Proceedings ArticleDOI
Attribute based data sharing with attribute revocation
Shucheng Yu,Cong Wang,Kui Ren,Wenjing Lou +3 more
- pp 261-270
TLDR
This paper uniquely integrates the technique of proxy re-encryption with CP-ABE, and enables the authority to delegate most of laborious tasks to proxy servers, and shows that the proposed scheme is provably secure against chosen ciphertext attacks.Abstract:
Ciphertext-Policy Attribute Based Encryption (CP-ABE) is a promising cryptographic primitive for fine-grained access control of shared data. In CP-ABE, each user is associated with a set of attributes and data are encrypted with access structures on attributes. A user is able to decrypt a ciphertext if and only if his attributes satisfy the ciphertext access structure. Beside this basic property, practical applications usually have other requirements. In this paper we focus on an important issue of attribute revocation which is cumbersome for CP-ABE schemes. In particular, we resolve this challenging issue by considering more practical scenarios in which semi-trustable on-line proxy servers are available. As compared to existing schemes, our proposed solution enables the authority to revoke user attributes with minimal effort. We achieve this by uniquely integrating the technique of proxy re-encryption with CP-ABE, and enable the authority to delegate most of laborious tasks to proxy servers. Formal analysis shows that our proposed scheme is provably secure against chosen ciphertext attacks. In addition, we show that our technique can also be applicable to the Key-Policy Attribute Based Encryption (KP-ABE) counterpart.read more
Citations
More filters
Journal ArticleDOI
Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption
TL;DR: A novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers are proposed and a high degree of patient privacy is guaranteed simultaneously by exploiting multiauthority ABE.
Journal ArticleDOI
Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems
Junbeom Hur,Dong Kun Noh +1 more
TL;DR: This paper proposes an access control mechanism using ciphertext-policy attribute-based encryption to enforce access control policies with efficient attribute and user revocation capability and demonstrates how to apply the proposed mechanism to securely manage the outsourced data.
Proceedings Article
Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings
TL;DR: Since there are multiple owners (patients) in a PHR system and every owner would encrypt her PHR files using a different set of cryptographic keys, it is important to reduce the key distribution complexity in such multi-owner settings.
Proceedings ArticleDOI
EASiER: encryption-based access control in social networks with efficient revocation
TL;DR: EASiER is proposed, an architecture that supports fine-grained access control policies and dynamic group membership by using attribute-based encryption and makes it possible to remove access from a user without issuing new keys to other users or re-encrypting existing ciphertexts.
Journal ArticleDOI
Identity-Based Encryption with Outsourced Revocation in Cloud Computing
TL;DR: This paper introduces outsourcing computation into IBE for the first time and proposes a revocable IBE scheme in the server-aided setting and proposes another construction which is provable secure under the recently formulized Refereed Delegation of Computation model.
References
More filters
Book ChapterDOI
Identity-Based Encryption from the Weil Pairing
Dan Boneh,Matthew K. Franklin +1 more
TL;DR: This work proposes a fully functional identity-based encryption scheme (IBE) based on the Weil pairing that has chosen ciphertext security in the random oracle model assuming an elliptic curve variant of the computational Diffie-Hellman problem.
Journal ArticleDOI
Identity-Based Encryption from the Weil Pairing
Dan Boneh,Matthew K. Franklin +1 more
TL;DR: This work proposes a fully functional identity-based encryption (IBE) scheme based on bilinear maps between groups and gives precise definitions for secure IBE schemes and gives several applications for such systems.
Proceedings ArticleDOI
Ciphertext-Policy Attribute-Based Encryption
TL;DR: A system for realizing complex access control on encrypted data that is conceptually closer to traditional access control methods such as role-based access control (RBAC) and secure against collusion attacks is presented.
Proceedings ArticleDOI
Attribute-based encryption for fine-grained access control of encrypted data
TL;DR: This work develops a new cryptosystem for fine-grained sharing of encrypted data that is compatible with Hierarchical Identity-Based Encryption (HIBE), and demonstrates the applicability of the construction to sharing of audit-log information and broadcast encryption.
Book ChapterDOI
Fuzzy identity-based encryption
Amit Sahai,Brent Waters +1 more
TL;DR: In this article, a new type of identity-based encryption called Fuzzy Identity-Based Encryption (IBE) was introduced, where an identity is viewed as set of descriptive attributes, and a private key for an identity can decrypt a ciphertext encrypted with an identity if and only if the identities are close to each other as measured by the set overlap distance metric.