Fine-grained Access Control and Revocation for Sharing Data on Clouds

Author

Tu, Shan-shan ; Niu, Shao-zhang ; Li, Hui ; Xiao-ming, Yun ; Li, Meng-jiao

Author_Institution

Sch. of Comput. Sci., Beijing Univ. of Posts & Telecommun., Beijing, China

fYear

2012

fDate

21-25 May 2012

Firstpage

2146

Lastpage

2155

Abstract

With the current rapid increase of cloud computing, enterprises outsource their sensitive data for sharing in a cloud. The key problems of this approach include establishing access control for the encrypted data, and revoking the access rights from users when they are no longer authorized to access the encrypted data on cloud servers. This paper aims to solve these problems. Firstly, based on the attribute encryption and the dual encryption system, we propose a concrete access control scheme constructed over the composite order bilinear groups, and we prove its security under the standard model. Then, we propose a fully fine-grained revocation scheme under the direct revocation model, so as to efficiently revoke access rights from users on cloud servers.

Keywords

authorisation; cloud computing; cryptography; access rights; attribute encryption; authorization; cloud computing; cloud servers; cloud sharing; composite order bilinear groups; concrete access control scheme; direct revocation model; dual encryption system; encrypted data; enterprises outsource; fine-grained access control; fine-grained revocation scheme; sensitive data; sharing data; standard model; Access control; Encryption; Generators; Polynomials; Servers; Attribute-based encryption; Cloud computing; Secure storage; User revocation;

fLanguage

English

Publisher

ieee

Conference_Titel

Parallel and Distributed Processing Symposium Workshops & PhD Forum (IPDPSW), 2012 IEEE 26th International

Conference_Location

Shanghai

Print_ISBN

978-1-4673-0974-5

Type

conf

DOI

10.1109/IPDPSW.2012.265

Filename

6270575