Attribute-based encryption with granular revocation
Attribute-based encryption (ABE) enables an access control mechanism over encrypted data by specifying access policies over attributes associated with private keys or ciphertexts, which is a promising solution to protect data privacy in cloud storage services. As an encryption system that involves m...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2016
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/3399 https://ink.library.smu.edu.sg/context/sis_research/article/4400/viewcontent/Attribute_based_encryption_with_granular_revocation.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-4400 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-44002020-03-30T05:37:05Z Attribute-based encryption with granular revocation CUI, Hui DENG, Robert H., DING, Xuhua Yingjiu LI, Attribute-based encryption (ABE) enables an access control mechanism over encrypted data by specifying access policies over attributes associated with private keys or ciphertexts, which is a promising solution to protect data privacy in cloud storage services. As an encryption system that involves many data users whose attributes might change over time, it is essential to provide a mechanism to selectively revoke data users’ attributes in an ABE system. However, most of the previous revokable ABE schemes consider how to disable revoked data users to access (newly) encrypted data in the system, and there are few of them that can be used to revoke one or more attributes of a data user while keeping this user active in the system. Due to this observation, in this paper, we focus on designing ABE schemes supporting selective revocation, i.e., a data user’s attributes can be selectively revoked, which we call ABE with granular revocation (ABE-GR). Our idea is to utilize the key separation technique, such that for any data user, key elements corresponding to his/her attributes are generated separately but are linkable to each other. To begin with, we give a basic ABE-GR scheme to accomplish selective revocation using the binary tree data structure. Then, to further improve the efficiency, we present a server-aided ABE-GR scheme, where an untrusted server is introduced to the system to mitigate data users’ workloads during the key update phase. Both of the ABE-GR constructions are formally proved to be secure under our defined security model. 2016-10-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/3399 info:doi/10.1007/978-3-319-59608-2_9 https://ink.library.smu.edu.sg/context/sis_research/article/4400/viewcontent/Attribute_based_encryption_with_granular_revocation.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University granular revocation ABE efficiency cloud storage Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
granular revocation ABE efficiency cloud storage Information Security |
| spellingShingle |
granular revocation ABE efficiency cloud storage Information Security CUI, Hui DENG, Robert H., DING, Xuhua Yingjiu LI, Attribute-based encryption with granular revocation |
| description |
Attribute-based encryption (ABE) enables an access control mechanism over encrypted data by specifying access policies over attributes associated with private keys or ciphertexts, which is a promising solution to protect data privacy in cloud storage services. As an encryption system that involves many data users whose attributes might change over time, it is essential to provide a mechanism to selectively revoke data users’ attributes in an ABE system. However, most of the previous revokable ABE schemes consider how to disable revoked data users to access (newly) encrypted data in the system, and there are few of them that can be used to revoke one or more attributes of a data user while keeping this user active in the system. Due to this observation, in this paper, we focus on designing ABE schemes supporting selective revocation, i.e., a data user’s attributes can be selectively revoked, which we call ABE with granular revocation (ABE-GR). Our idea is to utilize the key separation technique, such that for any data user, key elements corresponding to his/her attributes are generated separately but are linkable to each other. To begin with, we give a basic ABE-GR scheme to accomplish selective revocation using the binary tree data structure. Then, to further improve the efficiency, we present a server-aided ABE-GR scheme, where an untrusted server is introduced to the system to mitigate data users’ workloads during the key update phase. Both of the ABE-GR constructions are formally proved to be secure under our defined security model. |
| format |
text |
| author |
CUI, Hui DENG, Robert H., DING, Xuhua Yingjiu LI, |
| author_facet |
CUI, Hui DENG, Robert H., DING, Xuhua Yingjiu LI, |
| author_sort |
CUI, Hui |
| title |
Attribute-based encryption with granular revocation |
| title_short |
Attribute-based encryption with granular revocation |
| title_full |
Attribute-based encryption with granular revocation |
| title_fullStr |
Attribute-based encryption with granular revocation |
| title_full_unstemmed |
Attribute-based encryption with granular revocation |
| title_sort |
attribute-based encryption with granular revocation |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2016 |
| url |
https://ink.library.smu.edu.sg/sis_research/3399 https://ink.library.smu.edu.sg/context/sis_research/article/4400/viewcontent/Attribute_based_encryption_with_granular_revocation.pdf |
| _version_ |
1770573159442939904 |