A cloud-based access control scheme with user revocation and attribute update

Conference paper (2016)

Authors

Peng Zhang Shenzhen University

Zehong Chen Shenzhen University

K. Liang Aalto University

Shulan Wang Shenzhen University

Ting Wang Shenzhen University, South China University of Technology

Affiliation

External organisation

Cloud Access control Attribute-based encryption Attribute update User revocability

More Info

expand_more

To reference this document use:

http://resolver.tudelft.nl/uuid:aed18837-3ae5-4388-92bc-0f3f25a36bda

Published Date

01-01-2016

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Affiliation

External organisation

Abstract

Ciphertext-policy attribute-based encryption (CP-ABE) is a well-known cryptographic technology for guaranteeing data confidentiality but also fine-grained data access control. It enables data owners to define flexible access policy for cloud-based data sharing. However, the user revocation and attribute update problems existing in CP-ABE systems that are long-standing unsolved in the literature. In this paper, we propose the first access control (CP-ABE) scheme supporting user revocability and attribute update. Specifically, the user revocation is defined in the identity-based setting that does not conflict our attribute-based design. The cost brought by attribute update is efficient in the sense that we only concentrate on the update of the ciphertexts associated with the corresponding updated attribute. Moreover, the security analysis shows that the proposed scheme is secure under the decisional Bilinear Diffie-Hellman assumption.