Time-Domain Attribute-Based Access Control for Cloud-Based Video Content Sharing: A Cryptographic Approach

With the ever-increasing demands on multimedia applications, cloud computing, due to its economical but powerful resources, is becoming a natural platform to process, store, and share multimedia contents. However, the employment of cloud computing also brings new security and privacy issues as few public cloud servers can be fully trusted by users. In this paper, we focus on how to securely share video contents to a certain group of people during a particular time period in cloud-based multimedia systems, and propose a cryptographic approach, a provably secure time-domain attribute-based access control (TAAC) scheme, to secure the cloud-based video content sharing. Specifically, we first propose a provably secure time-domain attribute-based encryption scheme by embedding the time into both the ciphertexts and the keys, such that only users who hold sufficient attributes in a specific time slot can decrypt the video contents. We also propose an efficient attribute updating method to achieve the dynamic change of users' attributes, including granting new attributes, revoking previous attributes, and regranting previously revoked attributes. We further discuss on how to control those video contents that can be commonly accessed in multiple time slots and how to make special queries on video contents generated in previous time slots. The security analysis and performance evaluation show that TAAC is provably secure in generic group model and efficient in practice.

[1]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[2]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[3]  Chong Luo,et al.  Multimedia Cloud Computing , 2011, IEEE Signal Processing Magazine.

[4]  Jiming Chen,et al.  Data gathering optimization by dynamic sensing and routing in rechargeable sensor networks , 2013, 2013 IEEE International Conference on Sensing, Communications and Networking (SECON).

[5]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[6]  Xuemin Shen,et al.  Exploiting mobile crowdsourcing for pervasive cloud services: challenges and solutions , 2015, IEEE Communications Magazine.

[7]  Vipul Goyal,et al.  Identity-based encryption with efficient revocation , 2008, IACR Cryptol. ePrint Arch..

[8]  Xiaohui Liang,et al.  Exploiting multimedia services in mobile social networks from security and privacy perspectives , 2014, IEEE Communications Magazine.

[9]  Li Zhuo,et al.  An efficient motion reference structure based selective encryption algorithm for H.264 videos , 2014, IET Inf. Secur..

[10]  Xiaohua Jia,et al.  DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems , 2013, IEEE Transactions on Information Forensics and Security.

[11]  Lintian Qiao,et al.  A New Algorithm for MPEG Video Encryption , 2007 .

[12]  Thomas Stütz,et al.  A Survey of H.264 AVC/SVC Encryption , 2012, IEEE Transactions on Circuits and Systems for Video Technology.

[13]  Robert H. Deng,et al.  Attribute-Based Access to Scalable Media in Cloud-Assisted Content Sharing Networks , 2013, IEEE Transactions on Multimedia.

[14]  Dongqing Xie,et al.  Multi-authority ciphertext-policy attribute-based encryption with accountability , 2011, ASIACCS '11.

[15]  Andrés Marín López,et al.  Media cloud: an open cloud computing middleware for content management , 2011, IEEE Transactions on Consumer Electronics.

[16]  Xiaohua Jia,et al.  Secure and Verifiable Policy Update Outsourcing for Big Data Access Control in the Cloud , 2015 .

[17]  AMESH,et al.  Cloud-Based Multimedia Content Protection System , 2017 .

[18]  Xiaohua Jia,et al.  Expressive, Efficient, and Revocable Data Access Control for Multi-Authority Cloud Storage , 2014, IEEE Transactions on Parallel and Distributed Systems.

[19]  Xuemin Shen,et al.  SACRM: Social Aware Crowdsourcing with Reputation Management in mobile sensing , 2014, Comput. Commun..

[20]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[21]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[22]  Zafar Shahid,et al.  Visual Protection of HEVC Video by Selective Encryption of CABAC Binstrings , 2014, IEEE Transactions on Multimedia.

[23]  Kui Ren,et al.  Attribute-based fine-grained access control with efficient revocation in cloud storage systems , 2013, ASIA CCS '13.

[24]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[25]  Xiaofei Wang,et al.  AMES-Cloud: A Framework of Adaptive Mobile Video Streaming and Efficient Social Video Sharing in the Clouds , 2013, IEEE Transactions on Multimedia.

[26]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[27]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[28]  Moncef Gabbouj,et al.  Perceptual Encryption of H.264 Videos: Embedding Sign-Flips Into the Integer-Based Transforms , 2014, IEEE Transactions on Information Forensics and Security.

[29]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[30]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[31]  Brent Waters,et al.  Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption , 2012, IACR Cryptol. ePrint Arch..

[32]  Ling Shi,et al.  Optimal DoS Attack Scheduling in Wireless Networked Control System , 2016, IEEE Transactions on Control Systems Technology.

[33]  Emrullah Turhan Tunali,et al.  Scalable video encryption of H.264 SVC Codec , 2011, J. Vis. Commun. Image Represent..

[34]  Tarek Elgamal,et al.  Cloud-Based Multimedia Content Protection System , 2015, IEEE Transactions on Multimedia.

[35]  Xiaohua Jia,et al.  Attributed-Based Access Control for Multi-authority Systems in Cloud Storage , 2012, 2012 IEEE 32nd International Conference on Distributed Computing Systems.

[36]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[37]  Xuemin Shen,et al.  Security and privacy in mobile crowdsourcing networks: challenges and opportunities , 2015, IEEE Communications Magazine.