Attribute-based Encryption for Cloud Computing Access Control: A Survey
TL;DR: Compared to related state-of-the-art survey papers, this article not only provides a broader 12 categories of ABE schemes, but also makes a more comprehensive and holistic comparison.
read more
Abstract: Attribute-based encryption (ABE) for cloud computing access control is reviewed in this article. A taxonomy and comprehensive assessment criteria of ABE are first proposed. In the taxonomy, ABE schemes are assorted into key-policy ABE (KP-ABE) schemes, ciphertext-policy ABE (CP-ABE) schemes, anti-quantum ABE schemes, and generic constructions. In accordance with cryptographically functional features, CP-ABE is further divided into nine subcategories with regard to basic functionality, revocation, accountability, policy hiding, policy updating, multi-authority, hierarchy, offline computation, and outsourced computation. In addition, a systematical methodology for discussing and comparing existing ABE schemes is proposed. For KP-ABE and each type of CP-ABE, the corresponding access control scenario is presented and explained by concrete examples. Specifically, the syntax of ABE is given followed by the adversarial model and security goals. ABE schemes are discussed according to the design strategies and special features and are compared in the light of the proposed assessment criteria with respect to security and performance. Compared to related state-of-the-art survey papers, this article not only provides a broader 12 categories of ABE schemes, but also makes a more comprehensive and holistic comparison. Finally, a number of open research challenges in ABE are pointed out.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
A Survey on Attribute-Based Encryption Schemes Suitable for the Internet of Things
TL;DR: This article surveys the ABE literature proposing schemes and solutions that are best suited for IoT applications and analyzes only those schemes that are promising from the point of view of one or more indicators and, therefore, more applicable in typical IoT applications.
A revocable and outsourced multi-authority attribute-based encryption scheme in fog computing
TL;DR: An attribute revocation scheme based on cipher-text attribute-based encryption by introducing the attribute group keys that provides the complete encryption and decryption process for end-users and fog servers based on multi-authority, attribute revocation, and outsourcing computation, while most of the existing scheme lack to incorporate all these parameters.
67
A Practical and Efficient Bidirectional Access Control Scheme for Cloud-Edge Data Sharing
TL;DR: Wang et al. as discussed by the authors proposed a bidirectional fine-grained access control scheme that can restrict the capabilities of both senders and receivers for cloud data sharing, and the experimental results show that their scheme exhibits superior performance in the encryption and decryption compared to the prior work.
Secure, Efficient, and Weighted Access Control for Cloud-Assisted Industrial IoT
15 Sep 2022
TL;DR: Wang et al. as discussed by the authors proposed a secure, efficient, and weighted access control scheme (SEWAC) for cloud-assisted IIoT applications, which enables the data owner to formulate any fine-grained access structure over weighted attributes without making it more complicated.
31
Unbounded and Efficient Revocable Attribute-based Encryption with Adaptive Security for Cloud-Assisted Internet of Things
TL;DR: Li et al. as discussed by the authors proposed an unbounded and efficient revocable attribute-based encryption scheme with adaptive security for cloud-assisted internet of things (IoTs), which is proved to be adaptively secure under standard decision linear assumption.
30
References
Identity-Based Encryption from the Weil Pairing
Dan Boneh,Matthew K. Franklin +1 more
- 19 Aug 2001
TL;DR: This work proposes a fully functional identity-based encryption scheme (IBE) based on the Weil pairing that has chosen ciphertext security in the random oracle model assuming an elliptic curve variant of the computational Diffie-Hellman problem.
Random oracles are practical: a paradigm for designing efficient protocols
Mihir Bellare,Phillip Rogaway +1 more
- 01 Dec 1993
TL;DR: It is argued that the random oracles model—where all parties have access to a public random oracle—provides a bridge between cryptographic theory and cryptographic practice, and yields protocols much more efficient than standard ones while retaining many of the advantages of provable security.
5.7K
Ciphertext-Policy Attribute-Based Encryption
John Bethencourt,Amit Sahai,Brent Waters +2 more
- 20 May 2007
TL;DR: A system for realizing complex access control on encrypted data that is conceptually closer to traditional access control methods such as role-based access control (RBAC) and secure against collusion attacks is presented.
Fuzzy identity-based encryption
Amit Sahai,Brent Waters +1 more
- 22 May 2005
TL;DR: In this article, a new type of identity-based encryption called Fuzzy Identity-Based Encryption (IBE) was introduced, where an identity is viewed as set of descriptive attributes, and a private key for an identity can decrypt a ciphertext encrypted with an identity if and only if the identities are close to each other as measured by the set overlap distance metric.
•Posted Content
Fuzzy Identity Based Encryption.
Amit Sahai,Brent Waters +1 more
TL;DR: In this paper, a new type of identity-based encryption called Fuzzy Identity-Based Encryption (IBE) was introduced, where an identity is viewed as set of descriptive attributes, and a private key for an identity can decrypt a ciphertext encrypted with an identity if and only if the identities are close to each other as measured by the set overlap distance metric.
Related Papers (5)
Runhua Xu,Bo Lang +1 more
- 20 Jan 2016
Junzuo Lai,Robert H. Deng,Yanjiang Yang,Jian Weng +3 more
- 22 Nov 2013