Enabling Attribute Based Encryption as an Internet Service

Internet enabled services and technologies are changing the way we use and manage massive amounts of data. More and more users and organizations are increasingly relying on cloud storage services for data management. In such Internet enabled environments, protecting sensitive data is increasingly becoming very crucial. Attribute-based Encryption (ABE) based approaches have been recognized as very promising for data protection in such environments. ABE approaches support data confidentiality and fine-grained access control in Internet-based environments, which include Internet of things (IoTs) and a plethora of heterogeneous mobile devices that enable large scale applications. However, in IoTs and mobile applications the limited computational resources and finite battery power of devices make it very difficult to use ABE schemes because of their heavy computational requirements. Although outsourced computational techniques have been applied in partial ABE schemes to address such issues, a unified platform that supports all aspects of data protection in an Internet-based open environment as well as fast cryptographic operations and decentralized authorities, etc., is still lacking. In this paper, we propose a novel Attribute Based Encryption as a Service (ABEaaS) that can be leveraged for data protection in the Internet environments. We propose an ABEaaS framework that can be easily deployed and present related security and performance analysis.

[1]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[2]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[3]  J. Dandge,et al.  Revisiting Attribute-Based Encryption with Verifiable Outsourced Decryption , 2017 .

[4]  Brent Waters,et al.  Online/Offline Attribute-Based Encryption , 2014, IACR Cryptol. ePrint Arch..

[5]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[6]  Ian Miers,et al.  Charm: a framework for rapidly prototyping cryptosystems , 2013, Journal of Cryptographic Engineering.

[7]  Robert H. Deng,et al.  Attribute-Based Encryption With Efficient Verifiable Outsourced Decryption , 2015, IEEE Transactions on Information Forensics and Security.

[8]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[9]  Craig Gentry,et al.  Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers , 2010, CRYPTO.

[10]  Brent Waters,et al.  Practical constructions and new proof methods for large universe attribute-based encryption , 2013, CCS.

[11]  Tatsuaki Okamoto,et al.  Fully Secure Unbounded Inner-Product and Attribute-Based Encryption , 2012, ASIACRYPT.

[12]  Yael Tauman Kalai,et al.  Improved Delegation of Computation using Fully Homomorphic Encryption , 2010, IACR Cryptol. ePrint Arch..

[13]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[14]  Allison Bishop,et al.  Unbounded HIBE and Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[15]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[16]  Sourya Joyee De,et al.  Decentralized Access Control on Data in the Cloud with Fast Encryption and Outsourced Decryption , 2014, GLOBECOM 2014.

[17]  Allison Lewko,et al.  Tools for simulating features of composite order bilinear groups in the prime order setting , 2012 .

[18]  Rui Zhang,et al.  A Blockchain based Access Control System for Cloud Storage , 2019 .