Computer Science ›› 2018, Vol. 45 ›› Issue (11): 149-154.doi: 10.11896/j.issn.1002-137X.2018.11.022

• Information Security • Previous Articles     Next Articles

CP-ABE Based Access Control of Data Set with Conflict of Interest

CHEN Cheng, Nurmamat HELIL   

  1. (College of Mathematics and System Science,Xinjiang University,Urumqi 830046,China)
  • Received:2017-10-12 Published:2019-02-25

Abstract: Cloud storage allows data owners to store their encrypted data in the cloud,so as to provide data sharing services for users.However,there might exist a conflict of interest among different data stored by the same data owner.In this regard,this paper proposed a ciphertext-policy attribute-based encryption (CP-ABE) based access control scheme for the data set with conflict of interest.In this scheme,the data owner embeds a virtual attribute into the access tree with the “AND” gate to get the modified access tree,and encrypts the data in the data set with conflict of interest under the modified access tree,thus avoiding errors,cheats or risks caused by an individual user’s access to some or all data in the data set with conflict of interest.Finally,the efficiency and security of this scheme were analyzed.The analytical results suggest the proposed scheme is efficient and secure.

Key words: Access control, Data set with conflict of interest, Chinese wall policy, CP-ABE

CLC Number: 

  • TP393
[1]MELL P,GRANCE T.The NIST definition of cloud computing[J].Communications of the ACM,2011,53(6):50.
[2]SAHAI A,WATERS B.Fuzzy identity-based encryption[C]∥International Conference on Theory and Applications of Cryptographic Techniques.Springer-Verlag,2005:457-473.
[3]GOYAL V,PANDEY O,SAHAI A,et al.Attribute-based encryption for fine-grained access control of encrypted data[C]∥ACM Conference on Computer and Communications Security.ACM,2006:89-98.
[4]OSTROVSKY R,SAHAI A,WATERS B.Attribute-based encryption with non-monotonic access structures[C]∥ACM Conference on Computer & Communications Security.2007:195-203.
[5]ATTRAPADUNG N,IMAI H.Conjunctive broadcast and attribute-based encryption[C]∥Third International Conference.DBLP,2009:248-265.
[6]ATTRAPADUNG N,IMAI H.Attribute-based encryption supporting direct/indirect revocation modes[C]∥Ima International Conference on Cryptography and Coding.Springer-Verlag,2009:278-300.
[7]BETHENCOURT J,SAHAI A,WATERS B.Ciphertext-policy attribute-based encryption[C]∥IEEE Symposium on Security and Privacy.IEEE Computer Society,2007:321-334.
[8]BREWER D F C,NASH M J.The chinese wall security policy[C]∥IEEE Symposium on Security and Privacy.IEEE Xplore,1989:206-214.
[9]BARACALDO N,JOSHI J.A trust-and-risk aware RBAC framework:tackling insider threat[C]∥Proceedings of the 17th ACM Symposium on Access Control Models and Technologies.ACM,2012:167-176.
[10]HELIL N,RAHMAN K.CP-ABE access control scheme for sensitive data set constraint with hidden access policy and constraint policy[J].Security & Communication Networks,2017,2017(6):1-13.
[11]YU S,WANG C,REN K,et al.Attribute based data sharing with attribute revocation[C]∥ACM Symposium on Information,Computer and Communications Security.ACM,2010:261-270.
[12]YANG K,JIA X,REN K.Attribute-based fine-grained access control with efficient revocation in cloud storage systems[C]∥ACM Sigsac Symposium on Information,Computer and Communications Security.ACM,2013:523-528.
[13]HUR J.Improving security and efficiency in attribute-based data sharing[J].IEEE Transactions on Knowledge & Data Engineering,2013,25(10):2271-2282.
[14]ZU L,LIU Z,LI J.New ciphertext-policy attribute-based en- cryption with efficient revocation[C]∥IEEE International Conference on Computer and Information Technology.IEEE,2014:281-287.
[15]WANG P P,FENG D G,ZHANG L W.CP-ABE scheme supporting fully fine-grained attribute revocation[J].Journal of Software,2012,23(10):2805-2816.(in Chinese)
王鹏翩,冯登国,张立武.一种支持完全细粒度属性撤销的CP-ABE方案[J].软件学报,2012,23(10):2805-2816.
[16]SU J S,CAO D,WANG X F,et al.Attribute-based encryption schemes[J].Journal of Software,2011,22(6):1299-1315.(in Chinese)
苏金树,曹丹,王小峰,等.属性基加密机制[J].软件学报,2011,22(6):1299-1315.
[17]FENG D G,CHEN C.Research on attribute-based cryptography[J].Journal of Cryptologic Research,2014,1(1):1-12.(in Chinese)
冯登国,陈成.属性密码学研究[J].密码学报,2014,1(1):1-12.
[18]YAN X X,MENG H.Ciphertext policy attribute-based encryption schemesupporting direct revocation[J].Journal on Communications,2016,37(5):44-50.(in Chinese)
闫玺玺,孟慧.支持直接撤销的密文策略属性基加密方案[J].通信学报,2016,37(5):44-50.
[19]ZHANG K,MA J F,LI H,et al.Multi-authority attribute-based encryption with efficient revocation[J].Journal on Communications,2017,38(3):83-91.(in Chinese)
张凯,马建峰,李辉,等.支持高效撤销的多机构属性加密方案[J].通信学报,2017,38(3):83-91.
[20]SHAN Z Y,SUN Y F.A study of security attributes imme- diatere vocation in secure OS[J].Journal of Computer Research and Development,2002,39(12):1680-1688.(in Chinese)
单智勇,孙玉芳.安全操作系统安全属性即时撤消研究[J].计算机研究与发展,2002,39(12):1680-1688.
[21]FANG L,YIN L H,GUO Y C,et al.A survey of key technologies in attribute-based access control scheme[J].Chinese Journal of Computers,2017,40(7):1680-1698.(in Chinese)
房梁,殷丽华,郭云川,等.基于属性的访问控制关键技术研究综述[J].计算机学报,2017,40(7):1680-1698.
[1] QIAO Mao,QIN Ling. AB-ACCS Scheme for Revocation of Efficient Attributes in Cloud Storage Services [J]. Computer Science, 2019, 46(7): 96-101.
[2] WU Dai-yue, LI Qiang, YU Xiang, HUANG Hai-jun. Client Puzzle Based Access Control Model in Public Blockchain [J]. Computer Science, 2019, 46(4): 129-136.
[3] HUANG Mei-rong, OU Bo, HE Si-yuan. Access Control Method Based on Feature Extraction [J]. Computer Science, 2019, 46(2): 109-114.
[4] WANG Jing, SI Shu-jian. Attribute Revocable Access Control Scheme for Brain-Computer Interface Technology [J]. Computer Science, 2018, 45(9): 187-194.
[5] HE Si-yuan, OU Bo, LIAO Xin. Role Matching Access Control Model for Distributed Workflow [J]. Computer Science, 2018, 45(7): 129-134.
[6] LIU Xin-yu, LI Lang, XIAO Bing-bing. Attribute-based Proxy Re-encryption Technology and Fault-tolerant Mechanism Based Data Retrieval Scheme [J]. Computer Science, 2018, 45(7): 162-166, 196.
[7] WU Wei-jian, CHEN Shi-guo,LI Dan. Application of Dual Keeloq Algorithm in Intelligent Access Control System [J]. Computer Science, 2018, 45(6A): 573-575.
[8] YANG Xia, YANG Shan, GUO Wen-sheng, SUN Hai-yong, ZHAO Xiao-yan and ZHANG Yang. Research and Implementation of Light-weight Mandatory Access Control Technology for RTOS [J]. Computer Science, 2018, 45(3): 138-143.
[9] YANG Ying, XIA Jian-feng, ZHU Da-li. Multi-policy Security Model of Mobile Thin Client Based on Web Operating System [J]. Computer Science, 2018, 45(11): 108-114.
[10] TU Yuan-fei, GAO Zhen-yu, LI Rong-yu. Removable Attribute Encryption Access Control Algorithm Based on CP-ABE [J]. Computer Science, 2018, 45(11): 176-179.
[11] ZHANG Gui-peng, CHEN Ping-hua. Secure Data Deduplication Scheme Based on Merkle Hash Tree in HybridCloud Storage Environments [J]. Computer Science, 2018, 45(11): 187-192,203.
[12] YAN Ming, ZHANG Ying-hui, ZHENG Dong, LV Liu-di, SU Hao-nan. Flexibly Accessed and Vaguely Searchable EHR Cloud Service System [J]. Computer Science, 2018, 45(10): 172-177.
[13] GUAN Zheng, YANG Zhi-jun, QIAN Wen-hua. Improved MAC Protocol in Radio-over-fiber Networks and Its Performance Analysis [J]. Computer Science, 2018, 45(10): 89-93.
[14] CHEN Jie-wei, GUAN Yu and LIU Jun. Mandatory Access Control Model Based on Safety Value of Attributes [J]. Computer Science, 2017, 44(Z6): 348-350, 376.
[15] KE Wen-jun, DONG Bi-dan and GAO Yang. Survey of Virtualization Access Control Research Based on Xen [J]. Computer Science, 2017, 44(Z6): 24-28.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] . [J]. Computer Science, 2018, 1(1): 1 .
[2] LEI Li-hui and WANG Jing. Parallelization of LTL Model Checking Based on Possibility Measure[J]. Computer Science, 2018, 45(4): 71 -75, 88 .
[3] XIA Qing-xun and ZHUANG Yi. Remote Attestation Mechanism Based on Locality Principle[J]. Computer Science, 2018, 45(4): 148 -151, 162 .
[4] LI Bai-shen, LI Ling-zhi, SUN Yong and ZHU Yan-qin. Intranet Defense Algorithm Based on Pseudo Boosting Decision Tree[J]. Computer Science, 2018, 45(4): 157 -162 .
[5] WANG Huan, ZHANG Yun-feng and ZHANG Yan. Rapid Decision Method for Repairing Sequence Based on CFDs[J]. Computer Science, 2018, 45(3): 311 -316 .
[6] SUN Qi, JIN Yan, HE Kun and XU Ling-xuan. Hybrid Evolutionary Algorithm for Solving Mixed Capacitated General Routing Problem[J]. Computer Science, 2018, 45(4): 76 -82 .
[7] ZHANG Jia-nan and XIAO Ming-yu. Approximation Algorithm for Weighted Mixed Domination Problem[J]. Computer Science, 2018, 45(4): 83 -88 .
[8] WU Jian-hui, HUANG Zhong-xiang, LI Wu, WU Jian-hui, PENG Xin and ZHANG Sheng. Robustness Optimization of Sequence Decision in Urban Road Construction[J]. Computer Science, 2018, 45(4): 89 -93 .
[9] LIU Qin. Study on Data Quality Based on Constraint in Computer Forensics[J]. Computer Science, 2018, 45(4): 169 -172 .
[10] ZHONG Fei and YANG Bin. License Plate Detection Based on Principal Component Analysis Network[J]. Computer Science, 2018, 45(3): 268 -273 .