https://doi.org/10.26706/ijceae.1.1.20141208

---

Abstract:-

With the recent adoption and diffusion of the data sharing paradigm in distributed systems such as online social networks or cloud computing, there have been increasing demands and concerns for distributed data security. One of the most challenging issues in data sharing systems is the enforcement of access policies and the support of policies updates. With the development of cryptography, the attribute-based encryption (ABE) draws widespread attention of the researchers in recent years. The ABE scheme, which belongs to the public key encryption mechanism, takes attributes as public key and associates them with the ciphertext or the user’s secret key. It is an efficient way to solve open problems in access control scenarios, for example, how to provide data confidentiality and expressive access control at the same time. Ciphertext policy attribute-based encryption (CP-ABE) is becoming a promising cryptographic solution to this issue. It enables data owners to define their own access policies over user attributes and enforce the policies on the data to be distributed. Therefore, in this study, we propose a novel CP-ABE scheme for a data sharing system by exploiting the characteristic of the system architecture. The proposed scheme features the following achievements: 1) the key escrow problem could be solved by escrow-free key issuing protocol, which is constructed using the secure two-party computation between the key generation center and the data-storing center, and 2) fine-grained user revocation per each attribute could be done by proxy encryption which takes advantage of the selective attribute group key distribution on top of the ABE. The performance and security analyses indicate that the proposed scheme is efficient to securely manage the data distributed in the data sharing system.

Index Terms:-

Data sharing, attribute-based encryption, revocation, access control, removing escrow.

---

REFERENCES

[1] Junbeom Hur, “Improving Security and Efficiency in Attribute-Based Data Sharing” IEEE Transactions On Knowledge And Data Engineering Vol:25 No:10 Year 2013

[2] M. Chase and S.S.M. Chow, “Improving Privacy and Security in Multi-Authority Attribute-Based Encryption,” Proc. ACM Conf. Computer and Comm. Security, pp. 121-130, 2009.

[3] S.S.M. Chow, “Removing Escrow from Identity-Based Encryption,” Proc. Int’l Conf. Practice and Theory in Public Key Cryptography (PKC ’09), pp. 256-276, 2009.

[4] J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-Policy Attribute-Based Encryption,” Proc. IEEE Symp. Security and Privacy, pp. 321-334, 2007.

[5] A. Boldyreva, V. Goyal, and V. Kumar, “Identity-Based Encryption with Efficient Revocation,” Proc. ACM Conf. Computer and Comm. Security, pp. 417-426, 2008.

[6] N. Attrapadung and H. Imai, “Conjunctive Broadcast and Attribute-Based Encryption,” Proc. Int’l Conf. Palo Alto on Pairing-Based Cryptography (Pairing), pp. 248-265, 2009.

[7] S. Yu, C. Wang, K. Ren, and W. Lou, “Attribute Based Data Sharing with Attribute Revocation,” Proc. ACM Symp. Information, Computer and Comm. Security (ASIACCS ’10), 2010.

[8] S. D. C. di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati, “Overencryption: management of access control evolution on outsourced data,” in VLDB '07, 2007, pp. 123–131.

[9] Shilpa Elsa Abraham and R. Gokulavanan, “Ensuring Privacy and Security in Data Sharing under Cloud Environment”, International Journal of Computer Applications Technology and Research Volume 2– Issue 2, 188 - 194, 2013

---

To view full paper, Download here

---