Proxy-assisted access control scheme of cloud data for smart cities

Personal Technologies - Tập 21 - Trang 937-947 - 2017
Kai Fan1, Junxiong Wang1, Xin Wang1, Yintang Yang2
1State Key Laboratory of Integrated Service Networks, Xidian University, Xi’an, China
2Key Laboratory of Ministry of Education for Wide Band-Gap Semicon, Materials and Devices, Xidian University, Xi’an, China

Tóm tắt

Security and privacy for smart cities have attached much attention. As cloud computing can provide secure and reliable data storage and data sharing, it has become an important infrastructure for smart cities. However, in the cloud storage system, the cloud server cannot be fully trusted. Therefore, new solutions of access control of cloud data need to be proposed. In this paper, we construct a proxy-assisted access control scheme. We use the method of ciphertext policy attribute-based encryption (CP-ABE) to realize access control of cloud data for smart cities. Since major computation of decryption is outsourced to the cloud server, our scheme can achieve efficient user decryption. We also present an efficient user and attribute revocation method for our scheme which achieves both forward security and backward security. Finally, we give secure and performance analysis of our scheme, which show that our scheme is secure and highly efficient.

Tài liệu tham khảo

Naphade M, Banavar G, Harrison C et al (2011) Smarter cities and their innovation challenges. Computer 44(6):32–39 Mell P, Grance T (2009) The NIST definition of cloud computing. Natl Inst Standards Technol 53(6):50 Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. IEEE Symposium on Security and Privacy (SP 2007): 321–334 Ostrovsky R, Sahai A, Waters B (2007) Attribute-based encryption with non-monotonic access structures. Proc CCS 2007:195–203 Rafaeli S, Hutchison D (2003) A survey of key management for secure group communication. ACM Comput Surv (CSUR) 35(3):309–329 Boyen X, Waters B (2007) Full-domain subgroup hiding and constant-size group signatures. Proc PKC 2007:1–15 Attrapadung N, Imai H (2009) Conjunctive broadcast and attribute-based encryption. International Conference on Pairing-Based Cryptography: 248-265 Attrapadung N, Imai H (2009) Attribute-based encryption supporting direct/indirect revocation modes. IMA International Conference on Cryptography and Coding: 278-300 Liang X, Lu R, Lin X, Shen X (2010) Ciphertext policy attribute-based encryption with efficient revocation. IEEE Symp Secur Priv 2008:321–334 Li M, Huang X, Liu J K et al (2014) GO-ABE: group-oriented attribute-based encryption. International Conference on Network and System Security: 260-270. Pirretti M, Traynor P, McDaniel P, Waters B (2010) Secure attribute-based systems. J Comput Secur 18(5):799–837 Ibraimi L, Petkovic M, Nikova S et al (2009) Mediated Ciphertext-policy attribute-based encryption and its application. Information Security Applications: 309–323 Yu S, Wang C, Ren K, et al (2010) Attribute based data sharing with attribute revocation. Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security: 261-270 Hur J, Noh D (2010) Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans Parallel Distrib Syst 22(7):1214–1221 Xie X, Ma H, Li J et al (2013) New ciphertext-policy attribute-based access control with efficient revocation. Information and Communication Technology-EurAsia Conference: 373-382 Liang K, Au M H, Susilo W et al (2014) An adaptively CCA-secure ciphertext-policy attribute-based proxy re-encryption for cloud data sharing. International Conference on Information Security Practice and Experience: 448-461 Liang K, Liu J K, Wong D S et al (2014) An efficient cloud-based revocable identity-based proxy re-encryption scheme for public clouds data sharing. European Symposium on Research in Computer Security. Springer International Publishing: 257-272 Liang K, Au MH, Liu JK et al (2014) A DFA-based functional proxy re-encryption scheme for secure public cloud data sharing. IEEE Trans Inf Forensics Secur 9(10):1667–1680 Yang Y, Liu J K, Liang K et al (2015) Extended proxy-assisted approach: achieving revocable fine-grained encryption of cloud data. European Symposium on Research in Computer Security (ESORICS (2)): 146-166 Liang K, Susilo W, Liu JK et al (2015) Efficient and fully CCA secure conditional proxy re-encryption from hierarchical identity-based encryption. Comput J 58(10):2778–2792 Liang K, Au MH, Liu JK et al (2015) A secure and efficient ciphertext-policy attribute-based proxy re-encryption for cloud data sharing. Futur Gener Comput Syst 52:95–108 He K, Weng J, Deng RH et al (2016) On the security of two identity-based conditional proxy re-encryption schemes. Theor Comput Sci 652:18–27 Beimel A (1996) Secure schemes for secret sharing and key distribution. Technion-Israel Inst Technol Fac Comput Sci Waters B (2011) Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. International Workshop on Public Key Cryptography: 53-70 Lewko A, Waters B (2011) Decentralizing attribute-based encryption. Proc Adv Cryptology–EUROCRYPT 2011:568–588 Chase M (2007) Multi-authority attribute based encryption. Proceedings of Theory of Cryptography: 515-534 Ruj S, Nayak A, Stojmenovic I (2011) DACC: distributed access control in clouds. Proc Trust Com 2011:91–98 Akinyele J, Garman C, Miers I et al (2013) Charm: a framework for rapidly prototyping cryptosystems. J Cryptogr Eng 3(2):111–128 Lynn B. PBC Library: the pairing-based cryptography library. http://crypto.stanford.edu/pbc. Accessed 26 Jul 2016. Charm: a tool for rapid cryptographic prototyping. http://www.charm-crypto.com. Accessed 26 Jul 2016.