Extended File Hierarchy Access Control Scheme with Attribute-Based Encryption in Cloud Computing

In cloud computing, attribute based encryption (ABE) is often used to solve the challenging issue in secure data storage. In order to lighten the burden of authority center, hierarchical ABE schemes is a very effective way. File hierarchy attribute based encryption (FH-CP-ABE) scheme is presented, which both saves storage space of ciphertext and reduces the computation overhead of encryption. However, it's impossible to encrypt multiple files on the same access level in existing FH-CP-ABE scheme. The scheme is obviously not practical. In this paper, an efficient extended file hierarchy CP-ABE scheme (EFH-CP-ABE) is proposed, which can encrypt multiple files on the same access level. Our scheme is very practical especially for those big institutions or companies which have many hierarchical sectors, since it greatly saves storage space and computation cost for them on the cloud servers. Furthermore, our solution also achieves secure and flexible access control for users in cloud storage. We formally prove the security for our new scheme under the standard model. Finally, we implement the corresponding experiment for EFH-CP-ABE scheme and achieve desirable experimental results.

[1]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[2]  Jianfeng Ma,et al.  On the Security of a Privacy-Aware Authentication Scheme for Distributed Mobile Cloud Computing Services , 2018, IEEE Systems Journal.

[3]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[4]  Muttukrishnan Rajarajan,et al.  Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption , 2012, IEEE Transactions on Parallel and Distributed Systems.

[5]  Jiguo Li,et al.  Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation , 2014, International Journal of Information Security.

[6]  Jiguo Li,et al.  Two-Party Attribute-Based Key Agreement Protocol with Constant-Size Ciphertext and Key , 2018, Secur. Commun. Networks.

[7]  Jiguo Li,et al.  Hierarchical attribute based encryption with continuous leakage-resilience , 2019, Inf. Sci..

[8]  Robert H. Deng,et al.  Attribute-Based Encryption With Verifiable Outsourced Decryption , 2013, IEEE Transactions on Information Forensics and Security.

[9]  J. Wenny Rahayu,et al.  Mobile cloud computing: A survey , 2013, Future Gener. Comput. Syst..

[10]  Jean-Sébastien Coron,et al.  Practical Multilinear Maps over the Integers , 2013, CRYPTO.

[11]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[12]  Min Ji,et al.  CCA-secure ABE with outsourced decryption for fog computing , 2018, Future Gener. Comput. Syst..

[13]  Robert H. Deng,et al.  HASBE: A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing , 2012, IEEE Transactions on Information Forensics and Security.

[14]  Xiaohua Jia,et al.  Secure and Verifiable Policy Update Outsourcing for Big Data Access Control in the Cloud , 2015 .

[15]  Jian Shen,et al.  Hierarchical attribute-based encryption with continuous auxiliary inputs leakage , 2016, Secur. Commun. Networks.

[16]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[17]  Victor Shoup,et al.  A Proposal for an ISO Standard for Public Key Encryption , 2001, IACR Cryptol. ePrint Arch..

[18]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[19]  Cong Wang,et al.  Enhancing Attribute-Based Encryption with Attribute Hierarchy , 2009, 2009 Fourth International Conference on Communications and Networking in China.

[20]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[21]  Yun Ling,et al.  Fine-Grained Two-Factor Protection Mechanism for Data Sharing in Cloud Storage , 2018, IEEE Transactions on Information Forensics and Security.

[22]  Jiguo Li,et al.  Improving Security and Privacy-Preserving in Multi-Authorities Ciphertext-Policy Attribute-Based Encryption , 2018, KSII Trans. Internet Inf. Syst..

[23]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[24]  Jian Shen,et al.  Key-policy attribute-based encryption against continual auxiliary input leakage , 2019, Inf. Sci..

[25]  Jianfeng Ma,et al.  Attribute-Based Keyword Search over Hierarchical Data in Cloud Computing , 2020, IEEE Transactions on Services Computing.

[26]  Jiguo Li,et al.  KSF-OABE: Outsourced Attribute-Based Encryption with Keyword Search Function for Cloud Storage , 2017, IEEE Transactions on Services Computing.

[27]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[28]  Xiang-Yang Li,et al.  Control Cloud Data Access Privilege and Anonymity With Fully Anonymous Attribute-Based Encryption , 2016, IEEE Transactions on Information Forensics and Security.

[29]  Jian Wang,et al.  A Provably Secure Ciphertext-Policy Hierarchical Attribute-Based Encryption , 2015, ICCCS.

[30]  Jie Wu,et al.  Hierarchical attribute-based encryption for fine-grained access control in cloud storage services , 2010, CCS '10.

[31]  Weixin Xie,et al.  An Efficient File Hierarchy Attribute-Based Encryption Scheme in Cloud Computing , 2016, IEEE Transactions on Information Forensics and Security.

[32]  Yi Mu,et al.  Improving Privacy and Security in Decentralized Ciphertext-Policy Attribute-Based Encryption , 2015, IEEE Transactions on Information Forensics and Security.

[33]  Jian Shen,et al.  User Collusion Avoidance CP-ABE With Efficient Attribute Revocation for Cloud Storage , 2018, IEEE Systems Journal.

[34]  Jiguo Li,et al.  Searchable ciphertext‐policy attribute‐based encryption with revocation in cloud storage , 2017, Int. J. Commun. Syst..

[35]  Xiaolei Dong,et al.  White-Box Traceable Ciphertext-Policy Attribute-Based Encryption Supporting Flexible Attributes , 2015, IEEE Transactions on Information Forensics and Security.

[36]  Jiguo Li,et al.  Certificateless Public Integrity Checking of Group Shared Data on Cloud Storage , 2018, IEEE Transactions on Services Computing.

[37]  Yao Wang,et al.  Full Verifiability for Outsourced Decryption in Attribute Based Encryption , 2020, IEEE Transactions on Services Computing.

[38]  Nishant Doshi,et al.  Hidden Access Structure Ciphertext Policy Attribute Based Encryption with Constant Length Ciphertext , 2011, ADCONS.

[39]  Rajkumar Buyya,et al.  Cloud-Based Augmentation for Mobile Devices: Motivation, Taxonomies, and Open Challenges , 2013, IEEE Communications Surveys & Tutorials.

[40]  Xiubin Zou,et al.  A hierarchical attribute-based encryption scheme , 2013, Wuhan University Journal of Natural Sciences.

[41]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[42]  Jiguo Li,et al.  Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing , 2017, IEEE Transactions on Services Computing.

[43]  Wei Guo,et al.  A Practical Privacy-Preserving Data Aggregation (3PDA) Scheme for Smart Grid , 2019, IEEE Transactions on Industrial Informatics.

[44]  Josep Domingo-Ferrer,et al.  Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts , 2014, Inf. Sci..

[45]  P. Praveen Chandar,et al.  Hierarchical attribute based proxy re-encryption access control in cloud computing , 2014, 2014 International Conference on Circuits, Power and Computing Technologies [ICCPCT-2014].

[46]  Hao Yan,et al.  A Novel Efficient Remote Data Possession Checking Protocol in Cloud Storage , 2017, IEEE Transactions on Information Forensics and Security.

[47]  Xiaojun Jing,et al.  Ciphertext-Policy Attribute-Based Encryption with Hidden Access Policy and Testing , 2016, KSII Trans. Internet Inf. Syst..

[48]  Ronald Cramer,et al.  Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack , 2003, SIAM J. Comput..