Achieving revocable fine-grained cryptographic access control over cloud data
Attribute-based encryption (ABE) is well suited for finegrained access control for data residing on a cloud server. However, existing approaches for user revocation are not satisfactory. In this work, we propose a new approach which works by splitting an authorized user’s decryption capability betwe...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2013
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/1968 https://ink.library.smu.edu.sg/context/sis_research/article/2967/viewcontent/101007_2F978_3_319_27659_5_21.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| Summary: | Attribute-based encryption (ABE) is well suited for finegrained access control for data residing on a cloud server. However, existing approaches for user revocation are not satisfactory. In this work, we propose a new approach which works by splitting an authorized user’s decryption capability between the cloud and the user herself. User revocation is attained by simply nullifying the decryption ability at the cloud, requiring neither key update nor re-generation of cloud data. We propose a concrete scheme instantiating the approach, which features lightweight computation at the user side. This makes it possible for users to use resource-constrained devices such as mobile phones to access cloud data. We implement our scheme, and also empirically evaluate its performance. |
|---|