Fine-Grained Access Control Systems Suitable for Resource-Constrained Users in Cloud Computing

For the sake of practicability of cloud computing, fine-grained data access is frequently required in the sense that users with different attributes should be granted different levels of access privileges. However, most of existing access control solutions are not suitable for resource-constrained users because of large computation costs, which linearly increase with the complexity of access policies. In this paper, we present an access control system based on ciphertext-policy attribute-based encryption. The proposed access control system enjoys constant computation cost and is proven secure in the random oracle model under the decision Bilinear Diffie-Hellman Exponent assumption. Our access control system supports AND-gate access policies with multiple values and wildcards, and it can efficiently support direct user revocation. Performance comparisons indicate that the proposed solution is suitable for resource-constrained environment.

[1]  Jin Li,et al.  Computationally Efficient Ciphertext-Policy Attribute-Based Encryption with Constant-Size Ciphertexts , 2014, ProvSec.

[2]  Fatos Xhafa,et al.  Privacy-aware attribute-based PHR sharing with user accountability in cloud computing , 2014, The Journal of Supercomputing.

[3]  Atsuko Miyaji,et al.  A ciphertext-policy attribute-based encryption scheme with constant ciphertext length , 2010, Int. J. Appl. Cryptogr..

[4]  Jin Li,et al.  Securely Outsourcing Attribute-Based Encryption with Checkability , 2014, IEEE Transactions on Parallel and Distributed Systems.

[5]  Jian Shen,et al.  An ID-Based Linearly Homomorphic Signature Scheme and Its Application in Blockchain , 2018, IEEE Access.

[6]  Ahmed Obied,et al.  Broadcast Encryption , 2008, Encyclopedia of Multimedia.

[7]  Dongqing Xie,et al.  Cognitive Multiuser Energy Harvesting Decode-and-Forward Relaying System With Direct Links , 2018, IEEE Access.

[8]  Yi Mu,et al.  Attribute-Based Oblivious Access Control , 2012, Comput. J..

[9]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[10]  Jin Li,et al.  Accountable Large-Universe Attribute-Based Encryption Supporting Any Monotone Access Structures , 2016, ACISP.

[11]  Jin Li,et al.  Secure Deduplication with Efficient and Reliable Convergent Key Management , 2014, IEEE Transactions on Parallel and Distributed Systems.

[12]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[13]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[14]  Jin Li,et al.  Anonymous attribute-based encryption supporting efficient decryption test , 2013, ASIA CCS '13.

[15]  Yuanzhang Li,et al.  A Covert Channel Over VoLTE via Adjusting Silence Periods , 2018, IEEE Access.

[16]  Hideki Imai,et al.  Conjunctive Broadcast and Attribute-Based Encryption , 2009, Pairing.

[17]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[18]  Kui Ren,et al.  Attribute-based fine-grained access control with efficient revocation in cloud storage systems , 2013, ASIA CCS '13.

[19]  Jian Shen,et al.  A Short Linearly Homomorphic Proxy Signature Scheme , 2018, IEEE Access.

[20]  Kazuki Yoneyama,et al.  Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures , 2008, ACNS.

[21]  Cheng Chen,et al.  Efficient Ciphertext Policy Attribute-Based Encryption with Constant-Size Ciphertext and Constant Computation-Cost , 2011, ProvSec.

[22]  Jin Li,et al.  Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing , 2017, Inf. Sci..

[23]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[24]  Jin Li,et al.  FDR-ABE: Attribute-Based Encryption with Flexible and Direct Revocation , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[25]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[26]  Jianfeng Ma,et al.  Fine-Grained Access Control System Based on Outsourced Attribute-Based Encryption , 2013, ESORICS.

[27]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[28]  Jin Li,et al.  Efficient attribute-based data sharing in mobile clouds , 2016, Pervasive Mob. Comput..

[29]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[30]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[31]  Jonathan Katz,et al.  Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products , 2008, Journal of Cryptology.