Computer Science ›› 2017, Vol. 44 ›› Issue (2): 176-176.doi: 10.11896/j.issn.1002-137X.2017.02.027

Previous Articles     Next Articles

MA-ABE Access Control Scheme in Cloud Storage

LI Xie-hua, ZHOU Mao-ren and LIU Ting   

  • Online:2018-11-13 Published:2018-11-13

Abstract: In order to improve the security and efficiency of cross-domain data access in cloud storage,this paper pro-posesd a multi-authority attribute-based encryption (MA-ABE) access control scheme.The new scheme uses split-key to guarantee the security of users’ secret key.In addition,proxy re-encryption is used to load most of the re-encryption to the cloud server when revocation occurs,which can minimize the computation cost for the data owner (DO).The splited secret key components are generated and distributed by the DO and attribute authorities (AA) respectively without using their global identifier (GID),which can prevent authorities collusion attack.Finally,theoretical analysis has been provided to prove that the new scheme is secure and has high performance on revocation.

Key words: Multi-authority,MA-ABE,Data access control,Access tree

[1] SAHAI A,WATERS B.Fuzzy identity-based encryption[C]∥Proc of Advances in Cryptology-EUROCRYPT’05.Aarhus,Springer Berlin Heidelberg,2005:457-473.
[2] BETHENCOURT J,SAHAI A,WATERS B.Ciphertext-policy Attribute-based Encryption[C]∥Proc of IEEE Symposium Security and Privacy.Berkeley,CA,IEEE,2007:321-334.
[3] WATERS B.Ciphertext-policy attribute-based encryption:Anexpressive,efficient,and provably secure realization[C]∥Proc of PKC’11.Taormina,Italy,Springer Berlin Heidelberg,2011:53-70.
[4] GOYAL V,PANDEY O,SAHAI A,et al.Attribute-based encryption for fine-grained access control of encrypted data[C]∥Proc of ACM Conference on Computer and Communications Security.Virginia,ACM,2006:89-98.
[5] HUR J,NOH D K.Attribute-based access control with efficient revocation in data outsourcing systems[J].IEEE Transactions on Parallel and Distributed Systems,2011,2(7):1214-1221.
[6] CHEUNG L,NEWPORT C.Provably secure ciphertext policyabe[C]∥CCS’07.New York,NY,USA:ACM,2007:456-465.
[7] LIANG X H,LU R D,et al.Ciphertext-policy At tribute Based Encryption with Efficient Revocation[R].Technical Report,University of Waterloo,2010.
[8] CHASE M.Multi-authority attribute based encryption[C]∥Proc of Cryptography Conference on Theory of Cryptography (TCC’07).Amsterdam,Springer Berlin Heidelberg,2007:515-534.
[9] LIN H,CAO Z F,LIANG X.Secure threshold multi-authorityattribute-based encryption without a central authority[C]∥Proc of International Conference on Cryptology.India,Springer Berlin Heidelberg,2008:426-436.
[10] LEWKO A,WATERS B.Decentralizing attribute-based encryption[C]∥Proc of International Conference on the Theory and Applications of Cryptographic Techniques.Tallinn,Springer Berlin Heidelberg,2011:568-588.
[11] YU S C,WANG C,REN K,et al.Achiving secure,scalable,and fine-grained data access control in cloud computing [C]∥Proceedings of IEEE INFOCOM 2010.San Diego,CA,2010.
[12] YANG K,JIA X H,REN K.DAC-MACS:Effective Date Access Control for Multi-Authority Cloud Storage Systems[J].IEEE Transactions on Information Forensics and Security,IEEE,2013,8(11):1790-1801.
[13] LI J,REN K,ZHU B,et al.Privacy-aware attribute-based encryption with user accountability[M]∥Lecture Notes in Computer Science,ISC’09.Springer,vol.5735,2009:347-362.
[14] YANG K,JIA X H.Expressive,Efficient and Revocable DataAccess Control for Multi-Authority Cloud Storage[J].IEEE Transactions on Parallel and Distributed Systems,2014,25(7):1735-1744.
[15] YANG K,JIA X H.Attribute-based Access Control for Multi-Authority System in Cloud Storage[C]∥Proc of International Conference on Distributed Computing Systems (ICDCS).Macau,IEEE,2012:536-545.
[16] EISSA T,CHO G H.A Fine Grained Access Control and Flexible Revocation Scheme for Data Security on Public Cloud Sto-rage Service[C]∥2012 International Conference on Cloud Computing Technologies,Applications and Management(ICCCTAM).Dubai,2012:27-33.
[17] BENALOH J,LEKCHTER J.Generalized secret sharing andmonotone functions[C]∥Proc of Crypto’88,Lecture Notes in Computer Science.Springer-Verlag,Berlin,1989:213-222.
[18] SUSHMITA R,AMIYA N,IVAN S.DACC:Distributed Access Control in Clouds[C]∥Proc of IEEE TrustCom.Changsha,IEEE,2011:91-98.
[19] BETHENCOURT J,SAHAI A,WATERS B.The cpabe toolkit .

No related articles found!
Full text



[1] LEI Li-hui and WANG Jing. Parallelization of LTL Model Checking Based on Possibility Measure[J]. Computer Science, 2018, 45(4): 71 -75, 88 .
[2] XIA Qing-xun and ZHUANG Yi. Remote Attestation Mechanism Based on Locality Principle[J]. Computer Science, 2018, 45(4): 148 -151, 162 .
[3] LI Bai-shen, LI Ling-zhi, SUN Yong and ZHU Yan-qin. Intranet Defense Algorithm Based on Pseudo Boosting Decision Tree[J]. Computer Science, 2018, 45(4): 157 -162 .
[4] WANG Huan, ZHANG Yun-feng and ZHANG Yan. Rapid Decision Method for Repairing Sequence Based on CFDs[J]. Computer Science, 2018, 45(3): 311 -316 .
[5] SUN Qi, JIN Yan, HE Kun and XU Ling-xuan. Hybrid Evolutionary Algorithm for Solving Mixed Capacitated General Routing Problem[J]. Computer Science, 2018, 45(4): 76 -82 .
[6] ZHANG Jia-nan and XIAO Ming-yu. Approximation Algorithm for Weighted Mixed Domination Problem[J]. Computer Science, 2018, 45(4): 83 -88 .
[7] WU Jian-hui, HUANG Zhong-xiang, LI Wu, WU Jian-hui, PENG Xin and ZHANG Sheng. Robustness Optimization of Sequence Decision in Urban Road Construction[J]. Computer Science, 2018, 45(4): 89 -93 .
[8] LIU Qin. Study on Data Quality Based on Constraint in Computer Forensics[J]. Computer Science, 2018, 45(4): 169 -172 .
[9] ZHONG Fei and YANG Bin. License Plate Detection Based on Principal Component Analysis Network[J]. Computer Science, 2018, 45(3): 268 -273 .
[10] SHI Wen-jun, WU Ji-gang and LUO Yu-chun. Fast and Efficient Scheduling Algorithms for Mobile Cloud Offloading[J]. Computer Science, 2018, 45(4): 94 -99, 116 .