Attribute-Based Access Control with Efficient and Secure Attribute Revocation for Cloud Data Sharing Service |
| |
| Authors: | Nyamsuren Vaanchig Wei Chen Zhi-Guang Qin |
| |
| Affiliation: | 1.School of Information and Software Engineering,University of Electronic Science and Technology of China,Chengdu 610054,China |
| |
| Abstract: | Nowadays, there is the tendency to outsource data to cloud storage servers for data sharing purposes. In fact, this makes access control for the outsourced data a challenging issue. Ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptographic solution for this challenge. It gives the data owner (DO) direct control on access policy and enforces the access policy cryptographically. However, the practical application of CP-ABE in the data sharing service also has its own inherent challenge with regard to attribute revocation. To address this challenge, we proposed an attribute-revocable CP-ABE scheme by taking advantages of the over-encryption mechanism and CP-ABE scheme and by considering the semi-trusted cloud service provider (CSP) that participates in decryption processes to issue decryption tokens for authorized users. We further presented the security and performance analysis in order to assess the effectiveness of the scheme. As compared with the existing attribute-revocable CP-ABE schemes, our attribute-revocable scheme is reasonably efficient and more secure to enable attribute-based access control over the outsourced data in the cloud data sharing service. |
| |
| Keywords: | Access control attribute-based encryption attribute revocation cloud data sharing |
|
| 点击此处可从《电子科技学刊:英文版》浏览原始摘要信息 |
|
点击此处可从《电子科技学刊:英文版》下载全文 |
