Computer Science

Computer Science ›› 2018, Vol. 45 ›› Issue (8): 134-140.doi: 10.11896/j.issn.1002-137X.2018.08.024

• Information Security • Previous Articles     Next Articles

Attribute-based Revocation Scheme in Cloud Computing Environment

ZHANG Guang-hua1,2, LIU Hui-meng2, CHEN Zhen-guo3   

  1. State Key Laboratory of Integrated Services Networks,Xidian University,Xi’an 710071,China1
    College of Information Science and Engineering,Hebei University of Science and Technology,Shijiazhuang 050000,China2
    Hebei Engineering Technology Research Center for IOT Data Acquisition & Processing,North China Institute of Science and Technology,Sanhe,Hebei 065201,China3
  • Received:2017-06-13 Online:2018-08-29 Published:2018-08-29

PDF (PC)

815

Abstract: Aiming at the problem of revoking the access rights of the ciphertexts policy attribute base encryption shared data in the cloud environment,the revocation scheme based on attribute was proposed.In the scheme,the trusted third party searches the attribute set satisfying the ciphertext access structure from the user attribute set with the global identity,generates the key component with the same global identity for each attribute in the intersection,and generates the user private key by combining the key components.When the revocation is occured,the scheme updates the key component which revokes the user attribute and distributes the component to other users who have the same attribute.At the same time,the corresponding re-encryption key is generated,and the ciphertext is re-encrypted in the cloud environment.The security analysis and experiments show that the scheme is safe to choose plaintext,which can effectively realize the real-time cancellation of attributes and solve the synchronization problem of multi-authorization structure key distribution.The hash function is used to make the ciphertext length constant,thus reducing the resource cost and mee-ting the application requirements of security in the real cloud environment.

Key words: Attribute encryption, Attribute revocation, Cloud environment, Resource overhead, Single trusted third party

CLC Number: 

  • TP309.2
[1]SAHAI A,WATERS B.Fuzzy identity-based encryption[C]∥International Confernece on Theory & Applications of Cryptographic Techniques.2005:457-473.
[2]BETHENCOURT J,SAHAI A,WATERS B.Ciphertext-policy attribute-based encryption[J].IEEE Symposium on Security & Privacy,2007,2008(4):321-334.
[3]LIANG X H,LU R X,LIN X D,et al.Ciphertext Policy Attri-bute Based Encryption with Efficient Revocation[R].Waterloo:University of Waterloo,2010.
[4]HUR J,NOH D K.Attribute-based access control with efficient revocation in data outsourcing systems[J].IEEE Transactions on Parallel and Distributed Systems,2011,22(7):1214-1221.
[5]YU S,WANG C,REN K,et al.Achieving secure,scalable,and fine-grained data access control in cloud computing[C]∥IEEE INFOCOM 2010 Proceedings.2010:1-9.
[6]CHEN Y,WANG Z Y,MA J,et al.Efficient revocation in cipher-text-policy attribute-based encryption based cryptographic cloud storage[J].Journal of Zhejiang University-Science C,2013,14(2):85-97.
[7]YAN X X,TANG Y L.Attribute-based encryption scheme with efficient revocation in data outsourcing systems.Journal on Communications,2015,36(10):92-100.(in Chinese)闫玺玺,汤永利.数据外包环境下一种支持撤销的属性基加密方案[J].通信学报,2015,36(10):92-100.
[8]CHASE M.Multi-authority attribute based encryption[M]∥Theory of Cryptography.Springer Berlin Heidelberg,2007:515-534.
[9]LEWKO A,WATERS B.Decentralizing attribute-based encryption[M]∥Advances in Cryptology-EUROCRYPT 2011.SpringerBerlin Heidelberg,2011:568-588.
[10]YANG K,JIA X.Attributed-based access control for multi-authority systems in cloud storage[C]∥2012 IEEE 32nd International Conference on Distributed Computing Systems (ICDCS).IEEE,2012:536-545.
[11]DOSHI N,JINWALA D.Constant ciphertext length in mul-tiauthority ciphertext policy attribute based encryption[C]∥2011 2nd International Conference on Computer and Communication Technology (ICCCT).IEEE,2011:451-456.
[12]EMURA K,MIYAJI A,NOMURA A,et al.A ciphertext-policy attribute-based encryption scheme with constant ciphertext length[M]∥Information Security Practice and Experience.Springer Berlin Heidelberg,2009:13-23.
[13]HERRANZ J,LAGUILLAUMIE F,RÀFOLS C.Constant sizeciphertexts in threshold attribute-based encryption[M]∥Public Key Cryptography-PKC 2010.Springer Berlin Heidelberg,2010:19-34.
[14]GE A,ZHANG R,CHEN C,et al.Threshold ciphertext policy attribute-based encryption with constant size ciphertexts[C]∥Australasian Conference on Information Security and Privacy.2012:336-349.
[15]ATTRAPADUNG N,HERRANZ J,LAGUILLAUMIE F,et al.Attribute-based encryption schemes with constant-size ciphertexts[J].Theoretical Computer Science,2012,422(3):15-38.
[16]CHEN Y,SONG L,YANG G.Attribute-Based Access Control for Multi-Authority Systems with Constant Size Ciphertext in Cloud Computing[J].China Communications,2016,13(2):146-162.
[17]SHAMIR A.Identity-based cryptosystems and signature schemes[C]∥Proceedings of CRYPTO 84 on Advances in Cryptology.Berlin,1985:47-53.
[18]单忆南.基于属性的加密算法[D].上海:上海交通大学,2009.
[19]GENTRY C,PEIKERT C,VAIKUNTANATHAN V.Trap-doors for hard lattices and new cryptographic constructions[C]∥Proceeings of the 14th Annual ACM Symposium on Theory of Computing.2008:197-206.
[20]YAN X X,MENG H.Ciphertext policy attribute-based encryption scheme supporting direct revocation.Journal on Communications,2016,37(5):44-50.(in Chinese)闫玺玺,孟慧.支持直接撤销的密文策略属性基加密方案[J].通信学报,2016,37(5):44-50.
[1] HE Heng, JIANG Jun-jun, FENG Ke, LI Peng, XU Fang-fang. Efficient Multi-keyword Retrieval Scheme Based on Attribute Encryption in Multi-cloud Environment [J]. Computer Science, 2021, 48(11A): 576-584.
[2] QIAO Mao,QIN Ling. AB-ACCS Scheme for Revocation of Efficient Attributes in Cloud Storage Services [J]. Computer Science, 2019, 46(7): 96-101.
[3] JIANG Ze-tao,HUANG Jin,HU Shuo,XU Zhi. Fully-outsourcing CP-ABE Scheme with Revocation in Cloud Computing [J]. Computer Science, 2019, 46(7): 114-119.
[4] LIU Sheng-jie, WANG Jing. Privacy Preserving Scheme for SNS in Cloud Environment [J]. Computer Science, 2019, 46(2): 133-138.
[5] GAO Dan, LING Jie, CHEN Jia-hui. Two-dimensional Code Encryption Based on Revocable Outsourced Attribute Encryption [J]. Computer Science, 2019, 46(12): 186-191.
[6] WANG Jing, SI Shu-jian. Attribute Revocable Access Control Scheme for Brain-Computer Interface Technology [J]. Computer Science, 2018, 45(9): 187-194.
[7] TU Yuan-fei, GAO Zhen-yu, LI Rong-yu. Removable Attribute Encryption Access Control Algorithm Based on CP-ABE [J]. Computer Science, 2018, 45(11): 176-179.
[8] ZHANG Xun, GU Chun-hua, LUO Fei, CHANG Yao-hui and WEN Geng. Virtual Machine Placement Strategy Based on Dynamic Programming [J]. Computer Science, 2017, 44(8): 54-59.
[9] ZHANG Bing-hong, ZHANG Chuan-rong, JIAO He-ping and ZHANG Xin-wei. Secure Model of Cloud Storage Supporting Attribute Revocation [J]. Computer Science, 2015, 42(7): 210-215.
[10] CAI Ting and CHEN Chang-zhi. Research for Access Control Model Based on UCON in Cloud Computing [J]. Computer Science, 2014, 41(Z6): 262-264.
[11] YU Chang-jun and ZHANG Ran. Research of FCM Algorithm Based on Canopy Clustering Algorithm under Cloud Environment [J]. Computer Science, 2014, 41(Z11): 316-319.
[12] ZHOU Huan-huan and JIANG Ying. Test Configuration Method Based on Dynamic Programming under Cloud Environment [J]. Computer Science, 2014, 41(9): 215-219.
[13] LIU Wen-jie and LI Zhan-huai. Autonomic Computing Model Based on Hierarchical Management in Cloud Environment [J]. Computer Science, 2014, 41(3): 189-192.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.