HASBE: A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing
Reads0
Chats0
TLDR
The security of HASBE is formally proved based on security of the ciphertext-policy attribute-based encryption (CP-ABE) scheme by Bethencourt and its performance and computational complexity are formally analyzed.Abstract:
Cloud computing has emerged as one of the most influential paradigms in the IT industry in recent years. Since this new computing technology requires users to entrust their valuable data to cloud providers, there have been increasing security and privacy concerns on outsourced data. Several schemes employing attribute-based encryption (ABE) have been proposed for access control of outsourced data in cloud computing; however, most of them suffer from inflexibility in implementing complex access control policies. In order to realize scalable, flexible, and fine-grained access control of outsourced data in cloud computing, in this paper, we propose hierarchical attribute-set-based encryption (HASBE) by extending ciphertext-policy attribute-set-based encryption (ASBE) with a hierarchical structure of users. The proposed scheme not only achieves scalability due to its hierarchical structure, but also inherits flexibility and fine-grained access control in supporting compound attributes of ASBE. In addition, HASBE employs multiple value assignments for access expiration time to deal with user revocation more efficiently than existing schemes. We formally prove the security of HASBE based on security of the ciphertext-policy attribute-based encryption (CP-ABE) scheme by Bethencourt and analyze its performance and computational complexity. We implement our scheme and show that it is both efficient and flexible in dealing with access control for outsourced data in cloud computing with comprehensive experiments.read more
Citations
More filters
Journal ArticleDOI
Security in cloud computing
TL;DR: The security issues that arise due to the very nature of cloud computing are detailed and the recent solutions presented in the literature to counter the security issues are presented.
Journal ArticleDOI
Security and Privacy in Smart Health: Efficient Policy-Hiding Attribute-Based Access Control
TL;DR: PASH is introduced, a privacy-aware s-health access control system, in which the key ingredient is a large universe CP-ABE with access policies partially hidden, and attribute values of access policies are hidden in encrypted SHRs and only attribute names are revealed.
Journal ArticleDOI
Cloud security issues and challenges
Ashish Singh,Kakali Chatterjee +1 more
TL;DR: The basic features of the cloud computing, security issues, threats and their solutions are discussed, and several key topics related to the cloud, namely cloud architecture framework, service and deployment model, cloud technologies, cloud security concepts, threats, and attacks are described.
Journal ArticleDOI
An Efficient File Hierarchy Attribute-Based Encryption Scheme in Cloud Computing
TL;DR: An efficient file hierarchy attribute-based encryption scheme is proposed in cloud computing that combines layered access structures into a single access structure, and then, the hierarchical files are encrypted with the integrated access structure.
Journal ArticleDOI
Attribute-Based Encryption With Parallel Outsourced Decryption for Edge Intelligent IoV
TL;DR: ABEM-POD has been applied to three representative ABE schemes, and the experiments show that the proposed ABEM- POD is efficient and easy to use and can significantly improve the speed of outsourced decryption to address the response time requirement for edge intelligent IoV.
References
More filters
Journal ArticleDOI
Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility
TL;DR: This paper defines Cloud computing and provides the architecture for creating Clouds with market-oriented resource allocation by leveraging technologies such as Virtual Machines (VMs), and provides insights on market-based resource management strategies that encompass both customer-driven service management and computational risk management to sustain Service Level Agreement (SLA) oriented resource allocation.
Proceedings ArticleDOI
Ciphertext-Policy Attribute-Based Encryption
TL;DR: A system for realizing complex access control on encrypted data that is conceptually closer to traditional access control methods such as role-based access control (RBAC) and secure against collusion attacks is presented.
Proceedings ArticleDOI
Attribute-based encryption for fine-grained access control of encrypted data
TL;DR: This work develops a new cryptosystem for fine-grained sharing of encrypted data that is compatible with Hierarchical Identity-Based Encryption (HIBE), and demonstrates the applicability of the construction to sharing of audit-log information and broadcast encryption.
Book ChapterDOI
Fuzzy identity-based encryption
Amit Sahai,Brent Waters +1 more
TL;DR: In this article, a new type of identity-based encryption called Fuzzy Identity-Based Encryption (IBE) was introduced, where an identity is viewed as set of descriptive attributes, and a private key for an identity can decrypt a ciphertext encrypted with an identity if and only if the identities are close to each other as measured by the set overlap distance metric.
Posted Content
Fuzzy Identity Based Encryption.
Amit Sahai,Brent Waters +1 more
TL;DR: In this paper, a new type of identity-based encryption called Fuzzy Identity-Based Encryption (IBE) was introduced, where an identity is viewed as set of descriptive attributes, and a private key for an identity can decrypt a ciphertext encrypted with an identity if and only if the identities are close to each other as measured by the set overlap distance metric.