Accountable privacy preserving attribute based framework for authenticated encrypted access in clouds

Abstract In this paper, we propose an accountable privacy preserving attribute-based framework, called Ins-PAbAC , that combines attribute based encryption and attribute based signature techniques for securely sharing outsourced data contents via public cloud servers. The proposed framework presents several advantages. First, it provides an encrypted access control feature, enforced at the data owner’s side, while providing the desired expressiveness of access control policies. Second, Ins-PAbAC preserves users’ privacy, relying on an anonymous authentication mechanism, derived from a privacy preserving attribute based signature scheme that hides the users’ identifying information. Furthermore, our proposal introduces an accountable attribute based signature that enables an inspection authority to reveal the identity of the anonymously-authenticated user if needed. Third, Ins-PAbAC is provably secure, as it is resistant to both curious cloud providers and malicious users adversaries. Finally, experimental results, built upon OpenStack Swift testbed, point out the applicability of the proposed scheme in real world scenarios.

[1]  Mohamed Mohamed,et al.  Coop-DAAB: Cooperative Attribute Based Data Aggregation for Internet of Things Applications , 2018, OTM Conferences.

[2]  Wenfen Liu,et al.  Secure and Efficient Attribute-Based Access Control for Multiauthority Cloud Storage , 2018, IEEE Systems Journal.

[3]  Joaquín García,et al.  PCS , A Privacy-Preserving Certification Scheme , 2017, DPM/CBT@ESORICS.

[4]  Ratna Dutta,et al.  Efficient attribute-based signature and signcryption realizing expressive access structures , 2015, International Journal of Information Security.

[5]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[6]  F. Richard Yu,et al.  Securing Outsourced Data in the Multi-Authority Cloud with Fine-Grained Access Control and Efficient Attribute Revocation , 2017, Comput. J..

[7]  Yixian Yang,et al.  Secure and efficient data collaboration with hierarchical attribute-based encryption in cloud computing , 2017, Future Gener. Comput. Syst..

[8]  Feng Lin,et al.  Efficient decentralized multi-authority attribute based encryption for mobile cloud data storage , 2019, J. Netw. Comput. Appl..

[9]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[10]  Dongqing Xie,et al.  Attribute-based signature and its applications , 2010, ASIACCS '10.

[11]  Giovanni Russello,et al.  PU-ABE: Lightweight Attribute-Based Encryption Supporting Access Policy Update for Cloud Assisted IoT , 2018, 2018 IEEE 11th International Conference on Cloud Computing (CLOUD).

[12]  Jing Ma,et al.  Data security and privacy information challenges in cloud computing , 2018, Int. J. Comput. Sci. Eng..

[13]  Xu An Wang,et al.  Controlled secure social cloud data sharing based on a novel identity based proxy re-encryption plus scheme , 2019, J. Parallel Distributed Comput..

[14]  Nesrine Kaaniche,et al.  Attribute-Based Signatures for Supporting Anonymous Certification , 2016, ESORICS.

[15]  Ali El Kaafarani,et al.  Decentralized Traceable Attribute-Based Signatures , 2014, CT-RSA.

[16]  Zhiguang Qin,et al.  Attribute-based Encryption with Non-Monotonic Access Structures Supporting Fine-Grained Attribute Revocation in M-healthcare , 2017, Int. J. Netw. Secur..

[17]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[18]  Sushmita Ruj,et al.  Decentralized Access Control with Anonymous Authentication of Data Stored in Clouds , 2014, IEEE Transactions on Parallel and Distributed Systems.

[19]  Jie Wu,et al.  Hierarchical attribute-based encryption for fine-grained access control in cloud storage services , 2010, CCS '10.

[20]  Mohamed Mohamed,et al.  C-ABSC: Cooperative Attribute Based SignCryption Scheme for Internet of Things Applications , 2018, 2018 IEEE International Conference on Services Computing (SCC).

[21]  Ben Lynn,et al.  On the implementation of pairing-based cryptosystems , 2007 .

[22]  M. Laurent-Maknavicius,et al.  PHOABE: Securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IoT , 2018, Comput. Networks.

[23]  Xu An Wang,et al.  Cryptanalysis of a public authentication protocol for outsourced databases with multi-user modification , 2019, Inf. Sci..

[24]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[25]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[26]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[27]  Yao Zheng,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2019, IEEE Transactions on Parallel and Distributed Systems.

[28]  Giovanni Russello,et al.  Lightweight Attribute-based Encryption Supporting Access Policy Update for Cloud Assisted IoT , 2018 .

[29]  Xu An Wang,et al.  Cost-effective secure E-health cloud system using identity based cryptographic techniques , 2017, Future Gener. Comput. Syst..

[30]  Robert H. Deng,et al.  An Attribute-Based Framework for Secure Communications in Vehicular Ad Hoc Networks , 2019, IEEE/ACM Transactions on Networking.

[31]  Giovanni Russello,et al.  Malicious Entities are in Vain: Preserving Privacy in Publish and Subscribe Systems , 2018, 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE).

[32]  Hai Jiang,et al.  P-CP-ABE: Parallelizing Ciphertext-Policy Attribute-Based Encryption for clouds , 2016, 2016 17th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD).

[33]  Giovanni Russello,et al.  CUPS: Secure opportunistic cloud of things framework based on attribute‐based encryption scheme supporting access policy update , 2019, Secur. Priv..

[34]  Zhixin Sun,et al.  An efficient and traceable KP-ABS scheme with untrusted attribute authority in cloud computing , 2016, Journal of Cloud Computing.

[35]  Xiaohua Jia,et al.  Expressive, Efficient, and Revocable Data Access Control for Multi-Authority Cloud Storage , 2014, IEEE Transactions on Parallel and Distributed Systems.

[36]  Nesrine Kaaniche,et al.  Privacy-Preserving Multi-User Encrypted Access Control Scheme for Cloud-Assisted IoT Applications , 2018, 2018 IEEE 11th International Conference on Cloud Computing (CLOUD).

[37]  Kouichi Sakurai,et al.  Realizing Fine-Grained and Flexible Access Control to Outsourced Data with Attribute-Based Cryptosystems , 2011, ISPEC.

[38]  Jian Shen,et al.  Verifiable Outsourced Decryption of Attribute-Based Encryption with Constant Ciphertext Length , 2017, Secur. Commun. Networks.

[39]  Mohammad Hammoudeh,et al.  A Survey on Authentication Techniques for the Internet of Things , 2017, ICFNDS.

[40]  Maged Hamada Ibrahim,et al.  Attribute-based authentication on the cloud for thin clients , 2016, The Journal of Supercomputing.

[41]  David Pointcheval,et al.  On the Security Notions for Public-Key Encryption Schemes , 2004, SCN.

[42]  Nesrine Kaaniche,et al.  Data security and privacy preservation in cloud storage environments based on cryptographic mechanisms , 2017, Comput. Commun..

[43]  Hongyang Yan,et al.  Server-aided anonymous attribute-based authentication in cloud computing , 2015, Future Gener. Comput. Syst..

[44]  Manoj Prabhakaran,et al.  Attribute-Based Signatures , 2011, CT-RSA.

[45]  Yan Yang,et al.  Improving Privacy and Security in Decentralizing Multi-Authority Attribute-Based Encryption in Cloud Computing , 2018, IEEE Access.

[46]  Nesrine Kaaniche,et al.  Attribute based Encryption for Multi-level Access Control Policies , 2017, SECRYPT.

[47]  Victor I. Chang,et al.  A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment , 2018, Future Gener. Comput. Syst..

[48]  Yi Mu,et al.  Efficient Attribute-Based Encryption with Blackbox Traceability , 2018, ProvSec.

[49]  Stavros K Archondakis,et al.  Mobile Health Applications and Cloud Computing in Cytopathology , 2019, Research Anthology on Architectures, Frameworks, and Integration Strategies for Distributed and Cloud Computing.

[50]  Máté Horváth,et al.  Attribute-Based Encryption Optimized for Cloud Computing , 2015, IACR Cryptol. ePrint Arch..

[51]  Sushmita Ruj,et al.  Privacy Preserving Access Control with Authentication for Securing Data in Clouds , 2012, 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012).