Computer Science ›› 2016, Vol. 43 ›› Issue (1): 191-194.doi: 10.11896/j.issn.1002-137X.2016.01.043

Previous Articles     Next Articles

CP-ABE Scheme with Supporting Policy Elastic Updating in Cloud Storage Environment

XIONG An-ping, XU Chun-xiang and FENG Hao   

  • Online:2018-12-01 Published:2018-12-01

Abstract: In recent years,CP-ABE has been researched extensively as an access control mechanism in cloud storage environment.Because existing access control schemes based on CP-ABE can not support the elastic update with the system properties in cloud storage environment,this paper used the cloud storage service provider’s(CSP’s) storage and computing resources advantages,and proposed a cloud storage access control scheme which supports the system attribu-tes revocation or recovery based on the attribute-based access control with efficient revocation(AB-ACER) scheme.The scheme introduces virtual attributes for the access control tree,and when system attributes have been revoked or recovered,CSP only provides small re-encryption computation.Security analysis and performance analysis show that the proposed scheme not only supports a changeable access control policy for data owner(DO),but also ensures the confidentiality of data and the fine-grained access control,and reduces a large number of encryption calculation works for DO.

Key words: Cloud storage,CP-ABE,System attribute update,Virtual attribute,Access control

[1] Amazon.com.Amazon s3 Availability Event:July 20,2008.http://status.aws.amazon.com/s3-20080520.html
[2] Arrington M.Gmail Disaster:Reports of Mass Email Deletions[R/OL].http://www.techcrunch.com/2006/12/28/gmail-disa-ster-reports-of-massemail-deletions
[3] Krigsman M.Apple’s MobileMe Experiences Post-Launch Pain.http://blogs.zdnet.com/projectfailures/?p=908
[4] Goyal V,Pandey O,Sahai A,et al.Attribute-based encryption for fine-grained access control of encrypted data[C]∥CCS.ACM,2006:89-98
[5] Su Jin-shu,Cao Dan,Wang xiao-feng,et al.Attribute-Based Encryption Schemes[J]Journal of Software, 2011,2(6):1299-1315
[6] Hur J,Noh D K.Attribute-based access control with efficient revocation in data outsourcing systems[J].IEEE Transactions on Parallel and Distributed Systems,2011,22(7):1214-1221
[7] Dara K.Microsoft’s 2012-11 SkyDrive accidently freezes outOpera users[EB/OL].[2014-04-20].http://www.cnet.com/news/microsofts-skydrive-accidently-freezes-out-opera-users
[8] Sahai A,Waters B.Fuzzy Identity-Based Encryption[M]∥Advances in Cryptology EUROCRYPT 2005.Springer Berlin Heidelberg,2005:457-473
[9] Xiong An-ping,Xu Chun-xiang.Energy Efficient Multiresource Allocation of Virtual Machine Based on PSO in Cloud Data Center[J].Mathematical Problems in Engineering,2014,18(5):816-830
[10] Bethencourt J,Sahai A,Waters B.Ciphertext-Policy Attribute-Based Encryption[C]∥IEEE Symposium on Security and Privacy,2007(SP’07).IEEE,2007:321-334
[11] Pirretti M,Traynor P,McDaniel P,et al.Secure Attribute-Based Systems[J].Journal of Computer Security,2010,18(5):799-837
[12] Ostrovsky R,Sahai A,Waters B.Attribute-Based Encryptionwith Non-Monotonic Access Structures[C]∥Proceedings of the 14th ACM Conference on Computer and Communications Securi-ty.ACM,2007:195-203
[13] Yu S,Wang C,Ren K,et al.Attribute Based Data Sharing with Attribute Revocation[C]∥Proceedings of the 5th ACM Symposium on Information,Computer and Communications Security.ACM,2010:261-270
[14] Yu S,Ren K,Lou W.Attribute-based on-demand multicastgroup setup with membership anonymity[J].Computer Networks,2010,54(3):377-386
[15] Shamir A.Identity-Based Cryptosystems and Signature schemes[C]∥Advances in cryptology.Springer Berlin Heidelberg,1985:47-53
[16] Huang Zhi-hong,Wu Li-li,Zhang Bo.Network Security Threats and Prevention on Cloud Computing[J].Journal of Chongqing University of Technology(Natural Science),2012,6(8):85-90(in Chinese)黄志宏,巫莉莉,张波.基于云计算的网络安全威胁及防范[J].重庆理工大学学报(自然科学),2012,26(8):85-90

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] LEI Li-hui and WANG Jing. Parallelization of LTL Model Checking Based on Possibility Measure[J]. Computer Science, 2018, 45(4): 71 -75, 88 .
[2] XIA Qing-xun and ZHUANG Yi. Remote Attestation Mechanism Based on Locality Principle[J]. Computer Science, 2018, 45(4): 148 -151, 162 .
[3] LI Bai-shen, LI Ling-zhi, SUN Yong and ZHU Yan-qin. Intranet Defense Algorithm Based on Pseudo Boosting Decision Tree[J]. Computer Science, 2018, 45(4): 157 -162 .
[4] WANG Huan, ZHANG Yun-feng and ZHANG Yan. Rapid Decision Method for Repairing Sequence Based on CFDs[J]. Computer Science, 2018, 45(3): 311 -316 .
[5] SUN Qi, JIN Yan, HE Kun and XU Ling-xuan. Hybrid Evolutionary Algorithm for Solving Mixed Capacitated General Routing Problem[J]. Computer Science, 2018, 45(4): 76 -82 .
[6] ZHANG Jia-nan and XIAO Ming-yu. Approximation Algorithm for Weighted Mixed Domination Problem[J]. Computer Science, 2018, 45(4): 83 -88 .
[7] WU Jian-hui, HUANG Zhong-xiang, LI Wu, WU Jian-hui, PENG Xin and ZHANG Sheng. Robustness Optimization of Sequence Decision in Urban Road Construction[J]. Computer Science, 2018, 45(4): 89 -93 .
[8] LIU Qin. Study on Data Quality Based on Constraint in Computer Forensics[J]. Computer Science, 2018, 45(4): 169 -172 .
[9] ZHONG Fei and YANG Bin. License Plate Detection Based on Principal Component Analysis Network[J]. Computer Science, 2018, 45(3): 268 -273 .
[10] SHI Wen-jun, WU Ji-gang and LUO Yu-chun. Fast and Efficient Scheduling Algorithms for Mobile Cloud Offloading[J]. Computer Science, 2018, 45(4): 94 -99, 116 .