检索结果-内蒙古大学图书馆

A secure and efficient ciphertext-policy attribute-based Proxy Re-encryption for cloud data sharing

FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE 2015年 52卷 95-108页

作者： Liang, Kaitai Au, Man Ho Liu, Joseph K. Susilo, Willy Wong, Duncan S. Yang, Guomin Yu, Yong Yang, Anjia City Univ Hong Kong Dept Comp Sci Hong Kong Hong Kong Peoples R China Hong Kong Polytech Univ Dept Comp Hong Kong Hong Kong Peoples R China ASTAR Inst Infocomm Res Singapore Singapore Univ Wollongong Sch Comp Sci & Software Engn Ctr Comp & Informat Secur Res Wollongong NSW 2522 Australia

Proxy Re-encryption (PRE) is a useful cryptographic primitive that allows a data owner to delegate the access rights of the encrypted data stored on a cloud storage system to others without leaking the information of the data to the honest-but-curious cloud server. It provides effectiveness for data sharing as the data owner even using limited resource devices (e.g. mobile devices) can offload most of the computational operations to the cloud. Since its introduction many variants of PRE have been proposed. A ciphertext-policy attribute-based Proxy Re-encryption (CP-ABPRE), which is regarded as a general notion for PRE, employs the PRE technology in the attribute-based encryption cryptographic setting such that the proxy is allowed to convert an encryption under an access policy to another encryption under a new access policy. CP-ABPRE is applicable to many network applications, such as network data sharing. The existing CP-ABPRE systems, however, leave how to achieve adaptive CCA security as an interesting open problem. This paper, for the first time, proposes a new CP-ABPRE to tackle the problem by integrating the dual system encryption technology with selective proof technique. Although the new scheme supporting any monotonic access structures is built in the composite order bilinear group, it is proven adaptively CCA secure in the standard model without jeopardizing the expressiveness of access policy. We further make an improvement for the scheme to achieve more efficiency in the re-encryption key generation and re-encryption phases. (C) 2014 Elsevier B.V. All rights reserved.

关键词： ciphertext-policy attribute-based encryption ciphertext-policy attribute-based proxy re-encryption Adaptive chosen-ciphertext security

来源：评论

学校读者我要写书评

暂无评论

A Blockchain-based Access Control System for Cloud Storage

A Blockchain-Based Access Control System for Cloud Storage

引用

IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (ElConRus)

作者： Sukhodolskiy, Ilya Zapechnikov, Sergey Natl Res Nucl Univ MEPhI Dept Cryptol & Cybersecur Moscow Engn Phys Inst Moscow Russia

ISBN: (纸本)9781538643402

In this paper, we present a prototype of multi-user system for access control to datasets stored in an untrusted cloud environment. Cloud storage like any other untrusted environment needs the ability to secure share information. Our approach provides an access control over the data stored in the cloud without the provider participation. The main tool of access control mechanism is ciphertext-policy attribute-based encryption scheme with dynamic attributes. Using a blockchain-based decentralized ledger, our system provides immutable log of all meaningful security events, such as key generation, access policy assignment, change or revocation, access request. We propose a set of cryptographic protocols ensuring privacy of cryptographic operations requiring secret or private keys. Only ciphertexts of hash codes are transferred through the blockchain ledger. The prototype of our system is implemented using smart contracts and tested on Ethereum blockchain platform.

关键词： cloud storage attribute-based access control ciphertext-policy attribute-based encryption blockchain

来源：评论

学校读者我要写书评

暂无评论

Two-layer ciphertext-policy attribute-based Proxy Re-encryption for Supporting PHR Delegation 19

Two-layer Ciphertext-Policy Attribute-Based Proxy Re-encrypt...

引用

International Computer Science and Engineering Conference (ICSEC)

作者： Wungpornpaiboon, G. Vasupongayya, S. Prince Songkla Univ Fac Engn Dept Comp Engn Hat Yai 90112 Songkhla Thailand

ISBN: (纸本)9781467378253

Medical treatment sometimes requires a case forwarding to a doctor who has a specific expertise. Typically, an electronic medical record (EMS) of a patient can be passed to another doctor without asking the patient because EMS belongs to the healthcare organization. Personal health record (PHR), however, is different because PHR is owned by an individual (e.g., patient) and all accesses to the PHR is controlled by its owner. This work proposes a two-layer ciphertext-policy attribute-based proxy re-encryption scheme (2-layer CP-ABPRE) for the PHR delegation process. The inner layer policy belongs to the PHR owner while the outer layer policy belongs to the doctors or experts that might want to delegate the PHR to other doctors or experts. This way, the PHR can be delegated to others while the PHR owner still has the control on his/her data. The evaluation results on the size of the resulting ciphertext PHR produced by the proposed method, are shown. The security issues of the proposed method are also discussed.

关键词： delegation access control personal health record ciphertext-policy attribute-based encryption proxy re-encryption

来源：评论

学校读者我要写书评

暂无评论

Multi-keyword Ranked Searchable encryption Supporting CP-ABE Test

Multi-keyword Ranked Searchable Encryption Supporting CP-ABE...

引用

IEEE International Conference on Computing, Communications and IoT Applications

作者： Chuxin Wu Hongwei Liu Peng Zhang Yuhong Liu ATR Key Laboratory of National Defense Technology College of Electronics and Information Engineering Shenzhen University Shenzhen Technology University Department of Computer Engineering Santa Clara University

ISBN: (数字)9781728119731

ISBN: (纸本)9781728119748

Internet of Things (IoT) and cloud computing are promising technologies that change the way people communicate and live. As the data collected through IoT devices often involve users' private information and the cloud is not completely trusted, users' private data are usually encrypted before being uploaded to cloud for security purposes. Searchable encryption, allowing users to search over the encrypted data, extends data flexibility on the premise of security. In this paper, to achieve the accurate and efficient ciphertext searching, we present an efficient multi-keyword ranked searchable encryption scheme supporting ciphertext-policy attribute-based encryption (CP-ABE) test (MRSET). For efficiency, numeric hierarchy supporting ranked search is introduced to reduce the dimensions of vectors and matrices. For practicality, CP-ABE is improved to support access right test, so that only documents that the user can decrypt are returned. The security analysis shows that our proposed scheme is secure, and the experimental result demonstrates that our scheme is efficient.

关键词： Searchable encryption Multi-keyword search Ranked search ciphertext-policy attribute-based encryption cryptography Clouds Consumers Cloud Computing PREMISES access privileges Security Scheme

来源：评论

学校读者我要写书评

暂无评论

Multi-authority attribute-based encryption scheme with constant-size ciphertexts and user revocation

引用

CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE 2019年第21期31卷

作者： Zhang, Xiao Wu, Faguo Yao, Wang Wang, Zhao Wang, Wenhua Beihang Univ Sch Math & Syst Sci Beijing 100191 Peoples R China Beihang Univ Ecole Cent Pekin Sino French Engineer Sch Beijing Peoples R China Minist Educ Key Lab Math Informat & Behav Semant Beijing Peoples R China Beihang Univ Beijing Adv Innovat Ctr Big Data & Brain Comp Beijing Peoples R China AVIC Econ & Technol Res Estab Beijing Peoples R China

ciphertext-policy attribute-based encryption (CP-ABE) is regarded as one of the most suitable technologies for data access control in cloud storage system. It gives data owners direct and flexible control on access policies. However, there still exists practicality concerns in CP-ABE applications, for example, the key escrow problem, user revocability, and large ciphertext size. Considering these problems, we propose a multi-authority attribute-based encryption scheme with constant-size ciphertexts and user revocation for threshold access policy in this paper. The security proof shows that the proposed scheme is selectively secure under the augmented multi-sequence of exponents decisional Diffie-Hellman assumption, and it also achieves forward security, backward security, and collusion-resistance.

关键词： ciphertext-policy attribute-based encryption multi-authority attribute-based encryption threshold access policy user revocation

来源：评论

学校读者我要写书评

暂无评论

Achieving Flexible and Self-Contained Data Protection in Cloud Computing

引用

IEEE ACCESS 2017年 5卷 1510-1523页

作者： Lang, Bo Wang, Jinmiao Liu, Yanxi Beihang Univ State Key Lab Software Dev Environm Beijing 100191 Peoples R China

For enterprise systems running on public clouds in which the servers are outside the control domain of the enterprise, access control that was traditionally executed by reference monitors deployed on the system servers can no longer be trusted. Hence, a self-contained security scheme is regarded as an effective way for protecting outsourced data. However, building such a scheme that can implement the access control policy of the enterprise has become an important challenge. In this paper, we propose a self-contained data protection mechanism called RBAC-CPABE by integrating role-based access control (RBAC), which is widely employed in enterprise systems, with the ciphertext-policy attribute-based encryption (CP-ABE). First, we present a data-centric RBAC (DC-RBAC) model that supports the specification of fine-grained access policy for each data object to enhance RBAC's access control capabilities. Then, we fuse DC-RBAC and CP-ABE by expressing DC-RBAC policies with the CP-ABE access tree and encrypt data using CP-ABE. Because CP-ABE enforces both access control and decryption, access authorization can be achieved by the data itself. A security analysis and experimental results indicate that RBAC-CPABE maintains the security and efficiency properties of the CP-ABE scheme on which it is based, but substantially improves the access control capability. Finally, we present an implemented framework for RBAC-CPABE to protect privacy and enforce access control for data stored in the cloud.

关键词： Role-based access control ciphertext-policy attribute-based encryption self-contained data protection cloud computing

来源：评论

学校读者我要写书评

暂无评论

Pairing-based CP-ABE with constant-size ciphertexts and secret keys for cloud environment

引用

COMPUTER STANDARDS & INTERFACES 2017年第Part1期54卷 3-9页

作者： Odelu, Vanga Das, Ashok Kumar Rao, Y. Sreenivasa Kumari, Saru Khan, Muhammad Khurram Choo, Kim-Kwang Raymond Indian Inst Technol Dept Math Kharagpur 721302 W Bengal India Int Inst Informat Technol Ctr Secur Theory & Algorithm Res Hyderabad 500032 Andhra Pradesh India Ch Charan Singh Univ Dept Math Meerut 250005 Uttar Pradesh India King Saud Univ Ctr Excellence Informat Assurance Riyadh 11451 Saudi Arabia China Univ Geosci Sch Comp Sci Wuhan 430074 Peoples R China Univ South Australia Sch Informat Technol & Math Sci Adelaide SA 5001 Australia Univ Texas San Antonio Dept Informat Syst & Cyber Secur San Antonio TX 78249 USA

ciphertext-policy attribute-based encryption (CP-ABE) scheme can be deployed in a mobile cloud environment to ensure that data outsourced to the cloud will be protected from unauthorized access. Since mobile devices are generally resource-constrained, CP-ABE schemes designed for a mobile cloud deployment should have constant sizes for secret keys and ciphertexts. However, most existing CP-ABE schemes do not provide both constant size ciphertexts and secret keys. Thus, in this paper, we propose a new pairing-based CP-ABE scheme, which offers both constant size ciphertexts and secret keys (CSCTSK) with an expressive AND gate access structure. We then show that the proposed CP-ABE-CSCTSK scheme is secure against chosen-ciphertext adversary in the selective security model, and present a comparative summary to demonstrate the utility of the scheme. (C) 2017 Elsevier B.V. All rights reserved.

关键词： ciphertext-policy attribute-based encryption Constant-size secret keys Constant-size ciphertexts Lightweight mobile devices Mobile cloud computing

来源：评论

学校读者我要写书评

暂无评论

Expressive CP-ABE Scheme for Mobile Devices in loT Satisfying Constant-Size Keys and ciphertexts

引用

IEEE ACCESS 2017年 5卷 3273-3283页

作者： Odelu, Vanga Das, Ashok Kumar Khan, Muhammad Khurram Choo, Kim-Kwang Raymond Jo, Minho Indian Inst Informat Technol Dept Comp Convergence Software Sricity 517588 India Int Inst Informat Technol Ctr Secur Theory & Algorithm Res Hyderabad 500032 Andhra Pradesh India King Saud Univ Ctr Excellence Informat Assurance Riyadh 12372 Saudi Arabia Univ Texas San Antonio Dept Informat Syst & Cyber Secur San Antonio TX 78249 USA Korea Univ Dept Comp Convergence Software Sejong Metropolitan City 30019 South Korea

Designing lightweight security protocols for cloud-based Internet-of-Things (IoT) applications for battery-limited mobile devices, such as smart phones and laptops, is a topic of recent focus. ciphertext-policy attribute-based encryption (CP-ABE) is a viable solution, particularly for cloud deployment, as an encryptor can "write" the access policy so that only authorized users can decrypt and have access to the data. However, most existing CP-ABE schemes are based on the costly bilinear maps, and require long decryption keys, ciphertexts and incur significant computation costs in the encryption and decryption (e.g. costs is at least linear to the number of attributes involved in the access policy). These design drawbacks prevent the deployment of CP-ABE schemes on battery-limited mobile devices. In this paper, we propose a new RSA-based CP-ABE scheme with constant size secret keys and ciphertexts (CSKC) and has O(1) time complexity for each decryption and encryption. Our scheme is then shown to be secure against a chosen-ciphertext adversary, as well as been an efficient solution with the expressive AND gate access structures (in comparison to other related existing schemes). Thus, the proposed scheme is suitable for deployment on battery-limited mobile devices.

关键词： Mobile devices cloud computing ciphertext-policy attribute-based encryption constant-size secret key constant-size ciphertext RSA-based cryptography

来源：评论

学校读者我要写书评

暂无评论

An Efficient Framework for Verifiable Access Control based Dynamic Data Updates in Public Cloud 13th

An Efficient Framework for Verifiable Access Control Based D...

引用

13th International Conference on Distributed Computing and Internet Technology (ICDCIT)

作者： Sabitha, S. Rajasree, M. S. Engn Coll Trivandrum Kerala India IIITM K Trivandrum Kerala India

ISBN: (纸本)9783319504728;9783319504711

attribute-based encryption enables the users to get the data only if attributes of the users are satisfied with the access policy embedded in the ciphertext. Whenever it is used in a collaborative environment, user's claim policy has to be verified before permitting them to update the data. In the existing system, it is verified by the computationally expensive attribute-based signature. We are proposing an efficient method to compute the signature of the encrypted message and claim policy, which enables claim policy verification and thereby allow the users to modify the data. In this system, public cloud server (PCS) permits the users to modify the outsourced data in the cloud after verifying the user's claim policy signature. It does not disclose the claim policy to the cloud service provider, PCS, and unauthorized users. Data owner is able to verify the integrity of the outsourced data set to ensure that the data is always intact with him. He can also validate the updated data by incorporating the signature. The proposed scheme is privacy preserving and avoids insider attack.

关键词： Cloud computing ciphertext-policy attribute-based encryption Remote data integrity Verification Authenticity

来源：评论

学校读者我要写书评

暂无评论

attribute-based encryption scheme supporting decryption outsourcing and attribute revocation in cloud storage 20

Attribute-based encryption scheme supporting decryption outs...

引用

20th IEEE International Conference on Computational Science and Engineering (CSE) / 15th IEEE/IFIP International Conference on Embedded and Ubiquitous Computing (EUC)

作者： Liu, Hongwei Zhu, Ping Chen, Zehong Zhang, Peng Jiang, Zoe L. Shenzhen Univ Coll Informat Engn Shenzhen Peoples R China Shenzhen Univ Coll Informat Engn ATR Key Lab Natl Def Technol Shenzhen Peoples R China Harbin Insititute Technol Shenzhen Grad Sch Shenzhen Peoples R China Guangdong Prov Key Lab High Performance Comp Guangzhou Guangdong Peoples R China

ISBN: (纸本)9781538632215

Aiming to reduce the user's computational overhead and tackle the attribute revocation issue, an attribute-based encryption scheme supporting decryption outsourcing and attribute revocation is proposed in this paper. The proposed scheme outsources some decryption computational tasks to a cloud server such that the computational overhead on the user is simple and constant. We also propose an efficient attribute revocation method which concentrates on the update of the ciphertexts and users' secret keys associated with the corresponding revoked attributes. Moreover, the security analysis indicates that the proposed scheme can resist collusion attacks, and ensure forward and backward secrecy. Experiment results show that our scheme is more efficient compared with other scheme in the literature.

关键词： Cloud storage ciphertext-policy attribute-based encryption outsourced decryption attribute revocation

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：