A cloud-based access control scheme with user revocation and attribute update

Peng Zhang; Zehong Chen; Kaitai Liang; Shulan Wang; Ting Wang

doi:10.1007/978-3-319-40253-6_32

A cloud-based access control scheme with user revocation and attribute update

Peng Zhang^*, Zehong Chen, Kaitai Liang, Shulan Wang, Ting Wang

^*Corresponding author for this work

Department of Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

21 Citations (Scopus)

Abstract

Ciphertext-policy attribute-based encryption (CP-ABE) is a well-known cryptographic technology for guaranteeing data confidentiality but also fine-grained data access control. It enables data owners to define flexible access policy for cloud-based data sharing. However, the user revocation and attribute update problems existing in CP-ABE systems that are long-standing unsolved in the literature. In this paper, we propose the first access control (CP-ABE) scheme supporting user revocability and attribute update. Specifically, the user revocation is defined in the identity-based setting that does not conflict our attribute-based design. The cost brought by attribute update is efficient in the sense that we only concentrate on the update of the ciphertexts associated with the corresponding updated attribute. Moreover, the security analysis shows that the proposed scheme is secure under the decisional Bilinear Diffie-Hellman assumption.

Original language	English
Title of host publication	Information Security and Privacy - 21st Australasian Conference, ACISP 2016, Proceedings
Publisher	Springer Verlag
Pages	525-540
Number of pages	16
Volume	9722
ISBN (Print)	9783319402529
DOIs	https://doi.org/10.1007/978-3-319-40253-6_32
Publication status	Published - 2016
MoE publication type	A4 Article in a conference publication
Event	Australasian Conference on Information Security and Privacy - Melbourne, Australia Duration: 4 Jul 2016 → 6 Jul 2016 Conference number: 21

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	9722
ISSN (Print)	03029743
ISSN (Electronic)	16113349

Conference

Conference	Australasian Conference on Information Security and Privacy
Abbreviated title	ACISP
Country	Australia
City	Melbourne
Period	04/07/2016 → 06/07/2016

Keywords

Access control
Attribute update
Attribute-based encryption
Cloud
User revocability

Access to Document

10.1007/978-3-319-40253-6_32

Link to publication in Scopus

Fingerprint Dive into the research topics of 'A cloud-based access control scheme with user revocation and attribute update'. Together they form a unique fingerprint.

Cite this

Zhang, P., Chen, Z., Liang, K., Wang, S., & Wang, T. (2016). A cloud-based access control scheme with user revocation and attribute update. In Information Security and Privacy - 21st Australasian Conference, ACISP 2016, Proceedings (Vol. 9722, pp. 525-540). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9722). Springer Verlag. https://doi.org/10.1007/978-3-319-40253-6_32

Zhang, Peng ; Chen, Zehong ; Liang, Kaitai ; Wang, Shulan ; Wang, Ting. / A cloud-based access control scheme with user revocation and attribute update. Information Security and Privacy - 21st Australasian Conference, ACISP 2016, Proceedings. Vol. 9722 Springer Verlag, 2016. pp. 525-540 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{542b58b928144a80808efde1860eb6c5,

title = "A cloud-based access control scheme with user revocation and attribute update",

abstract = "Ciphertext-policy attribute-based encryption (CP-ABE) is a well-known cryptographic technology for guaranteeing data confidentiality but also fine-grained data access control. It enables data owners to define flexible access policy for cloud-based data sharing. However, the user revocation and attribute update problems existing in CP-ABE systems that are long-standing unsolved in the literature. In this paper, we propose the first access control (CP-ABE) scheme supporting user revocability and attribute update. Specifically, the user revocation is defined in the identity-based setting that does not conflict our attribute-based design. The cost brought by attribute update is efficient in the sense that we only concentrate on the update of the ciphertexts associated with the corresponding updated attribute. Moreover, the security analysis shows that the proposed scheme is secure under the decisional Bilinear Diffie-Hellman assumption.",

keywords = "Access control, Attribute update, Attribute-based encryption, Cloud, User revocability",

author = "Peng Zhang and Zehong Chen and Kaitai Liang and Shulan Wang and Ting Wang",

year = "2016",

doi = "10.1007/978-3-319-40253-6_32",

language = "English",

isbn = "9783319402529",

volume = "9722",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "525--540",

booktitle = "Information Security and Privacy - 21st Australasian Conference, ACISP 2016, Proceedings",

address = "Germany",

note = "Australasian Conference on Information Security and Privacy , ACISP ; Conference date: 04-07-2016 Through 06-07-2016",

}

Zhang, P, Chen, Z, Liang, K, Wang, S & Wang, T 2016, A cloud-based access control scheme with user revocation and attribute update. in Information Security and Privacy - 21st Australasian Conference, ACISP 2016, Proceedings. vol. 9722, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9722, Springer Verlag, pp. 525-540, Australasian Conference on Information Security and Privacy , Melbourne, Australia, 04/07/2016. https://doi.org/10.1007/978-3-319-40253-6_32

A cloud-based access control scheme with user revocation and attribute update. / Zhang, Peng; Chen, Zehong; Liang, Kaitai; Wang, Shulan; Wang, Ting.

Information Security and Privacy - 21st Australasian Conference, ACISP 2016, Proceedings. Vol. 9722 Springer Verlag, 2016. p. 525-540 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9722).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

TY - GEN

T1 - A cloud-based access control scheme with user revocation and attribute update

AU - Zhang, Peng

AU - Chen, Zehong

AU - Liang, Kaitai

AU - Wang, Shulan

AU - Wang, Ting

N1 - Conference code: 21

PY - 2016

Y1 - 2016

N2 - Ciphertext-policy attribute-based encryption (CP-ABE) is a well-known cryptographic technology for guaranteeing data confidentiality but also fine-grained data access control. It enables data owners to define flexible access policy for cloud-based data sharing. However, the user revocation and attribute update problems existing in CP-ABE systems that are long-standing unsolved in the literature. In this paper, we propose the first access control (CP-ABE) scheme supporting user revocability and attribute update. Specifically, the user revocation is defined in the identity-based setting that does not conflict our attribute-based design. The cost brought by attribute update is efficient in the sense that we only concentrate on the update of the ciphertexts associated with the corresponding updated attribute. Moreover, the security analysis shows that the proposed scheme is secure under the decisional Bilinear Diffie-Hellman assumption.

AB - Ciphertext-policy attribute-based encryption (CP-ABE) is a well-known cryptographic technology for guaranteeing data confidentiality but also fine-grained data access control. It enables data owners to define flexible access policy for cloud-based data sharing. However, the user revocation and attribute update problems existing in CP-ABE systems that are long-standing unsolved in the literature. In this paper, we propose the first access control (CP-ABE) scheme supporting user revocability and attribute update. Specifically, the user revocation is defined in the identity-based setting that does not conflict our attribute-based design. The cost brought by attribute update is efficient in the sense that we only concentrate on the update of the ciphertexts associated with the corresponding updated attribute. Moreover, the security analysis shows that the proposed scheme is secure under the decisional Bilinear Diffie-Hellman assumption.

KW - Access control

KW - Attribute update

KW - Attribute-based encryption

KW - Cloud

KW - User revocability

UR - http://www.scopus.com/inward/record.url?scp=84978193824&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-40253-6_32

DO - 10.1007/978-3-319-40253-6_32

M3 - Conference contribution

AN - SCOPUS:84978193824

SN - 9783319402529

VL - 9722

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 525

EP - 540

BT - Information Security and Privacy - 21st Australasian Conference, ACISP 2016, Proceedings

PB - Springer Verlag

T2 - Australasian Conference on Information Security and Privacy

Y2 - 4 July 2016 through 6 July 2016

ER -

Zhang P, Chen Z, Liang K, Wang S, Wang T. A cloud-based access control scheme with user revocation and attribute update. In Information Security and Privacy - 21st Australasian Conference, ACISP 2016, Proceedings. Vol. 9722. Springer Verlag. 2016. p. 525-540. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-40253-6_32