Journal Article10.1109/TC.2015.2401033
Efficient Attribute-Based Comparable Data Access Control
69
TL;DR: A new efficient framework named Constant-size Ciphertext Policy Comparative Attribute-Based Encryption (CCP-CABE) with the support of negative attributes and wildcards that embeds the comparable attribute ranges of all the attributes into the user's key, and incorporates the attribute constraints into one piece of ciphertext during the encryption process to enforce flexible access control policies with various range relationships.
read more
Abstract: With the proliferation of mobile devices in recent years, there is a growing concern regarding secure data storage, secure computation, and fine-grained access control in data sharing for these resource-constrained devices in a cloud computing environment. In this work, we propose a new efficient framework named Constant-size Ciphertext Policy Comparative Attribute-Based Encryption (CCP-CABE) with the support of negative attributes and wildcards. It embeds the comparable attribute ranges of all the attributes into the user’s key, and incorporates the attribute constraints of all the attributes into one piece of ciphertext during the encryption process to enforce flexible access control policies with various range relationships. Accordingly, CCP-CABE achieves the efficiency because it generates constant-size keys and ciphertext regardless of the number of involved attributes, and it also keeps the computation cost constant on lightweight mobile devices. We further discuss how to extend CCP-CABE to fit a scenario with multiple attribute domains, such that the decryption proceeds from the least privileged attribute domain to the most privileged one to help protect the privacy of the access policy. We provide security analysis and performance evaluation to demonstrate their efficiency at the end.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Identity and access management in cloud environment: Mechanisms and challenges
TL;DR: A detailed comparative study of the existing techniques in the perspective of cloud service providers and cloud users that include identity and access management, security issues and services in the cloud environment are highlighted.
134
Ransomware: Recent advances, analysis, challenges and future research directions.
TL;DR: In this paper, the authors explored recent advances in ransomware prevention and detection and highlighted future research challenges and directions, and also carried out an analysis of a few popular ransomware samples and developed AESthetic, which was able to evade detection against eight popular antivirus programs.
125
Attribute-based Access Control for ICN Naming Scheme
TL;DR: A privacy-preserving access control scheme for ICN and its corresponding attribute management solution are presented and the proposed approach is compatible with existing flat name based ICN architectures.
115
Attribute-based Encryption for Cloud Computing Access Control: A Survey
TL;DR: Compared to related state-of-the-art survey papers, this article not only provides a broader 12 categories of ABE schemes, but also makes a more comprehensive and holistic comparison.
105
Privacy Protection and Data Security in Cloud Computing: A Survey, Challenges, and Solutions
TL;DR: This paper systematically review and analyze relevant research achievements of cloud computing privacy protection based on access control, attribute-based encryption (ABE), trust and reputation, and proposes a framework of privacy protection.
References
Ciphertext-Policy Attribute-Based Encryption
John Bethencourt,Amit Sahai,Brent Waters +2 more
- 20 May 2007
TL;DR: A system for realizing complex access control on encrypted data that is conceptually closer to traditional access control methods such as role-based access control (RBAC) and secure against collusion attacks is presented.
•Book
The Design of Rijndael: AES - The Advanced Encryption Standard
Joan Daemen,Vincent Rijmen +1 more
- 14 Feb 2002
TL;DR: The underlying mathematics and the wide trail strategy as the basic design idea are explained in detail and the basics of differential and linear cryptanalysis are reworked.
3.8K
Mobile cloud computing
TL;DR: This paper provides an extensive survey of mobile cloud computing research, while highlighting the specific concerns in mobile cloud Computing, and presents a taxonomy based on the key issues in this area, and discusses the different approaches taken to tackle these issues.
1.9K
Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption
Allison Lewko,Tatsuaki Okamoto,Amit Sahai,Katsuyuki Takashima,Brent Waters +4 more
- 30 May 2010
TL;DR: In this article, a fully secure attribute-based encryption (ABE) scheme and a predicate encryption (PE) scheme for inner-product predicates were constructed using dual pairing vector spaces.
Decentralizing attribute-based encryption
Allison Lewko,Brent Waters +1 more
- 15 May 2011
TL;DR: In this paper, the authors proposed a multi-authority attribute-based encryption (ABE) system, where any party can become an authority and there is no requirement for any global coordination other than the creation of an initial set of common reference parameters.
Related Papers (5)
John Bethencourt,Amit Sahai,Brent Waters +2 more
- 20 May 2007
Amit Sahai,Brent Waters +1 more
- 22 May 2005
Allison Lewko,Brent Waters +1 more
- 15 May 2011