[KSCI] Korea Science Citation Index Service

http://dx.doi.org/10.3837/tiis.2020.10.012

CP-ABE Access Control that Block Access of Withdrawn Users in Dynamic Cloud

Hwang, Yong-Woon (Department of Computer Science and Engineering, Soonchunhyang University)
Lee, Im-Yeong (Department of Computer Science and Engineering, Soonchunhyang University)

Publication Information

KSII Transactions on Internet and Information Systems (TIIS) / v.14, no.10, 2020 , pp. 4136-4156 More about this Journal

Abstract

Recently, data can be safely shared or stored using the infrastructure of cloud computing in various fields. However, issues such as data security and privacy affect cloud environments. Thus, a variety of security technologies are required, one of them is security technology using CP-ABE. Research into the CP-ABE scheme is currently ongoing, but the existing CP-ABE schemes can pose security threats and are inefficient. In terms of security, the CP-ABE approach should be secure against user collusion attacks and masquerade attacks. In addition, in a dynamic cloud environment where users are frequently added or removed, they must eliminate user access when they leave, and so users will not be able to access the cloud after removal. A user who has left should not be able to access the cloud with the existing attributes, secret key that had been granted. In addition, the existing CP-ABE scheme increases the size of the ciphertext according to the number of attributes specified by the data owner. This leads to inefficient use of cloud storage space and increases the amount of operations carried out by the user, which becomes excessive when the number of attributes is large. In this paper, CP-ABE access control is proposed to block access of withdrawn users in dynamic cloud environments. This proposed scheme focuses on the revocation of the attributes of the withdrawn users and the output of a ciphertext of a constant-size, and improves the efficiency of the user decryption operation through outsourcing.

Keywords

Attributes Based Encryption; Access Control; Attribute revocation; Constant-size ciphertext; Cloud; Data sharing;

Citations & Related Records

Times Cited By KSCI : 1 (Citation Analysis)

Reference
Cited By KSCI

1	D. Boneh and X. Boyen, "Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles," Advances in Cryptology - Eurocrypt, volume 3027 of LNCS, Springer, pp. 223-238, 2004.
2	Chung. P. S, Liu. C. W, Hwang. M. S, "A Study of Attribute-based Proxy Re-encryption Scheme in Cloud Environments," IJ Network Security, vol. 16, no. 1, pp. 1-13, 2014.
3	Bethencourt. J, Sahai. A, Waters. B, "Ciphertext-policy attribute-based encryption," in Proc. of Security and Privacy, SP'07. IEEE Symposium on, pp. 321-324, 2007.
4	Goyal, V., Pandey, O., Sahai, A., & Waters, B., "Attribute-based encryption for fine-grained access control of encrypted data," in Proc. of the 13th ACM conference on Computer and communications security, ACM, pp. 89-98, 2006.
5	Cheung Ling, Nwport Calvin, "Provably secure ciphertext policy ABE," in Proc. of the 14th ACM conference on Computer and communications security, ACM, pp. 456-465, 2007.
6	Sekhar. B. R, Kumar. B. S, Reddy. L. S, PoornaChandar. V, "CP-ABE based encryption for secured cloud storage access," International Journal of Scientific & Engineering Research, vol. 3, no. 9, pp. 1-5, 2012.
7	Zhu. S, Yang. X, "Protecting data in cloud environment with attribute-based encryption," International Journal of Grid and Utility Computing, vol. 6, no. 2, pp. 91-97, 2015. DOI
8	Xu. Z, Martin. K. M, "Dynamic user revocation and key refreshing for attribute-based encryption in cloud storage," in Proc. of Trust, Security and Privacy in Computing and Communications, 2012 IEEE 11th International Conference on, IEEE, pp. 844-849, 2012.
9	Yang. K, Jia. X, "Attribute-based Fine-Grained Access Control with Efficient Revocation in Cloud Storage Systems," in Proc. of the 8th ACM SIGSAC symposium on Information, computer and communications security, ACM, pp. 523-528, 2013.
10	Kumar V., Kumar P.V, "A lterature Survey on Revocable Multiauthority Cipher Text-Policy Attribute-Based Encryption (CP-ABE) Scheme for Cloud Storage," Int. J. Adv. Res. Electron. Commun. Eng., vol. 3 pp. 1723-1728, 2014.
11	X. Liang, Z. Cao, H. Lin, J. Shao, "Attribute-based proxy re-encryption with delegating capabilities," in Proc. of the 4th International Symposium on Information, Computer, and Communications Security, pp. 276-286, 2009.
12	H. Seo, H. Kim, "Attribute-based Proxy Re-encryption with a Constant Number of Pairing Operations," Journal of Information and Communication Convergence Engineering, vol. 10, no. 1, pp. 53-60, 2012. DOI
13	Liu C.W., Hsien W.F., Yang C.C., Hwang M.S, "A Survey of Attribute-based Access Control with User Revocation in Cloud Data Storage," Int. J. Netw. Secur., vol. 18, pp. 900-916, 2016.
14	Zhou, Z. & Huang, D, "On efficient ciphertext-policy attribute based encryption and broadcast encryption," in Proc. of the 17th ACM conference on Computer and communications security, pp. 753-755, 2010.
15	R. Canetti, S. Halevi, and J. Katz, "A Forward-Secure Public-Key Encryption Scheme," Advances in Cryptology, Eurocrypt, volume 2656 of LNCS. Springer, pp. 255-271, 2003.
16	R. Canetti, S. Halevi, and J. Katz, "Chosen Ciphertext Security from Identity Based Encryption," Advances in Cryptology, Eurocrypt, volume 3027 of LNCS, Springer, pp. 207-222, 2004.
17	D. Boneh and X. Boyen, "Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles," Advances in Cryptology, Eurocrypt, volume 3027 of LNCS, Springer, pp. 223-238, 2004.
18	Xia, Zhihua, Liangao Zhang, and Dandan Liu, "Attribute-based access control scheme with efficient revocation in cloud computing," China Communications, vol. 13, no. 7, pp.92-99, 2016. DOI
19	D. Boneh and M. Franklin, "Identity Based Encryption from the Weil Pairing," Advances in Cryptology, CRYPTO, volume 2139 of LNCS, Springer, pp. 213-229, 2001.
20	Ramesh, D, Priya. R, "Multi-authority scheme based CP-ABE with attribute revocation for cloud data storage," in Proc. of Microelectronics, Computing and Communications (MicroCom), 2016 International Conference on, IEEE, pp. 1-4, 2016.
21	Liu, Zechao, et al., "Practical attribute-based encryption: Outsourcing decryption, attribute revocation and policy updating," Journal of Network and Computer Applications, vol.108, pp.112-123, 2018. DOI
22	Liu, Joseph K., et al., "Time-based direct revocable ciphertext-policy attribute-based encryption with short revocation list," in Proc. of International Conference on Applied Cryptography and Network Security. Springer, Cham, pp. 516-534, 2018.
23	Zhao, Yang, et al., "A revocable storage CP-ABE scheme with constant ciphertext length in cloud storage," Mathematical biosciences and engineering: MBE, vol. 16(5), pp. 4229-4249, 2019. DOI
24	Hahn Changhee, Junbeom Hur, "Constant-Size Ciphertext-Policy Attribute-Based Data Access and Outsourceable Decryption Scheme," Journal of KIISE, vol. 43, no. 8, pp. 933-945, 2016. DOI
25	Teng, Wei, et al., "Attribute-based access control with constant-size ciphertext in cloud computing," IEEE Transactions on Cloud Computing, vol. 5, no. 4, pp. 617-627, 2017. DOI
26	A. Sahai and B. Waters, "Fuzzy Identity Based Encryption," Advances in Cryptology, Eurocrypt, volume 3494 of LNCS, Springer, pp 457-473, 2005.
27	Lee C.C., Chung P.S., Hwang M.S, "A Survey on Attribute-based Encryption Schemes of Access Control in Cloud Environments," IJ Netw. Secur., vol. 15, pp. 231-240, 2013.