Abstract
In ciphertext-policy attribute-based encryption (CP-ABE), once malicious users successfully decrypt the encrypted data, they can obtain the real original personal privacy data, leading to serious privacy leakages problems. Thus, if the user does not access the original private data but the perturbed data while guaranteeing statistical characteristics, the privacy protection capabilities of CP-ABE will be greatly improved. Motivated by this, an integration of basic CP-ABE and local differential privacy (LDP) or achieving multiple privacy levels data sharing (MPLDS) is constructed to provide double privacy protection for data owners, which is with a relatively lower complexity and higher data utility. To prevent different trusted users from colluding and gaining more privacy beyond their trust levels, a randomized perturbation strategy is elaborately designed for resisting collusion attacks (RCA) while ensuring the fact that the output of RCA perturbation strategy is the same as that of the original perturbation, which has been proved from the theoretical level. Finally, the proposed MPLDS scheme is simulated and verified on both synthetic and real data sets, which indicates that the proposed MPLDS scheme outperforms the existing MPPDS scheme while greatly reducing the complexity.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
Basic CP-ABE is relative to hierarchical CP-ABE, that is, the basic CP-ABE is non-hierarchical access tree structure.
Semantic security under chosen-plaintext attack (CPA) is modelled by an IND-sAtt-CPA game.
References
Hur J, Noh DK (2011) Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans Parallel Distrib Syst 22(7):1214–1221
Rao YS (2017) A secure and efficient ciphertext-policy attribute-based signcryption for personal health records sharing in cloud computing. Futur Gener Comput Syst 67:133–151
Zhang Y, Zheng D, Deng RH (2018) Security and privacy in smart health: Efficient policy-hiding attribute-based access control. IEEE Internet Things J 5(3):2130–2145
Ghane S, Jolfaei A et al (2020) Preserving privacy in the internet of connected vehicles. IEEE Trans Intell Transp Syst e3952:1-10, Early Access
Asuquo P, Cruickshank H, Morley J (2018) Security and privacy in location-based services for vehicular and mobile communications: An overview, challenges, and countermeasures. IEEE Internet Things J 5(6):4778–4802
Castiglione A et al (2016) Hierarchical and shared access control. IEEE Trans Inf Forensics Secur 11(4):850–865
Alderman J, Farley N, Crampton J (2017) Tree-based cryptographic access control. in: European Symposium on Research in Computer Security, Springer, Cham. https://doi.org/10.1007/978-3-319-66402-6_5
Castiglione A, Santis AD, Masucci B (2014) Hierarchical and shared key assignment. In: International Conference on Network-based Information Systems. IEEE: 263-270
Crampton J, Farley N, Gutin G et al (2015) Cryptographic enforcement of information flow policies without public information. in: International Conference on Applied Cryptography and Network Security, Springer, Cham. https://doi.org/10.1007/978-3-319-28166-7_19
Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. in: 2006 13th ACM Conference on Computer and Communications Security (CCS), ACM: 89-98
Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security & Privacy, IEEE: 321-334
Ibraimi L, Tang Q et al (2009) Efficient and provable secure ciphertext-policy attribute-based encryption schemes. Information Security Practice and Experience. Springer, Berlin Heidelberg, pp 1–12
Zhang L, Gao X, Kang L, Liang P, Mu Y (2021) Distributed ciphertext-policy attribute-based encryption with enhanced collusion resilience and privacy preservation. IEEE Syst J (Early Access). https://doi.org/10.1109/JSYST.2021.3072793
Chen N, Li J, Zhang Y, Guo Y (2020) Efficient CP-ABE scheme with shared decryption in cloud storage. IEEE Trans Comput (Early Access). https://doi.org/10.1109/TC.2020.3043950
Wang S, Zhou J, Joseph K (2016) An efficient file hierarchy attribute-based encryption scheme in cloud computing. IEEE Trans Inf Forensics Secur 11(6):1265–1277
Kim I, Susilo W, Baek J, Kim J (2020) Harnessing policy authenticity for hidden ciphertext policy attribute based encryption. IEEE Trans Dependable Secure Comput (Early Access). https://doi.org/10.1109/TDSC.2020.3040712
Li J, Yao W et al (2018) User collusion avoidance CP-ABE with efficient attribute revocation for cloud storage. IEEE Syst J 12(2):1767–1777
Teng W, Yang G et al (2017) Attribute-based access control with constant-size ciphertext in cloud computing. IEEE Transactions on Cloud Computing 5(4):617–627
Zhou Z, Huang D, Wang Z (2015) Efficient privacy-preserving ciphertext-policy attribute based-encryption and broadcast encryption. IEEE Trans Comput 64(1):126–138
Yang Z, Xing Z et al (2019) A verifiable hidden policy CP-ABE with decryption testing scheme and its application in VANET. Trans Emerg Telecommun Technol e3785, Early Access
Xiao X, Tao Y et al (2019) Optimal random perturbation at multiple privacy levels. Very Large Data Bases 2(1):814–825
Kim JM, Edemacu K, Jang B (2019) MPPDS: Multilevel privacy-preserving data sharing in a collaborative eHealth system. IEEE Access 7:109910–109923
Erlingsson Ú, Pihur V, Korolova A (2014) Rappor: Randomized aggregatable privacy-preserving ordinal response. In: 2014 ACM SIGSAC conference on computer and communications security, ACM: 1054-1067
Ye Q, Meng X et al (2018) Survey on local differential privacy. Journal of Software 29(7):1981–2005
Wang J, Wang Y, Zhao G et al (2019) Location protection method for mobile crowd sensing based on local differential privacy preference. Peer-to-Peer Networking and Applications 12:1097–1109
Song H, Luo T, Li J (2019) Common criterion of privacy metrics and parameters analysis based on error probability for randomized response. IEEE Access 7:16964–16978
Song H, Luo T, Wang X, Li J (2020) Multiple sensitive values-oriented personalized privacy preservation based on randomized response. IEEE Trans Inf Forensics Secur 15:2209–2224
Huang H, Chen D, Li Y (2021) IM-LDP: Incentive mechanism for mobile crowd-sensing based on local differential privacy. IEEE Commun Lett 25(3):960–964
Zhao Y et al (2020) Local differential privacy based federated learning for Internet of things. IEEE Internet Things J. https://doi.org/10.1109/JIOT.2020.3037194
Kairouz P, Oh S, Viswanath P (2014) Extremal mechanisms for local differential privacy. In: 2014 28th Conference on Neural Information Processing Systems (NIPS) pp 2879-2887
Newman D J, Hettich S, Blake C L, Merz C J (1998) UCI repository of machine learning databases. Dept. Inf. Comput. Sci., Univ. California, Irvine, CA, USA, 1998. [Online]. http://www.ics.uci.edu/mlearn/MLRepository.html
Ben L (2013) The java pairing-based cryptography (JPBC) Library. [Online]. http://gas.dia.unisa.it/projects/jpbc/#.XyzzqzMpWTA
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This work was supported in part by the National Key Research and Development Program of China under Grant No. 2019YFC1709200 and No. 2019YFC1709202, and the National Science Foundation of China under Grant No. 61571065.
Rights and permissions
About this article
Cite this article
Song, H., Han, X., Lv, J. et al. MPLDS: An integration of CP-ABE and local differential privacy for achieving multiple privacy levels data sharing. Peer-to-Peer Netw. Appl. 15, 369–385 (2022). https://doi.org/10.1007/s12083-021-01238-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-021-01238-8