Server-aided bilateral access control for secure data sharing with dynamic user groups
As a versatile technique, cloud-fog computing extends the traditional cloud server to offer various on-demand data services. Maintaining data confidentiality is one of the most crucial requirements for data services, many cryptosystems have been proposed to reserve information privacy against such a...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2021
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/6818 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-7821 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-78212022-01-27T03:48:03Z Server-aided bilateral access control for secure data sharing with dynamic user groups XU, Shengmin NING, Jianting HUANG, Xinyi ZHOU, Jianying DENG, Robert H. As a versatile technique, cloud-fog computing extends the traditional cloud server to offer various on-demand data services. Maintaining data confidentiality is one of the most crucial requirements for data services, many cryptosystems have been proposed to reserve information privacy against such an untrusted environment. However, in cloud-fog computing, how to confidentially and efficiently share data and fetch desirable data without expensive data decryption for resource-constrained end-devices is challenging. In this paper, we propose a cloud-fog system for the Internet-of-Things (IoT) ecosystem by introducing a cryptographic primitive called server-aided revocable bilateral attribute-based encryption (SRB-ABE). Our solution is a secure and lightweight bilateral access control system with dynamic user groups, including (1) fine-grained data user and data owner access control simultaneously; (2) outsourced data source identification; (3) server-aided user revocation with publicly updatable ciphertexts; and (4) lightweight data decryption mechanism with one exponentiation computation. We present the formal definition and concrete construction of SRB-ABE with security proofs to build cloud-fog systems. The extensive comparison and experimental analysis demonstrate that our construction has superior functionality and comparable performance than the most relevant solutions. 2021-09-01T07:00:00Z text https://ink.library.smu.edu.sg/sis_research/6818 info:doi/10.1109/TIFS.2021.3113516 Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Information Security |
| spellingShingle |
Information Security XU, Shengmin NING, Jianting HUANG, Xinyi ZHOU, Jianying DENG, Robert H. Server-aided bilateral access control for secure data sharing with dynamic user groups |
| description |
As a versatile technique, cloud-fog computing extends the traditional cloud server to offer various on-demand data services. Maintaining data confidentiality is one of the most crucial requirements for data services, many cryptosystems have been proposed to reserve information privacy against such an untrusted environment. However, in cloud-fog computing, how to confidentially and efficiently share data and fetch desirable data without expensive data decryption for resource-constrained end-devices is challenging. In this paper, we propose a cloud-fog system for the Internet-of-Things (IoT) ecosystem by introducing a cryptographic primitive called server-aided revocable bilateral attribute-based encryption (SRB-ABE). Our solution is a secure and lightweight bilateral access control system with dynamic user groups, including (1) fine-grained data user and data owner access control simultaneously; (2) outsourced data source identification; (3) server-aided user revocation with publicly updatable ciphertexts; and (4) lightweight data decryption mechanism with one exponentiation computation. We present the formal definition and concrete construction of SRB-ABE with security proofs to build cloud-fog systems. The extensive comparison and experimental analysis demonstrate that our construction has superior functionality and comparable performance than the most relevant solutions. |
| format |
text |
| author |
XU, Shengmin NING, Jianting HUANG, Xinyi ZHOU, Jianying DENG, Robert H. |
| author_facet |
XU, Shengmin NING, Jianting HUANG, Xinyi ZHOU, Jianying DENG, Robert H. |
| author_sort |
XU, Shengmin |
| title |
Server-aided bilateral access control for secure data sharing with dynamic user groups |
| title_short |
Server-aided bilateral access control for secure data sharing with dynamic user groups |
| title_full |
Server-aided bilateral access control for secure data sharing with dynamic user groups |
| title_fullStr |
Server-aided bilateral access control for secure data sharing with dynamic user groups |
| title_full_unstemmed |
Server-aided bilateral access control for secure data sharing with dynamic user groups |
| title_sort |
server-aided bilateral access control for secure data sharing with dynamic user groups |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2021 |
| url |
https://ink.library.smu.edu.sg/sis_research/6818 |
| _version_ |
1770576075012702208 |