.

Zuo

Shao

Wei

Xie

and Ji

, Cca-secure abe with outsourced decryption for fog computing, Future Generation Computer Systems 78 (2018), 730–738.

22.

Debnath

and Bhuyan

, An Expressive Access Control Mechanism with user Revocation for Cloud Data Outsourcing, in: Proceedings of the International Conference on Electrical, Electronics, Computers, Communication & Computing, IEEE, Vol. 3, 2018, pp. 250–256.

23.

Akinyele

J.A.

Garman

Miers

Pagano

M.W.

Rushanan

Green

and Rubin

A.D.

, Charm: a framework for rapidly prototyping cryptosystems, Journal of Cryptographic Engineering 3(2) (2013), 111–128.

Large universe attribute based encryption enabled secured data access control for cloud storage with computation outsourcing

Abstract

Keywords

Get full access to this article

References