ISCAS OpenIR
a secure and efficient revocation scheme for fine-grained access control in cloud storage
Lv Zhiquan; Hong Cheng; Zhang Min; Feng Dengguo
2012
会议名称2012 4th IEEE International Conference on Cloud Computing Technology and Science, CloudCom 2012
会议录名称CloudCom 2012 - Proceedings: 2012 4th IEEE International Conference on Cloud Computing Technology and Science
页码545-550
会议日期December 3, 2012 - December 6, 2012
会议地点Taipei, Taiwan
收录类别EI
ISBN9781467345095
部门归属(1) Institute of Software Chinese Academy of Sciences Beijing China
摘要To keep data confidential against unauthorized cloud servers and users, cryptographic access control mechanisms must be adopted. However, user revocation is a challenging issue since it would inevitably require data re-encryption, and may need user secret key updates. Considering the complexity of fine-grained access control policy and the large number of users in cloud, this issue would become extremely difficult to resolve. In this paper, we focus on this challenging open issue and present a secure and efficient revocation scheme. We propose a modified CP-ABE algorithm to set up a fine-grained access control method, in which user revocation is achieved based on the theory of Shamir's Secret Sharing. Compared with existing schemes, our scheme introduces a minimal overhead not only to the data owner but also to cloud servers. Collusions between cloud servers and revoked users can be avoided as long as the key-update protocol is honestly executed. Meanwhile, the data owner can delegate key updates to the cloud servers without disclosing data contents, user attributes, and the access policy information. Moreover, our scheme maintains the important feature that the revocation won't affect the users whose attribute set is a superset of the revoked user's. © 2012 IEEE.; To keep data confidential against unauthorized cloud servers and users, cryptographic access control mechanisms must be adopted. However, user revocation is a challenging issue since it would inevitably require data re-encryption, and may need user secret key updates. Considering the complexity of fine-grained access control policy and the large number of users in cloud, this issue would become extremely difficult to resolve. In this paper, we focus on this challenging open issue and present a secure and efficient revocation scheme. We propose a modified CP-ABE algorithm to set up a fine-grained access control method, in which user revocation is achieved based on the theory of Shamir's Secret Sharing. Compared with existing schemes, our scheme introduces a minimal overhead not only to the data owner but also to cloud servers. Collusions between cloud servers and revoked users can be avoided as long as the key-update protocol is honestly executed. Meanwhile, the data owner can delegate key updates to the cloud servers without disclosing data contents, user attributes, and the access policy information. Moreover, our scheme maintains the important feature that the revocation won't affect the users whose attribute set is a superset of the revoked user's. © 2012 IEEE.
关键词Cloud Computing Digital Storage
主办者Quanta Computer; MEDIATEK; Microsoft; Institute for Information Industry; Industrial Technology Research Institute (ITRI)
语种英语
内容类型会议论文
URI标识http://ir.iscas.ac.cn/handle/311060/15915
专题中国科学院软件研究所
推荐引用方式
GB/T 7714
Lv Zhiquan,Hong Cheng,Zhang Min,et al. a secure and efficient revocation scheme for fine-grained access control in cloud storage[C],2012:545-550.
条目包含的文件
条目无相关文件。
个性服务
推荐该条目
保存到收藏夹
查看访问统计
导出为Endnote文件
谷歌学术
谷歌学术中相似的文章
[Lv Zhiquan]的文章
[Hong Cheng]的文章
[Zhang Min]的文章
百度学术
百度学术中相似的文章
[Lv Zhiquan]的文章
[Hong Cheng]的文章
[Zhang Min]的文章
必应学术
必应学术中相似的文章
[Lv Zhiquan]的文章
[Hong Cheng]的文章
[Zhang Min]的文章
相关权益政策
暂无数据
收藏/分享
所有评论 (0)
暂无评论
 

除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。