检索结果-内蒙古大学图书馆

Large Universe CCA2 CP-ABE With Equality and Validity Test in the Standard Model

COMPUTER JOURNAL 2021年第4期64卷 509-533页

作者： Li, Cong Shen, Qingni Xie, Zhikang Feng, Xinyu Fang, Yuejian Wu, Zhonghai Peking Univ Sch Software & Microelect Beijing 102600 Peoples R China Peking Univ Natl Engn Res Ctr Software Engn Beijing 100871 Peoples R China

attribute-based encryption with equality test (ABEET) simultaneously supports fine-grained access control on the encrypted data and plaintext message equality comparison without decrypting the ciphertexts. Recently, there have been several literatures about ABEET proposed. Nevertheless, most of them explore the ABEET schemes in the random oracle model, which has been pointed out to have many defects in practicality. The only existing ABEET scheme in the standard model, proposed by Wang et al., merely achieves the indistinguishable against chosen-plaintext attack security. Considering the aforementioned problems, in this paper, we propose the first direct adaptive chosen-ciphertext security ciphertext-policy ABEET scheme in the standard model. Our method only adopts a chameleon hash function and adds one dummy attribute to the access structure. Compared with the previous works, our scheme achieves the security improvement, ciphertext validity check and large universe. Besides, we further optimize our scheme to support the outsourced decryption. Finally, we first give the detailed theoretical analysis of our constructions in computation and storage costs, then we implement our constructions and carry out a series of experiments. Both results indicate that our constructions are more efficient in Setup and Trapdoor and have the shorter public parameters than the existing ABEET ones do.

关键词： ciphertext-policy attribute-based encryption equality test the standard model adaptive chosen-ciphertext security

来源：评论

学校读者我要写书评

暂无评论

An enhanced traceable CP-ABE scheme against various types of privilege leakage in cloud storage

引用

JOURNAL OF SYSTEMS ARCHITECTURE 2023年第1期136卷

作者： He, Xu Li, Lixiang Peng, Haipeng Beijing Univ Posts & Telecommun Informat Secur Ctr State Key Lab Networking & Switching Technol Beijing 100876 Peoples R China Beijing Univ Posts & Telecommun Natl Engn Lab Disaster Backup & Recovery Beijing 100876 Peoples R China

Cloud storage can save not only local storage costs but also provide data-sharing services. ciphertext-policy attribute-based encryption (CP-ABE) can work as the underlying engine for cloud storage since it supports one -to-many encryption and fine-grained access control. To prevent users from disclosing their access permissions, we can apply traceable CP-ABE systems. There are two kinds of traceability: white-box traceability and black-box traceability. White-box traceability is simple and efficient, but it cannot support black-box tracing;black-box traceability supports white-box tracing, but its operations are usually cumbersome. So, these two kinds of traceability are unable (or unsuitable) to solve each other's problems. However, in cloud storage applications, users may leak their privileges in various ways, which means the underlying CP-ABE system should have multiple traceability. Unfortunately, the current traceable CP-ABE schemes only support single traceability. Therefore, we propose a novel CP-ABE scheme with enhanced traceability. It intertwines white -box and black-box traceability together securely and efficiently, which makes it more targeted and simpler to solve distinct tracing problems than previous schemes. Moreover, the proposed scheme has scalability, flexible policy expressiveness, and certain advantages in computing performance.

关键词： Cloud storage Privilege leakage ciphertext-policy attribute-based encryption Black-box traceability White-box traceability

来源：评论

学校读者我要写书评

暂无评论

Poly-ABE: A traceable and revocable fully hidden policy CP-ABE scheme for integrated demand response in multi-energy systems

引用

JOURNAL OF SYSTEMS ARCHITECTURE 2023年 143卷

作者： Xue, Jingting Shi, Lingjie Zhang, Wenzheng Li, Wenyi Zhang, Xiaojun Zhou, Yu Southwest Petr Univ Sch Comp Sci Res Ctr Cyber Secur Chengdu 610500 Peoples R China 30th Res Inst China Elect Sci & Technol Grp Corp Key Lab Confidential Commun Chengdu 610041 Peoples R China

Demand response is a crucial measure in multi-energy systems (MESs) that encourages energy service providers (ESPs) to engage with energy users (EUs). In the energy internet, EUs can match their energy source requirements through integrated demand response (IDR). However, such permissionless retrieval of energy data compromises the privacy of ESPs and exposes the energy consumption data of EUs. To address this, we propose a traceable, revocable fully hidden policy CP-ABE scheme called Poly-ABE for a data-driven IDR model in MESs, which allows registered EUs to request data and ESPs to authorize data decryption. Poly-ABE features fine-grained access policies using a matrix, coupled with hidden vector encryption to fully hide the policies. Matrix policies offer flexible and complex authorization rules with lower cost. Moreover, Poly-ABE constructs a decryption permission binary tree (DPBT) to identify the attribute permissions of EUs. If malicious behavior is detected, the DPBT is used to determine a minimum set of tree nodes to pinpoint malicious nodes. We rigorously demonstrate that Poly-ABE is selectively secure against selective access policy and chosen plaintext attacks. The experimental results substantiate the feasibility of Poly-ABE, highlighting its pre-authentication, traceability, revocation, and update capabilities.

关键词： ciphertext-policy attribute-based encryption (CP-ABE) Fully hidden policy Decryption permission revocation Multi-energy system Data-driven IDR

来源：评论

学校读者我要写书评

暂无评论

A fully distributed hierarchical attribute-based encryption scheme

引用

THEORETICAL COMPUTER SCIENCE 2020年 815卷 25-46页

作者： Ali, Mohammad Mohajeri, Javad Sadeghi, Mohammad-Reza Liu, Ximeng Amirkabir Univ Technol Dept Math & Comp Sci Tehran Iran Sharif Univ Technol Elect Res Inst Tehran Iran Fuzhou Univ Coll Math & Comp Sci Fuzhou 350108 Peoples R China Singapore Management Univ Sch Informat Syst Singapore 178902 Singapore

With the development of cloud computing, many enterprises have been interested in outsourcing their data to cloud servers to decrease IT costs and rise capabilities of provided services. To afford confidentiality and fine-grained data access control, attribute-based encryption (ABE) was proposed and used in several cloud storage systems. However, scalability and flexibility in key delegation and user revocation mechanisms are primary issues in ABE systems. In this paper, we introduce the concept of a fully distributed revocable ciphertext-policy hierarchical ABE (FDR-CP-HABE) and design the first FDR-CP-HABE scheme. Our scheme offers a high level of flexibility and scalability in the key delegation and user revocation phases. Moreover, our scheme is efficient and provides lightweight computation in the decryption phase. Indeed, by exploiting a computation outsourcing technique, most of the operations are executed by the powerful cloud server, and very few computations are left to the users. Also, the storage cost on the user side is significantly decreased as compared to similar schemes. Furthermore, using the hardness assumption of DBDH problem, we prove that our scheme is adaptively secure in the standard model. Our security analyses and implementation results indicate that our scheme is efficient, secure, and scalable. (C) 2020 Elsevier B.V. All rights reserved.

关键词： Cloud computing Hierarchical attribute-based encryption ciphertext-policy attribute-based encryption Access control

来源：评论

学校读者我要写书评

暂无评论

attribute-based Keyword Search over Hierarchical Data in Cloud Computing

引用

IEEE TRANSACTIONS ON SERVICES COMPUTING 2020年第6期13卷 985-998页

作者： Miao, Yinbin Ma, Jianfeng Liu, Ximeng Li, Xinghua Jiang, Qi Zhang, Junwei Xidian Univ Dept Cyber Engn Xian 710071 Peoples R China Singapore Management Univ Dept Informat Syst 80 Stamford Rd Singapore 188065 Singapore

Searchable encryption (SE) has been a promising technology which allows users to perform search queries over encrypted data. However, the most of existing SE schemes cannot deal with the shared records that have hierarchical structures. In this paper, we devise a basic cryptographic primitive called as attribute-based keyword search over hierarchical data (ABKS-HD) scheme by using the ciphertext-policy attribute-based encryption (CP-ABE) technique, but this basic scheme cannot satisfy all the desirable requirements of cloud systems. The facts that the single keyword search will yield many irrelevant search results and the revoked users can access the unauthorized data with the old or outdated secret keys make this basic scheme not scale well in practice. To this end, we also propose two improved schemes (ABKS-HD-I, ABKS-HD-II) for the sake of supporting multi-keyword search and user revocation, respectively. In contrast with the state-of-the-art attribute-based keyword search (ABKS) schemes, the computation overhead of our schemes almost linearly increases with the number of users' attributes rather than the number of attributes in systems. Formal security analysis proves that our schemes are secure against both chosen-plaintext attack (CPA) and chosen-keyword attack (CKA) in the random oracle model. Furthermore, empirical study using a real-world dataset shows that our schemes are feasible and efficient in practical applications.

关键词： Cloud computing Keyword search Logic gates encryption Servers Searchable encryption hierarchical structures ciphertext-policy attribute-based encryption chosen-plaintext attack chosen-keyword attack

来源：评论

学校读者我要写书评

暂无评论

attribute-based Weighted Keyword Search Scheme Supporting Multi-Search Mechanism in Fog Computing 7

Attribute-Based Weighted Keyword Search Scheme Supporting Mu...

引用

7th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud) / 6th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom)

作者： Wang, Shulan Li, Yuan Wang, Haiyan Zhang, Xi Chen, Jianyong Shenzhen Univ Coll Comp Sci & Software Engn Shenzhen Peoples R China Shenzhen Technol Univ Coll Big Data & Internet Shenzhen Peoples R China Peng Cheng Lab Cyberspace Secur Res Ctr Shenzhen Peoples R China

ISBN: (纸本)9781728165509

With the popularity of intelligent terminal, fog computing as a new generation of internet technology can integrate the computing power of terminals and improve the effective utilization of social resources. At the same time, more and more data owners store ciphertext in the network. Hence, the advent of searchable encryption (SE) scheme enables searchers to search ciphertext without downloading all of it. However, the existing SE scheme cannot identify the matching degree of keywords and ciphertext. Besides, these schemes can only provide one or two search mechanism. In this paper, we propose a ciphertext-policy attribute-based weighted keyword searchable encryption scheme (ABWKS-MSM) in fog computing in order to solve the matching degree issue and provide multi-search mechanism, so that it becomes more friendly to fog computing applications. Furthermore, the proposed weighted keyword model can reduce the computational and storage cost. Finally, the performance analysis is also given, which proves that our scheme is efficient and feasible in fog computing.

关键词： Data security Searchable encryption Multi-search mechanism ciphertext-policy attribute-based encryption Fog computing

来源：评论

学校读者我要写书评

暂无评论

TATIS: Trustworthy APIs for Threat Intelligence Sharing with UMA and CP-ABE 12th

TATIS: Trustworthy APIs for Threat Intelligence Sharing with...

引用

12th International Symposium on Foundations and Practice of Security (FPS)

作者： Preuveneers, Davy Joosen, Wouter Katholieke Univ Leuven Imec DistriNet Celestijnenlaan 200A B-3001 Heverlee Belgium

ISBN: (纸本)9783030453718;9783030453701

Threat intelligence platforms offer cyber emergency teams and security stakeholders access to sightings of cyberthreats and indicators of compromise. Given the sensitivity of the information, access may be restricted to certain members within an organization, offered to the general public, or anything in between. Service providers that host such platforms typically expose APIs for threat event producers and consumers, and to enable interoperability with other threat intelligence platforms. Not only is API security a growing concern, the implied trust by threat event producers and consumers in the platform provider remains a non-trivial challenge. This paper addresses these challenges by offering protection against honest but curious platform providers, and putting the access control back into the hands of the owner or producer of the threat events. We present TATIS, a solution for fine-grained access control to protect threat intelligence APIs using User Managed Access (UMA) and ciphertext-policy attribute-based encryption (CP-ABE). We test the feasibility of our solution using the Malware Information Sharing Platform (MISP). We validate our contribution from a security and privacy point of view. Experimental evaluation on a real-world OSINT threat intelligence dataset illustrates our solution imposes an acceptable performance overhead on the latency of API requests.

关键词： Threat intelligence API security User Managed Access ciphertext-policy attribute-based encryption

来源：评论

学校读者我要写书评

暂无评论

CP-ABE Scheme Satisfying Constant-size Keys based on ECC 17

CP-ABE Scheme Satisfying Constant-size Keys based on ECC

引用

17th International Joint Conference on E-Business and Telecommunications (SECRYPT)

作者： Raj, Nishant Pais, Alwyn Roshan Natl Inst Technol Karnataka Dept Comp Sci & Engn Surathkal Karnataka India

ISBN: (纸本)9789897584466

Cloud-based applications, especially on IoT devices, is one of the desired fields to apply ciphertext-policy attribute-based encryption (CP-ABE). Most of the IoT devices are with the low-end configuration;hence, they need better time and computation efficient algorithms. There are existing algorithms, but none of the systems are based on conventional cryptosystems as well as secure at the same time. Here, we propose a CP-ABE scheme based on the elliptic curve cryptosystem with a constant-size secret key, which is capable of addressing the collusion attack security issue.

关键词： ciphertext-policy attribute-based encryption Elliptic Curve based Cryptography Cloud Computing Security Constant-size Secret Key

来源：评论

学校读者我要写书评

暂无评论

ACS-HCA:An Access Control Scheme Under Hierarchical Cryptography Architecture

引用

Chinese Journal of Electronics 2019年第1期28卷 52-61页

作者： SHI Jiaoli HUANG Chuanhe HE Kai SHEN Xieyang State Key Lab of Software Engineering Computer SchoolWuhan University Collaborative Innovation Center of Geospatial Technology Jiujiang University Wuhan Textile University

Binding access policies to data,ciphertext-policy attribute-based encryption(CP-ABE)enables data access control to be independent from a certain application and lets users face data directly. It is regarded as one of the most suitable access control methods in cloud storage system and gets the attention of extensive researches. In those researches, Hierarchical cryptography architecture(HCA) is often applied to improve the efficiency of the system. There exist two open issues: illegal leakage of symmetric keys and low efficiency of revocation of an attribute of a user. We propose an Access control scheme under Hierarchical cryptography architecture(ACS-HCA). In this scheme,key derivation mechanism and forward derivation function are used to avoid the leakage of symmetric keys, All-orNothing transform is used to prevent the illegal reuse of symmetric keys, and attribute revocation is realized without re-issuing other users’ private keys. Analyses and simulations demonstrate that our scheme sustains less encrypting cost on each owner and less decrypting cost on each user, but gain high efficiency in revocation of an attribute of a user.

关键词： Cloud storage Access control ciphertext-policy attribute-based encryption Hierarchical cryptography architecture attribute revocation

来源：评论

学校读者我要写书评

暂无评论

AC-AC: Dynamic revocable access control for acute care teams to access medical records

引用

Smart Health 2021年 20卷

作者： T. de Oliveira, Marcela Dang, Hai-Van A. Reis, Lúcio H. Marquering, Henk A. D. Olabarriaga, Sílvia Amsterdam University Medical Centers – University of Amsterdam Amsterdam Netherlands University of Westminster London United Kingdom

Acute care demands the collaboration of multiple healthcare professionals and various organisations. During an emergency, the availability of Electronic Medical Records (EMR) allows acute care teams to access a patient's data promptly, which facilitates the decision-making process. Cloud solutions offer an environment to store and share patients' EMR. However, security and privacy issues arise, which affect the availability of the patients' EMR. Inspired by a hybrid encryption scheme combining Dynamic index-based Symmetric Searchable encryption (DSSE) and attribute-based encryption (ABE), we proposed the data Access Control for Acute Care teams (AC-AC). AC-AC is a dynamic revocable access control protocol that enables break-glass access for an authorised member of an acute care team that is treating the patient. The proposed protocol allows a team to grant and revoke access for other teams to the patient's EMR dynamically according to the treatment's demands. We present a formal security analysis proving that AC-AC protocol is resilient to multiple attacks. Finally, we analysed the overhead in time complexity for the protocol execution and experimented with each algorithm. The experimental expected execution time for the AC-AC algorithms was below 170 ms, therefore feasible for an acute care timeline. © 2021 The Authors

关键词： Break-glass access ciphertext-policy attribute-based encryption Electronic medical records Emergency care Searchable symmetric encryption

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：