You are viewing a javascript disabled version of the site. Please enable Javascript for this site to function properly.
Go to headerGo to navigationGo to searchGo to contentsGo to footer
In content section. Select this link to jump to navigation

New access control systems based on outsourced attribute-based encryption1

Article type: Research Article

Authors: Li, Jina; b; e | Chen, Xiaofengb; e | Li, Jingweic | Jia, Chunfuc | Ma, Jianfengd | Lou, Wenjinge; *

Affiliations: [a] School of Computer Science, Guangzhou University, P.R. China | [b] State Key Laboratory of Integrated Service Networks (ISN), Xidian University, P.R. China | [c] College of Computer and Control Engineering, Nankai University, P.R. China | [d] School of Computer Science and Technology, Xidian University, P.R. China | [e] Department of Computer Science, Virginia Polytechnic Institute and State University, USA

Correspondence: [*] Corresponding author: Wenjing Lou, Department of Computer Science, Virginia Polytechnic Institute and State University, USA. Tel.: +1 703 538 3774; E-mail: [email protected].

Abstract: As cloud computing becomes prevalent, more and more sensitive data is being centralized into the cloud for sharing, which brings forth new challenges for outsourced data security and privacy. Attribute-based encryption (ABE) is a promising cryptographic primitive, which has been widely applied to design fine-grained access control system recently. However, ABE is criticized for its high scheme overhead as the computational cost grows with the complexity of the access formula. This disadvantage becomes more serious for mobile devices with constrained computing resources. Aiming at tackling the challenge above, we present a generic and efficient solution to implement attribute-based access control system by introducing secure outsourcing techniques into ABE. More precisely, two cloud service providers (CSPs), namely key generation-cloud service provider (KG-CSP) and decryption-cloud service provider (D-CSP) are introduced to perform the outsourced key-issuing and decryption on behalf of attribute authority and users respectively. In order to outsource heavy computation to both CSPs without private information leakage, we formalize an underlying primitive called outsourced ABE (OABE) and propose several constructions with outsourced decryption and key-issuing. Finally, extensive experiment demonstrates that with the help of KG-CSP and D-CSP, efficient key-issuing and decryption are achieved in our constructions.

Keywords: Attribute-based encryption, access control, outsourcing computation, cloud computing

DOI: 10.3233/JCS-150533

Journal: Journal of Computer Security, vol. 23, no. 6, pp. 659-683, 2015

Published: 2015
Price: EUR 27.50
Show more