Journal ArticleDOI
Expressive, Efficient, and Revocable Data Access Control for Multi-Authority Cloud Storage
Kan Yang,Xiaohua Jia +1 more
TLDR
This paper designs an expressive, efficient and revocable data access control scheme for multi-authority cloud storage systems, where there are multiple authorities co-exist and each authority is able to issue attributes independently.Abstract:
Data access control is an effective way to ensure the data security in the cloud Due to data outsourcing and untrusted cloud servers, the data access control becomes a challenging issue in cloud storage systems Ciphertext-Policy Attribute-based Encryption (CP-ABE) is regarded as one of the most suitable technologies for data access control in cloud storage, because it gives data owners more direct control on access policies However, it is difficult to directly apply existing CP-ABE schemes to data access control for cloud storage systems because of the attribute revocation problem In this paper, we design an expressive, efficient and revocable data access control scheme for multi-authority cloud storage systems, where there are multiple authorities co-exist and each authority is able to issue attributes independently Specifically, we propose a revocable multi-authority CP-ABE scheme, and apply it as the underlying techniques to design the data access control scheme Our attribute revocation method can efficiently achieve both forward security and backward security The analysis and simulation results show that our proposed data access control scheme is secure in the random oracle model and is more efficient than previous worksread more
Citations
More filters
Journal ArticleDOI
Protection of Big Data Privacy
TL;DR: The infrastructure of big data and the state-of-the-art privacy-preserving mechanisms in each stage of the big data life cycle are illustrated and the challenges for existing mechanisms are presented.
Journal ArticleDOI
User Collusion Avoidance CP-ABE With Efficient Attribute Revocation for Cloud Storage
TL;DR: This work formalizes the definition and security model, which model collusion attack executed by the existing users cooperating with the revoked users, and presents a user collusion avoidance ciphertext-policy ABE scheme with efficient attribute revocation for the cloud storage system.
Journal ArticleDOI
TMACS: A Robust and Verifiable Threshold Multi-Authority Access Control System in Public Cloud Storage
TL;DR: A threshold multi-authority CP-ABE access control scheme for public cloud storage, named TMACS, in which multiple authorities jointly manage a uniform attribute set is conducted, which satisfies the scenario of attributes coming from different authorities as well as achieving security and system-level robustness.
Journal ArticleDOI
Data security and privacy preservation in cloud storage environments based on cryptographic mechanisms
TL;DR: This survey brings a critical comparative analysis of cryptographic defense mechanisms, and beyond this, it explores research directions and technology trends to address the protection of outsourced data in cloud infrastructures.
Journal ArticleDOI
RAAC: Robust and Auditable Access Control With Multiple Attribute Authorities for Public Cloud Storage
TL;DR: A novel heterogeneous framework is proposed to remove the problem of single-point performance bottleneck and provide a more efficient access control scheme with an auditing mechanism and shows that the system not only guarantees the security requirements but also makes great performance improvement on key generation.
References
More filters
ReportDOI
The NIST Definition of Cloud Computing
Peter Mell,Timothy Grance +1 more
TL;DR: This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.
Book ChapterDOI
Identity-Based Encryption from the Weil Pairing
Dan Boneh,Matthew K. Franklin +1 more
TL;DR: This work proposes a fully functional identity-based encryption scheme (IBE) based on the Weil pairing that has chosen ciphertext security in the random oracle model assuming an elliptic curve variant of the computational Diffie-Hellman problem.
Journal ArticleDOI
Identity-Based Encryption from the Weil Pairing
Dan Boneh,Matthew K. Franklin +1 more
TL;DR: This work proposes a fully functional identity-based encryption (IBE) scheme based on bilinear maps between groups and gives precise definitions for secure IBE schemes and gives several applications for such systems.
Proceedings ArticleDOI
Ciphertext-Policy Attribute-Based Encryption
TL;DR: A system for realizing complex access control on encrypted data that is conceptually closer to traditional access control methods such as role-based access control (RBAC) and secure against collusion attacks is presented.
Book ChapterDOI
Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization
TL;DR: A new methodology for realizing Ciphertext-Policy Attribute Encryption (CP-ABE) under concrete and noninteractive cryptographic assumptions in the standard model is presented.