Computer Science

Computer Science ›› 2018, Vol. 45 ›› Issue (11): 149-154.doi: 10.11896/j.issn.1002-137X.2018.11.022

• Information Security • Previous Articles     Next Articles

CP-ABE Based Access Control of Data Set with Conflict of Interest

CHEN Cheng, Nurmamat HELIL   

  1. (College of Mathematics and System Science,Xinjiang University,Urumqi 830046,China)
  • Received:2017-10-12 Published:2019-02-25

PDF (PC)

510

Abstract: Cloud storage allows data owners to store their encrypted data in the cloud,so as to provide data sharing services for users.However,there might exist a conflict of interest among different data stored by the same data owner.In this regard,this paper proposed a ciphertext-policy attribute-based encryption (CP-ABE) based access control scheme for the data set with conflict of interest.In this scheme,the data owner embeds a virtual attribute into the access tree with the “AND” gate to get the modified access tree,and encrypts the data in the data set with conflict of interest under the modified access tree,thus avoiding errors,cheats or risks caused by an individual user’s access to some or all data in the data set with conflict of interest.Finally,the efficiency and security of this scheme were analyzed.The analytical results suggest the proposed scheme is efficient and secure.

Key words: Access control, Chinese wall policy, CP-ABE, Data set with conflict of interest

CLC Number: 

  • TP393
[1]MELL P,GRANCE T.The NIST definition of cloud computing[J].Communications of the ACM,2011,53(6):50.
[2]SAHAI A,WATERS B.Fuzzy identity-based encryption[C]∥International Conference on Theory and Applications of Cryptographic Techniques.Springer-Verlag,2005:457-473.
[3]GOYAL V,PANDEY O,SAHAI A,et al.Attribute-based encryption for fine-grained access control of encrypted data[C]∥ACM Conference on Computer and Communications Security.ACM,2006:89-98.
[4]OSTROVSKY R,SAHAI A,WATERS B.Attribute-based encryption with non-monotonic access structures[C]∥ACM Conference on Computer & Communications Security.2007:195-203.
[5]ATTRAPADUNG N,IMAI H.Conjunctive broadcast and attribute-based encryption[C]∥Third International Conference.DBLP,2009:248-265.
[6]ATTRAPADUNG N,IMAI H.Attribute-based encryption supporting direct/indirect revocation modes[C]∥Ima International Conference on Cryptography and Coding.Springer-Verlag,2009:278-300.
[7]BETHENCOURT J,SAHAI A,WATERS B.Ciphertext-policy attribute-based encryption[C]∥IEEE Symposium on Security and Privacy.IEEE Computer Society,2007:321-334.
[8]BREWER D F C,NASH M J.The chinese wall security policy[C]∥IEEE Symposium on Security and Privacy.IEEE Xplore,1989:206-214.
[9]BARACALDO N,JOSHI J.A trust-and-risk aware RBAC framework:tackling insider threat[C]∥Proceedings of the 17th ACM Symposium on Access Control Models and Technologies.ACM,2012:167-176.
[10]HELIL N,RAHMAN K.CP-ABE access control scheme for sensitive data set constraint with hidden access policy and constraint policy[J].Security & Communication Networks,2017,2017(6):1-13.
[11]YU S,WANG C,REN K,et al.Attribute based data sharing with attribute revocation[C]∥ACM Symposium on Information,Computer and Communications Security.ACM,2010:261-270.
[12]YANG K,JIA X,REN K.Attribute-based fine-grained access control with efficient revocation in cloud storage systems[C]∥ACM Sigsac Symposium on Information,Computer and Communications Security.ACM,2013:523-528.
[13]HUR J.Improving security and efficiency in attribute-based data sharing[J].IEEE Transactions on Knowledge & Data Engineering,2013,25(10):2271-2282.
[14]ZU L,LIU Z,LI J.New ciphertext-policy attribute-based en- cryption with efficient revocation[C]∥IEEE International Conference on Computer and Information Technology.IEEE,2014:281-287.
[15]WANG P P,FENG D G,ZHANG L W.CP-ABE scheme supporting fully fine-grained attribute revocation[J].Journal of Software,2012,23(10):2805-2816.(in Chinese)
王鹏翩,冯登国,张立武.一种支持完全细粒度属性撤销的CP-ABE方案[J].软件学报,2012,23(10):2805-2816.
[16]SU J S,CAO D,WANG X F,et al.Attribute-based encryption schemes[J].Journal of Software,2011,22(6):1299-1315.(in Chinese)
苏金树,曹丹,王小峰,等.属性基加密机制[J].软件学报,2011,22(6):1299-1315.
[17]FENG D G,CHEN C.Research on attribute-based cryptography[J].Journal of Cryptologic Research,2014,1(1):1-12.(in Chinese)
冯登国,陈成.属性密码学研究[J].密码学报,2014,1(1):1-12.
[18]YAN X X,MENG H.Ciphertext policy attribute-based encryption schemesupporting direct revocation[J].Journal on Communications,2016,37(5):44-50.(in Chinese)
闫玺玺,孟慧.支持直接撤销的密文策略属性基加密方案[J].通信学报,2016,37(5):44-50.
[19]ZHANG K,MA J F,LI H,et al.Multi-authority attribute-based encryption with efficient revocation[J].Journal on Communications,2017,38(3):83-91.(in Chinese)
张凯,马建峰,李辉,等.支持高效撤销的多机构属性加密方案[J].通信学报,2017,38(3):83-91.
[20]SHAN Z Y,SUN Y F.A study of security attributes imme- diatere vocation in secure OS[J].Journal of Computer Research and Development,2002,39(12):1680-1688.(in Chinese)
单智勇,孙玉芳.安全操作系统安全属性即时撤消研究[J].计算机研究与发展,2002,39(12):1680-1688.
[21]FANG L,YIN L H,GUO Y C,et al.A survey of key technologies in attribute-based access control scheme[J].Chinese Journal of Computers,2017,40(7):1680-1698.(in Chinese)
房梁,殷丽华,郭云川,等.基于属性的访问控制关键技术研究综述[J].计算机学报,2017,40(7):1680-1698.
[1] GUO Peng-jun, ZHANG Jing-zhou, YANG Yuan-fan, YANG Shen-xiang. Study on Wireless Communication Network Architecture and Access Control Algorithm in Aircraft [J]. Computer Science, 2022, 49(9): 268-274.
[2] YANG Zhen, HUANG Song, ZHENG Chang-you. Study on Crowdsourced Testing Intellectual Property Protection Technology Based on Blockchain and Improved CP-ABE [J]. Computer Science, 2022, 49(5): 325-332.
[3] GUO Xian, WANG Yu-yue, FENG Tao, CAO Lai-cheng, JIANG Yong-bo, ZHANG Di. Blockchain-based Role-Delegation Access Control for Industrial Control System [J]. Computer Science, 2021, 48(9): 306-316.
[4] CHENG Xue-lin, YANG Xiao-hu, ZHUO Chong-kui. Research and Implementation of Data Authority Control Model Based on Organization [J]. Computer Science, 2021, 48(6A): 558-562.
[5] PAN Rui-jie, WANG Gao-cai, HUANG Heng-yi. Attribute Access Control Based on Dynamic User Trust in Cloud Computing [J]. Computer Science, 2021, 48(5): 313-319.
[6] HE Heng, JIANG Jun-jun, FENG Ke, LI Peng, XU Fang-fang. Efficient Multi-keyword Retrieval Scheme Based on Attribute Encryption in Multi-cloud Environment [J]. Computer Science, 2021, 48(11A): 576-584.
[7] CAO Meng, YU Yang, LIANG Ying, SHI Hong-zhou. Key Technologies and Development Trends of Big Data Trade Based on Blockchain [J]. Computer Science, 2021, 48(11A): 184-190.
[8] XU Kun, FU Yin-jin, CHEN Wei-wei, ZHANG Ya-nan. Research Progress on Blockchain-based Cloud Storage Security Mechanism [J]. Computer Science, 2021, 48(11): 102-115.
[9] WANG Jing-yu, LIU Si-rui. Research Progress on Risk Access Control [J]. Computer Science, 2020, 47(7): 56-65.
[10] GU Rong-Jie, WU Zhi-ping and SHI Huan. New Approach for Graded and Classified Cloud Data Access Control for Public Security Based on TFR Model [J]. Computer Science, 2020, 47(6A): 400-403.
[11] PAN Heng, LI Jing feng, MA Jun hu. Role Dynamic Adjustment Algorithm for Resisting Insider Threat [J]. Computer Science, 2020, 47(5): 313-318.
[12] WANG Hui, LIU Yu-xiang, CAO Shun-xiang, ZHOU Ming-ming. Medical Data Storage Mechanism Integrating Blockchain Technology [J]. Computer Science, 2020, 47(4): 285-291.
[13] TU Yuan-fei,ZHANG Cheng-zhen. Secure and Efficient Electronic Health Records for Cloud [J]. Computer Science, 2020, 47(2): 294-299.
[14] QIAO Mao,QIN Ling. AB-ACCS Scheme for Revocation of Efficient Attributes in Cloud Storage Services [J]. Computer Science, 2019, 46(7): 96-101.
[15] WU Dai-yue, LI Qiang, YU Xiang, HUANG Hai-jun. Client Puzzle Based Access Control Model in Public Blockchain [J]. Computer Science, 2019, 46(4): 129-136.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.