IR-CP-ABE: Identity Revocable Ciphertext-Policy Attribute-Based Encryption for Flexible Secure Group-Based Communication
نویسندگان
چکیده
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is an access control mechanism over encrypted data and well suited for secure group-based communication. However, it also suffers from the following problem, i.e., it is impossible to build all desired groups. For example, if two group members have exactly the same attributes, how to construct a group including only one of the two members? Obviously, attributes alone cannot distinguish these two members, therefore existing CP-ABE solutions do not work. To address this issue, in this paper, we present a new CPABE scheme (called IR-CP-ABE) that incorporates an Identity-based Revocation capability. With IR-CP-ABE, an access policy will be constructed by not only group members’ attributes but also their identities. To build a group, first, build a candidate group based on all desired group members’ attributes; second, remove undesired members by revoking their identities. By evaluating the security and efficiency of a proposed construction, we show that the IR-CP-ABE scheme is secure and efficient for practical applications.
منابع مشابه
User Revocation Based Anonymous Access Provision for Efficient Cloud User Privacy
Cloud computing is a recent technology provides a flexible, on-demand and low cost feature of computing resources. The Main issue in Cloud Computing is user identity privacy and data content privacy. The User Privacy in Cloud Computing is achieved by various data access control Schemes. Existing Fully Anonymous Access control scheme with decentralized attribute authority provides data content p...
متن کاملHIR-CP-ABE: Hierarchical Identity Revocable Ciphertext-Policy Attribute-Based Encryption for Secure and Flexible Data Sharing
Ciphertext Policy Attribute-Based Encryption (CPABE) has been proposed to implement the attribute-based access control model. In CP-ABE, data owners encrypt the data with a certain access policy such that only data users whose attributes satisfy the access policy could obtain the corresponding private decryption key from a trusted authority. Therefore, CP-ABE is considered as a promising fine-g...
متن کاملDoS-Resistant Attribute-Based Encryption in Mobile Cloud Computing with Revocation
Security and privacy are very important challenges for outsourced private data over cloud storages. By taking Attribute-Based Encryption (ABE) for Access Control (AC) purpose we use fine-grained AC over cloud storage. In this paper, we extend previous Ciphertext Policy ABE (CP-ABE) schemes especially for mobile and resource-constrained devices in a cloud computing environment in two aspects, a ...
متن کاملAttribute based Encryption: Traitor Tracing, Revocation and Fully Security on Prime Order Groups
A Ciphertext-Policy Attribute-Based Encryption (CP-ABE) allows users to specify the access policies without having to know the identities of users. In this paper, we contribute by proposing an ABE scheme which enables revoking corrupted users. Given a key-like blackbox, our system can identify at least one of the users whose key must have been used to construct the blackbox and can revoke the k...
متن کاملExpressive, Efficient, and Revocable Data Access Control for Multi-Authority Cloud Storage
Data access control is an efficient way to make sure the data security in the cloud. Due to data outsourcing and untrusted cloud servers, the data access control becomes a challenging issue in cloud storage systems. Ciphertext-Policy Attribute-based Encryption (CP-ABE) is regarded as one of the most suitable technologies for data access control in cloud storage, because it gives data owners mor...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2017 شماره
صفحات -
تاریخ انتشار 2017