Revocable Attribute-Based Encryption With Data Integrity in Clouds

Cloud computing enables enterprises and individuals to outsource and share their data. This way, cloud computing eliminates the heavy workload of local information infrastructure. Attribute-based encryption has become a promising solution for encrypted data access control in clouds due to the abilit...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on dependable and secure computing Jg. 19; H. 5; S. 2864 - 2872
Hauptverfasser: Ge, Chunpeng, Susilo, Willy, Baek, Joonsang, Liu, Zhe, Xia, Jinyue, Fang, Liming
Format: Journal Article
Sprache:Englisch
Veröffentlicht: Washington IEEE 01.09.2022
IEEE Computer Society
Schlagworte:
Access control
Algorithms
Attribute-based encryption
Cloud computing
Cryptography
Cybersecurity
Data encryption
Data integrity
Data retrieval
Encryption
Finance
Integrity
Performance evaluation
revocable
Servers
Systems architecture
ISSN:1545-5971, 1941-0018
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Cloud computing enables enterprises and individuals to outsource and share their data. This way, cloud computing eliminates the heavy workload of local information infrastructure. Attribute-based encryption has become a promising solution for encrypted data access control in clouds due to the ability to achieve one-to-many encrypted data sharing. Revocation is a critical requirement for encrypted data access control systems. After outsourcing the encrypted attribute-based ciphertext to the cloud, the data owner may want to revoke some recipients that were authorized previously, which means that the outsourced attribute-based ciphertext needs to be updated to a new one that is under the revoked policy. The integrity issue arises when the revocation is executed. When a new ciphertext with the revoked access policy is generated by the cloud server, the data recipient cannot be sure that the newly generated ciphertext guarantees to be decrypted to the same plaintext as the originally encrypted data, since the cloud server is provided by a third party, which is not fully trusted. In this article, we consider a new security requirement for the revocable attribute-based encryption schemes: integrity. We introduce a formal definition and security model for the revocable attribute-based encryption with data integrity protection (RABE-DI). Then, we propose a concrete RABE-DI scheme and prove its confidentiality and integrity under the defined security model. Finally, we present an implementation result and provide performance evaluation which shows that our scheme is efficient and practical.
Bibliographie:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:1545-5971
1941-0018
DOI:10.1109/TDSC.2021.3065999