The Experts below are selected from a list of 90711 Experts worldwide ranked by ideXlab platform
Yichen Zhang - One of the best experts on this subject based on the ideXlab platform.
-
flexible and fine grained attribute based data storage in cloud computing
IEEE Transactions on Services Computing, 2017Co-Authors: Wei Yao, Yichen Zhang, Huiling Qian, Jinguang HanAbstract:With the development of cloud computing, outsourcing data to cloud server attracts lots of attentions. To guarantee the security and achieve flexibly fine-grained file access control, attribute based encryption (ABE) was proposed and used in cloud storage system. However, user revocation is the primary issue in ABE schemes. In this article, we provide a ciphertext-policy attribute based encryption (CP-ABE) scheme with efficient user revocation for cloud storage system. The issue of user revocation can be solved efficiently by introducing the concept of user group. When any user leaves, the group manager will update users’ private keys except for those who have been revoked. Additionally, CP-ABE scheme has heavy Computation Cost, as it grows linearly with the complexity for the access structure. To reduce the Computation Cost, we outsource high Computation load to cloud service providers without leaking file content and secret keys. Notably, our scheme can withstand collusion attack performed by revoked users cooperating with existing users. We prove the security of our scheme under the divisible Computation Diffie-Hellman assumption. The result of our experiment shows Computation Cost for local devices is relatively low and can be constant. Our scheme is suitable for resource constrained devices.
-
KSF-OABE: Outsourced Attribute-Based Encryption with Keyword Search Function for Cloud Storage
IEEE Transactions on Services Computing, 2017Co-Authors: Jiguo Li, Yichen ZhangAbstract:Cloud computing becomes increasingly popular for data owners to outsource their data to public cloud servers while allowing intended data users to retrieve these data stored in cloud. This kind of computing model brings challenges to the security and privacy of data stored in cloud. Attribute-based encryption (ABE) technology has been used to design fine-grained access control system, which provides one good method to solve the security issues in cloud setting. However, the Computation Cost and ciphertext size in most ABE schemes grow with the complexity of the access policy. Outsourced ABE (OABE) with fine-grained access control system can largely reduce the Computation Cost for users who want to access encrypted data stored in cloud by outsourcing the heavy Computation to cloud service provider (CSP). However, as the amount of encrypted files stored in cloud is becoming very huge, which will hinder efficient query processing. To deal with above problem, we present a new cryptographic primitive called attribute-based encryption scheme with outsourcing key-issuing and outsourcing decryption, which can implement keyword search function (KSF-OABE). The proposed KSF-OABE scheme is proved secure against chosen-plaintext attack (CPA). CSP performs partial decryption task delegated by data user without knowing anything about the plaintext. Moreover, the CSP can perform encrypted keyword search without knowing anything about the keywords embedded in trapdoor.
Jie Chen - One of the best experts on this subject based on the ideXlab platform.
-
Two-Factor Data Access Control With Efficient Revocation for Multi-Authority Cloud Storage Systems
IEEE Access, 2017Co-Authors: Shaohua Tang, Huaqun Wang, Jie ChenAbstract:Attribute-based encryption, especially for ciphertext-policy attribute-based encryption, can fulfill the functionality of fine-grained access control in cloud storage systems. Since users’ attributes may be issued by multiple attribute authorities, multi-authority ciphertext-policy attribute-based encryption is an emerging cryptographic primitive for enforcing attribute-based access control on outsourced data. However, most of the existing multi-authority attribute-based systems are either insecure in attribute-level revocation or lack of efficiency in communication overhead and Computation Cost. In this paper, we propose an attribute-based access control scheme with two-factor protection for multi-authority cloud storage systems. In our proposed scheme, any user can recover the outsourced data if and only if this user holds sufficient attribute secret keys with respect to the access policy and authorization key in regard to the outsourced data. In addition, the proposed scheme enjoys the properties of constant-size ciphertext and small Computation Cost. Besides supporting the attribute-level revocation, our proposed scheme allows data owner to carry out the user-level revocation. The security analysis, performance comparisons, and experimental results indicate that our proposed scheme is not only secure but also practical.
Jinguang Han - One of the best experts on this subject based on the ideXlab platform.
-
flexible and fine grained attribute based data storage in cloud computing
IEEE Transactions on Services Computing, 2017Co-Authors: Wei Yao, Yichen Zhang, Huiling Qian, Jinguang HanAbstract:With the development of cloud computing, outsourcing data to cloud server attracts lots of attentions. To guarantee the security and achieve flexibly fine-grained file access control, attribute based encryption (ABE) was proposed and used in cloud storage system. However, user revocation is the primary issue in ABE schemes. In this article, we provide a ciphertext-policy attribute based encryption (CP-ABE) scheme with efficient user revocation for cloud storage system. The issue of user revocation can be solved efficiently by introducing the concept of user group. When any user leaves, the group manager will update users’ private keys except for those who have been revoked. Additionally, CP-ABE scheme has heavy Computation Cost, as it grows linearly with the complexity for the access structure. To reduce the Computation Cost, we outsource high Computation load to cloud service providers without leaking file content and secret keys. Notably, our scheme can withstand collusion attack performed by revoked users cooperating with existing users. We prove the security of our scheme under the divisible Computation Diffie-Hellman assumption. The result of our experiment shows Computation Cost for local devices is relatively low and can be constant. Our scheme is suitable for resource constrained devices.
Shaohua Tang - One of the best experts on this subject based on the ideXlab platform.
-
Two-Factor Data Access Control With Efficient Revocation for Multi-Authority Cloud Storage Systems
IEEE Access, 2017Co-Authors: Shaohua Tang, Huaqun Wang, Jie ChenAbstract:Attribute-based encryption, especially for ciphertext-policy attribute-based encryption, can fulfill the functionality of fine-grained access control in cloud storage systems. Since users’ attributes may be issued by multiple attribute authorities, multi-authority ciphertext-policy attribute-based encryption is an emerging cryptographic primitive for enforcing attribute-based access control on outsourced data. However, most of the existing multi-authority attribute-based systems are either insecure in attribute-level revocation or lack of efficiency in communication overhead and Computation Cost. In this paper, we propose an attribute-based access control scheme with two-factor protection for multi-authority cloud storage systems. In our proposed scheme, any user can recover the outsourced data if and only if this user holds sufficient attribute secret keys with respect to the access policy and authorization key in regard to the outsourced data. In addition, the proposed scheme enjoys the properties of constant-size ciphertext and small Computation Cost. Besides supporting the attribute-level revocation, our proposed scheme allows data owner to carry out the user-level revocation. The security analysis, performance comparisons, and experimental results indicate that our proposed scheme is not only secure but also practical.
Wei Yao - One of the best experts on this subject based on the ideXlab platform.
-
flexible and fine grained attribute based data storage in cloud computing
IEEE Transactions on Services Computing, 2017Co-Authors: Wei Yao, Yichen Zhang, Huiling Qian, Jinguang HanAbstract:With the development of cloud computing, outsourcing data to cloud server attracts lots of attentions. To guarantee the security and achieve flexibly fine-grained file access control, attribute based encryption (ABE) was proposed and used in cloud storage system. However, user revocation is the primary issue in ABE schemes. In this article, we provide a ciphertext-policy attribute based encryption (CP-ABE) scheme with efficient user revocation for cloud storage system. The issue of user revocation can be solved efficiently by introducing the concept of user group. When any user leaves, the group manager will update users’ private keys except for those who have been revoked. Additionally, CP-ABE scheme has heavy Computation Cost, as it grows linearly with the complexity for the access structure. To reduce the Computation Cost, we outsource high Computation load to cloud service providers without leaking file content and secret keys. Notably, our scheme can withstand collusion attack performed by revoked users cooperating with existing users. We prove the security of our scheme under the divisible Computation Diffie-Hellman assumption. The result of our experiment shows Computation Cost for local devices is relatively low and can be constant. Our scheme is suitable for resource constrained devices.
