New Hidden Policy CP-ABE for Big Data Access Control with Privacy-preserving Policy in Cloud Computing

Cloud offers flexible and cost effective storage for big data but the major challenge is access control of big data processing. CP-ABE is a desirable solution for data access control in cloud. However, in CP-ABE the access policy may leak user's private information. To address this issue, Hidden Policy CP-ABE schemes proposed but those schemes still causing data leakage problem because the access policies are partially hidden and create more computational cost. In this paper, we propose a New Hidden Policy Ciphertext Policy Attribute Based Encryption (HP-CP-ABE) to ensure Big Data Access Control with Privacy-preserving Policy in Cloud. In proposed method, we used Multi Secret Sharing Scheme(MSSS) to reduce the computational overhead, while encryption and decryption process. We also applied mask technique on each attribute in access policy and embed the access policy in ciphertext, to protect user's private information from access policy. The security analysis shows that HP-CP-ABE is more secure and preserve the access policy privacy. Performance evaluation shows that our schemes takes less computational cost than existing scheme.

[1]  Kazuki Yoneyama,et al.  Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures , 2008, ACNS.

[2]  Yang Wang,et al.  A Tree-Based CP-ABE Scheme with Hidden Policy Supporting Secure Data Sharing in Cloud Computing , 2013, 2013 International Conference on Advanced Cloud and Big Data.

[3]  Robert H. Deng,et al.  Expressive CP-ABE with partially hidden access structures , 2012, ASIACCS '12.

[4]  Wenjing Lou,et al.  Attribute-based content distribution with hidden policy , 2008, 2008 4th Workshop on Secure Network Protocols.

[5]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[6]  Robert H. Deng,et al.  Ciphertext-policy attribute-based encryption with partially hidden access structure and its application to privacy-preserving electronic medical record system in cloud environment , 2016, Secur. Commun. Networks.

[7]  J. He,et al.  Multisecret-sharing scheme based on one-way function , 1995 .

[8]  Joseph K. Liu,et al.  Toward efficient and privacy-preserving computing in big data era , 2014, IEEE Network.

[9]  L. Harn,et al.  Comment on "Multistage secret sharing based on one-way function" , 1995 .

[10]  Jian Shen,et al.  An Expressive Hidden Access Policy CP-ABE , 2017, 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC).

[11]  Nurmamat Helil,et al.  CP-ABE Access Control Scheme for Sensitive Data Set Constraint with Hidden Access Policy and Constraint Policy , 2017, Secur. Commun. Networks.

[12]  Zhiwei Wang,et al.  CP-ABE with Hidden Policy from Waters Efficient Construction , 2016, Int. J. Distributed Sens. Networks.

[13]  Jonathan Katz,et al.  Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products , 2008, Journal of Cryptology.

[14]  Zhou Su,et al.  An Efficient and Fine-Grained Big Data Access Control Scheme With Privacy-Preserving Policy , 2017, IEEE Internet of Things Journal.

[15]  Guomin Yang,et al.  Hidden Ciphertext Policy Attribute-Based Encryption Under Standard Assumptions , 2016, IEEE Transactions on Information Forensics and Security.

[16]  Bo Lang,et al.  A CP-ABE scheme with hidden policy and its application in cloud computing , 2016, Int. J. Cloud Comput..

[17]  Robert H. Deng,et al.  Fully Secure Cipertext-Policy Hiding CP-ABE , 2011, ISPEC.

[18]  Jin Li,et al.  Privacy-Aware Attribute-Based Encryption with User Accountability , 2009, ISC.

[19]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.