• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.1165-1168
• /
• 2010

본 논문에서는 Bethencourt등의 CP-ABE에서 효율적인 속성값 철회 기법에 대해 알아본다. 기존에 제안된 속성값 철회 기법은 대부분 KP-ABE에 대한 것이며, CP-ABE에서 속성값 철회는 철회를 위한 메시지 크기가 철회자에 비례해 커지고 NOT연산을 필요로 한다는 측면에서 효율적이지 못하다. 이에 대해 Bethencourt등의 CP-ABE와 기존의 속성값 철회 기법에 대해 알아본 후 Bethencourt등의 CP-ABE에서 효율적인 속성값 철회 기법에 대해 제시하고자 한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.10
• /
• pp.4136-4156
• /
• 2020

Recently, data can be safely shared or stored using the infrastructure of cloud computing in various fields. However, issues such as data security and privacy affect cloud environments. Thus, a variety of security technologies are required, one of them is security technology using CP-ABE. Research into the CP-ABE scheme is currently ongoing, but the existing CP-ABE schemes can pose security threats and are inefficient. In terms of security, the CP-ABE approach should be secure against user collusion attacks and masquerade attacks. In addition, in a dynamic cloud environment where users are frequently added or removed, they must eliminate user access when they leave, and so users will not be able to access the cloud after removal. A user who has left should not be able to access the cloud with the existing attributes, secret key that had been granted. In addition, the existing CP-ABE scheme increases the size of the ciphertext according to the number of attributes specified by the data owner. This leads to inefficient use of cloud storage space and increases the amount of operations carried out by the user, which becomes excessive when the number of attributes is large. In this paper, CP-ABE access control is proposed to block access of withdrawn users in dynamic cloud environments. This proposed scheme focuses on the revocation of the attributes of the withdrawn users and the output of a ciphertext of a constant-size, and improves the efficiency of the user decryption operation through outsourcing.