Computer Science ›› 2016, Vol. 43 ›› Issue (3): 118-121.doi: 10.11896/j.issn.1002-137X.2016.03.024

Previous Articles     Next Articles

Multiple Permissions Secure Access Control Scheme Combining CP-ABE and XACML in Cloud Storage

LIU Xiao-jian, WANG Li-sheng and LIAO Xin-kao   

  • Online:2018-12-01 Published:2018-12-01

Abstract: In order to protect the confidentiality of user data and user privacy in cloud storage system,multiple permissions secure access control scheme combining ciphertext-policy attribute-based encryption(CP-ABE) and XACML was proposed.The confidentiality of user data is ensured by CP-ABE encryption and properties of fine-grained access control are implemented by XACML framework.In cloud storage system user data is encrypted by symmetric encryption mecha-nism,and symmetric key encryption uses the CP-ABE.Simulation results show that the model is efficient,flexible,and secure.Security analysis shows that the scheme can resist collusion attacks,has data confidentiality and backward forward confidentiality.

Key words: Cloud storage,Access control,Ciphertext-policy attribute-based encryption,XACML

[1] Larry D.Cloud computing hasn’t gone Fortune 500 yet,But it’s coming[EB/OL].(2008-03).
[2] Christian C,Idit K,Alexander S.Trusting the cloud[J].Acm Sigact News,2009,40(2):81-86
[3] Goyal V,Pandey O,Sahai A,et al.Attribute-based encryptionfor fine-grained access control of encrypted data[C]∥Procee-dings of the 13th ACM Conference on Computer and Communications Security.New York:ACM,2006:89-98
[4] Bethencourt J,Sahai A,Waters B.Ciphertext-policy attribute-based encryption[C]∥IEEE Symposium on Security and Privacy.California,2007:321-334
[5] Pirretti M,Traynor P,McDaniel P,et al.Secure attribute-based systems[C]∥Proceedings of the 13th ACM conference on Computer and communications security.New York:ACM,2006:99-112
[6] Wang Peng-pian,Feng Deng-guo,Zhang Li-wu.CP-ABE Scheme Supporting Fully Fine-Grained Attribute Revocation[J].Journal of Software, 2012,23(10):2805-2816(in Chinese) 王鹏翩,冯登国,张立武.一种支持完全细粒度属性撤销的 CP-ABE方案[J].软件学报,2012,23(10):2805-2816
[7] Li Ming,Yu Shu-cheng,Zheng Yao.Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption[J].Parallel and Distributed Systems,2013,4(1):131-143
[8] Brent W.Public Key Cryptography-PKC 2011[M].Berlin:Springer,2011:53-70
[9] 马恒太,李鹏飞,颜学雄,等.Web服务安全[M].北京:电子工业出版社,2007:280-319
[10] Niu De-hua,Ma Jian-feng,Ma Zhuo,et al.Enhanced cloud sto-rage access control scheme based on arrtibute[J].Journal on Communications, 2013,4(Z1):276-284(in Chinese) 牛德华,马建峰,马卓,等.基于属性的安全增强云存储访问控制方案[J].通信学报,2013,4(Z1):276-284
[11] Sun’s XACML Implementation[EB/OL].
[12] Advanced Crypto Software Collection[EB/OL].
[13] Chen Yan-li,Song Ling-ling,Yang Geng.Efficient Aceess Control Scheme Combining CP-ABE and SD in Cloud Computing[J].Computer Science,2014,1(9):152-157,8(in Chinese) 陈燕俐,宋玲玲,杨庚.基于CP-ABE和SD的高效云计算访问控制方案[J].计算机科学,2014,1(9):152-157,8

No related articles found!
Full text



No Suggested Reading articles found!