Abstract
Mobile cloud computing (MCC) offers users the flexibility and freedom to access the services or data outsourced in the cloud. MCC has witnessed rapid growth in both research and emerging applications. Lightweight and secure data access control is one of the most challenging security issues in MCC. Owing to the cryptographic-based access control property, ciphertext policy attribute-based encryption (CP-ABE) has been widely adopted as an effective solution for data access control in cloud computing. Nevertheless, CP-ABE cryptographic construct is based on bilinear paring rendering high computation cost. Therefore, using CP-ABE in MCC environment is non-trivial because mobile devices are resource-constraint and they are not suitable to run such high complexity of cryptographic operation. This research issue is unmatured and requires in-depth investigation. In this paper, we investigate the research problems and challenges of data access control solutions in MCC. Specifically, we conduct the comprehensive review of the-state-of-the-art CP-ABE based access control solutions used in MCC. The review is done through the analysis and discussion of key solutions. Finally, we point out possible research issues and challenges.
Similar content being viewed by others
References
Khashan OA. Hybrid lightweight proxy re-encryption scheme for secure fog-to-things environment. IEEE Access. 2020;8:66878–87.
Shamir A. Identity-based cryptosystems and signature schemes. In: Blakely GR, Chaum D, editors. Advances in cryptology—CRYPTO 1984, vol. 196. LNCS. Heidelberg: Springer; 1985. p. 47–53.
Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption. In: Proc. of IEEE symposium on security and privacy. IEEE; 2007. p. 321–34.
Li M, Yu S, Zheng Y, Ren K, Lou W. Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. In: IEEE transactions on parallel and distributed systems. 2012.
Goyal V, Pandey O, Sahai A, Waters B. Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of CCS’06, Alexandria, Virginia. 2006.
Mora-Afonso VS, Caballero-Gil P. Using identity-based cryptography in mobile applications. In: Herrero Á et al, editors. International joint conference SOCO’13-CISIS’13-ICEUTE’13. Advances in intelligent systems and computing, vol 239. Cham: Springer; 2013.
Chang J, Wang H, Wang F, Zhang A, Ji Y. RKA security for identity-based signature scheme. IEEE Access. 2020;8:17833–41.
Galindo D, Garcia F. A Schnorr-like lightweight identity-based signature scheme. In: Proc. AFRICACRYPT, Lecture notes in computer science, vol 5580. Heidelberg: Springer; 2009. p. 135–48.
Gennaro R, Katz J, Krawzcyk HK, Rabin T. Secure network coding over the integers. In: Proc. of international workshop on public key cryptography (PKC 2010). 2010. p. 142–60.
Li J, Yan H, Zhang Y. Efficient identity-based provable multi-copy data possession in multi-cloud storage. IEEE Trans Cloud Comput. 2019. https://doi.org/10.1109/TCC.2019.2929045.
CP-ABE Library page. http://acsc.cs.utexas.edu/cpabe/. Accessed 8 Jan 2020.
Goyal V, Pandey O, Sahai A, Waters B. Attribute-based encryption for finegrained access control of encrypted data. In: Proc. of ACM conference on computer and communications security (CCS 2006). ACM; 2006. p. 89–98.
GreenM, Hohenberger S, Waters B. Outsourcing the decryption of ABE ciphertexts. In: Proc. of the 20th USENIX conference on security (SEC'11). USENIX; 2011. p. 34.
El Gamal T. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans Inf Theory. 1985;31(4):469–72.
Asim M, Petkovic M, Ignatenko T. Attribute-based encryption with encryption and decryption outsourcing. In: Proc. of 12th Australian information security management conference. ECU Security Research Institute; 2014. p. 21–8.
Fugkeaw S. A fine-grained and lightweight data access control model for mobile cloud computing. IEEE Access. 2021;9:836–48.
Li R, Shen C, He H, Gu X, Xu Z, Xu C. A lightweight secure data sharing scheme for mobile cloud computing. IEEE Trans Cloud Comput. 2018;6(2):344–57.
Wang S, et al. A fast CP-ABE system for cyber-physical security and privacy in mobile healthcare network. IEEE Trans Ind Appl. 2020;56(4):4467–77.
Fugkeaw S, Sato H. Improved lightweight proxy re-encryption for flexible and scalable mobile revocation management in cloud computing. In: Proc. of IEEE international conference on cloud computing, June 27–July 2. IEEE; 2016. p. 894–99.
Zhou Z, Huang D. Efficient and secure data storage operations for mobile cloud computing. In: IACR cryptology, ePrint Archive. IEEE; 2012.
Li Z, Li W, Jin Z, Zhang H, Wen Q. An efficient ABE scheme with verifiable outsourced encryption and decryption. IEEE Access. 2019;7:29023–37.
Li Q, Tian Y, Zhang Y, Shen L, Guo J. Efficient privacy-preserving access control of mobile multimedia data in cloud computing. IEEE Access. 2019;7:131534–42.
Kawai Y. Outsourcing the re-encryption key generation: flexible ciphertext-policy attribute-based proxy re-encryption. In: Proc. of the international conference of information security practice and experience (ISPEC 2015), vol 9065. Cham: Springer; 2015. p. 301–15.
Ning J, Cao Z, Dong X, Ma H, Wei L, Liang K. Auditable σ-time outsourced attribute-based encryption for access control in cloud computing. IEEE Trans Inf Forensics Secur. 2018;13(1):94–105.
Zhang S, Li W, Wen Q. A flexible KP-ABE suit for mobile user realizing decryption outsourcing and attribute revocation. Wirel Pers Commun. 2020;114:2783–800.
Wan Z, Liu J, Deng RH. HASBE: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE Trans Inf Forensics Secur. 2012;7(2):743–54.
Yang K, Jia X, Ren K, Zhang B, Xie R. DAC-MACS: effective data access control for multiauthority cloud storage systems. IEEE Trans Inf Forensics Secur. 2013;8(11):1790–801.
Fugkeaw S, Sato H. An extended CP-ABE based access control model for data outsourced in the cloud. In: Proceedings of IEEE 39th annual computer software and applications (COMPSAC 2015), Taichung, Taiwan, July 1–5. 2015. p. 73–8.
Zhao J, Zeng P, Choo K-KR. An efficient access control scheme with outsourcing and attribute revocation for fog-enabled E-health. IEEE Access. 2021;9:13789–99.
Miao Y, Ma J, Liu X, Weng J, Li H, Li H. Lightweight fine-grained search over encrypted data in fog computing. IEEE Trans Serv Comput. 2019;12(5):772–85.
Sanchol P, Fugkeaw S. An analytical review of data access control schemes in mobile cloud computing. In: Recent advances in information and communication technology (IC2IT 2021), lecture notes in networks and systems, vol 251. Cham; Springer; 2021.
PBC (Pairing-Based Cryptography) library. [Online]. https://crypto.stanford.edu/pbc/. Accessed 30 June 2021.
Funding
This study was funded by the SIIT Young Researcher Grant under the contract no. SIIT2019-YRG-SF02.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article is part of the topical collection “Advanced Machine Learning Approaches in Cognitive Computing” guest edited by Kuntpong Woraratpanya and Phayung Meesad.
Rights and permissions
About this article
Cite this article
Fugkeaw, S., Sanchol, P. A Review on Data Access Control Schemes in Mobile Cloud Computing: State-of-the-Art Solutions and Research Directions. SN COMPUT. SCI. 3, 42 (2022). https://doi.org/10.1007/s42979-021-00917-w
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s42979-021-00917-w