Toward Ciphertext Policy Attribute Based Encryption Model: A Revocable Access Control Solution in Cloud Computing

Cloud Computing is the most promising paradigm in recent times. It offers on-demand services to individuals and industries. However, outsourcing sensitive data to entrusted Cloud servers impedes the adoption of Cloud concept. Security presents the most important issue. Consequently, Cloud service provider should implement fine grained access control models. Ciphertext Policy Attribute Based Encryption (CPABE) is considered as one of the most appropriate approach in Cloud Computing environment. However, it suffers from revocation, data owner overhead and computational cost limitations. In this work, we propose a Revocable algorithm (R-CPABE). The main idea of this work is to divide the original data after publishing in cloud server. In case of user revocation, one single slice is affected. Data owner need to retrieve, re-encrypt and re-publish it. To confirm the safety of our solution, we provide a security analysis. To evaluate its efficiency, a performance evaluation is performed.

[1]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[2]  Robert H. Deng,et al.  HASBE: A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing , 2012, IEEE Transactions on Information Forensics and Security.

[3]  Farouk Kamoun,et al.  End to End Cloud Computing Architecture Based on A Novel Classification of Security Issues , 2017, 2017 IEEE/ACS 14th International Conference on Computer Systems and Applications (AICCSA).

[4]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[5]  Michael O. Rabin,et al.  Efficient dispersal of information for security, load balancing, and fault tolerance , 1989, JACM.

[6]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[7]  Brent Waters,et al.  Secure attribute-based systems , 2006, CCS '06.

[8]  Angelo De Caro,et al.  jPBC: Java pairing based cryptography , 2011, 2011 IEEE Symposium on Computers and Communications (ISCC).

[9]  Zhibin Zhou,et al.  Efficient Privacy-Preserving Ciphertext-Policy Attribute Based-Encryption and Broadcast Encryption , 2015, IEEE Transactions on Computers.

[10]  Yutaka Kawai,et al.  Outsourcing the Re-encryption Key Generation: Flexible Ciphertext-Policy Attribute-Based Proxy Re-encryption , 2015, ISPEC.

[11]  Xiao-Feng Wang,et al.  Attribute-Based Encryption Schemes: Attribute-Based Encryption Schemes , 2011 .

[12]  V. Canda,et al.  A new mode of using all-or-nothing transforms , 2002, Proceedings IEEE International Symposium on Information Theory,.

[13]  Leïla Azouz Saïdane,et al.  Revocable Sliced CipherText Policy Attribute Based Encryption Scheme in Cloud Computing , 2019, 2019 15th International Wireless Communications & Mobile Computing Conference (IWCMC).

[14]  Su Jin,et al.  Attribute-Based Encryption Schemes , 2011 .

[15]  Xiaohua Jia,et al.  Expressive, Efficient, and Revocable Data Access Control for Multi-Authority Cloud Storage , 2014, IEEE Transactions on Parallel and Distributed Systems.