More Web Proxy on the site http://driver.im/

article

Achieving dynamic privileges in secure data sharing on cloud storage

Authors:

Hui LiAuthors Info & Claims

Security and Communication Networks, Volume 7, Issue 11

Pages 2211 - 2224

https://doi.org/10.1002/sec.739

Published: 01 November 2014 Publication History

Abstract

With the rapid development of cloud computing, more and more enterprises will outsource their sensitive data for sharing in a cloud. Many data sharing and access control schemes have been submitted. However, dynamic privileges among user groups were not considered. In many circumstances, some users may have higher privileges than others, and they can decrypt more contents than those with low privileges. Moreover, the data owner may want to dynamically control the privileges in data sharing. In this paper, we present an efficient framework for data sharing system to achieve dynamic privileges, basing on chameleon hash function and one-way function. With this framework, any data sharing and access control scheme can be turned into a dynamic privileged scheme, in which the data owner can change the group of each user dynamically and change the structure of privileges flexibly when it is needed. The proposed framework requires much less storage than previous schemes in handling dynamic privileges among the users. Copyright © 2013 John Wiley & Sons, Ltd.

References

[1]

Gentry C, Silverberg A. Hierarchical ID-based cryptography. ASIACRYPT, Lecture Notes in Computer Science, vol. 2501, Zheng Y ed., Springer, Heidelberg, 2002; pp.548-566.

[2]

Sahai A, Waters B. Fuzzy identity-based encryption. EUROCRYPT 2005, Lecture Notes in Computer Science, vol. Volume 3494, Springer, Heidelberg, 2005; pp.457-473.

Digital Library

[3]

Fiat A, Naor M. Broadcast encryption. CRYPTO, Lecture Notes in Computer Science, vol. Volume 773, Stinson DR ed., Springer, Heidelberg, 1993; pp.480-491.

[4]

Wang Q, Wang C, Li J, Ren K, Lou W. Enabling public verifiability and data dynamics for storage security in cloud computing. ESORICS, Lecture Notes in Computer Science, vol. Volume 5789, Backes M, Ning P eds., Springer, Heidelberg, 2009; pp.355-370.

[5]

Wang C, Wang Q, Ren K, Cao N, Lou W. Toward secure and dependable storage services in cloud computing. IEEE T. Services Computing 2012; Volume 5 Issue 2: pp.220-232.

[6]

FOXTEL. Foxtel packeges 2012. "http://www.foxtel.com.au/shop/packages/".

[7]

Jin H, Lotspiech J. Broadcast encryption for differently privileged. SEC, IFIP, vol. Volume 297, Gritzalis D, Lopez J eds., Springer, Heidelberg, 2009; pp.283-293.

[8]

Thulasiraman K, Swamy MNS. Graphs: Theory and Algorithms. John Wiley & Son, New York, 1992.

[9]

Adelsbach A, Huber U, Sadeghi AR. Property-based broadcast encryption for multi-level security policies. ICISC, Lecture Notes in Computer Science, vol. Volume 3935, Won D, Kim S eds., Springer, Heidelberg, 2005; pp.15-31.

[10]

Zhao X, Zhang F. Tracing and revoking scheme for dynamic privileges against pirate rebroadcast. Computers & Security 2012; Volume 31 Issue 1: pp.59-69.

[11]

Chen X, Zhang F, Kim K. Chameleon hashing without key exposure. ISC, Lecture Notes in Computer Science, vol. Volume 3225, Zhang K, Zheng Y eds., Springer, Heidelberg, 2004; pp.87-98.

[12]

Boneh D, Franklin M. Identity-based encryption from the Weil pairing. CRYPTO 2001, Lecture Notes in Computer Science</publisherName>, vol. Volume 2139, <publisherName>Springer, Heidelberg, 2001; pp.213-229.

[13]

Boneh D, Boyen X, Goh E. Hierarchical identity based encryption with constant size ciphertext. EUROCRYPT 2005, Lecture Notes in Computer Science, vol. Volume 3493, Springer, Heidelberg, 2005; pp.440-456.

Digital Library

[14]

Gentry C, Halevi S. Hierarchical identity based encryption with polynomially many levels. TCC, Lecture Notes in Computer Science, vol. Volume 5444, Reingold O ed., Springer, Heidelberg, 2009; pp.437-456.

[15]

Lewko AB, Waters B. Unbounded HIBE and attribute-based encryption. EUROCRYPT, Lecture Notes in Computer Science, vol. Volume 6632, Paterson KG ed., Springer, Heidelberg, 2011; pp.547-567.

[16]

Goyal V, Pandey O, Sahai A, Waters B. Attribute-based encryption for fine-grained access control of encrypted data. ACM Conference on Computer and Communications Security, Juels A, Wright RN, <familyNamePrefix>di</familyNamePrefix>Vimercati SDC eds., ACM Press, New York, 2006; pp.89-98.

Digital Library

[17]

Ostrovsky R, Sahai A, Waters B. Attribute-based encryption with non-monotonic access structures. ACM Conference on Computer and Communications Security, Ning P, <familyNamePrefix>di</familyNamePrefix>Vimercati SDC, Syverson PF eds., ACM Press, New York, 2007; pp.195-203.

Digital Library

[18]

Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption. IEEE Symposium on Security and Privacy, IEEE Computer Society, Los Alamitos, 2007; pp.321-334.

[19]

Müller S, Katzenbeisser S, Eckert C. Distributed attribute-based encryption. ICISC, Lecture Notes in Computer Science, vol. Volume 5461, Lee PJ, Cheon JH eds., Springer, Heidelberg, 2008; pp.20-36.

[20]

Li J, et al. Fine-grained data access control systems with user accountability in cloud computing. CloudCom, IEEE, Piscataway, N.J, 2010; pp.89-96.

[21]

Yu S, Wang C, Ren K, Lou W. Achieving secure, scalable, and fine-grained data access control in cloud computing. INFOCOM, IEEE, Piscataway, N.J, 2010; pp.534-542.

[22]

Yu S, Wang C, Ren K, Lou W. Attribute based data sharing with attribute revocation. ASIACCS, Feng D, Basin DA, Liu P eds., ACM Press, New York, 2010; pp.261-270.

[23]

Li M, Yu S, Ren K, Lou W. Securing personal health records in cloud computing: patient-centric and fine-grained data access control in multi-owner settings. SecureComm, Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol. Volume 50, Jajodia S, Zhou J eds., Springer, Heidelberg, 2010; pp.89-106.

[24]

Wang G, Liu Q, Wu J. Achieving fine-grained access control for secure data sharing on cloud servers. Concurrency and Computation: Practice and Experience 2011; Volume 23 Issue 12: pp.1443-1464.

[25]

Herranz J, Laguillaumie F, Rífols C. Constant size ciphertexts in threshold attribute-based encryption. Public Key Cryptography, Lecture Notes in Computer Science, vol. Volume 6056, Nguyen PQ, Pointcheval D eds., Springer, Heidelberg, 2010; pp.19-34.

[26]

Attrapadung N, Libert B, <familyNamePrefix>de</familyNamePrefix>Panafieu E. Expressive key-policy attribute-based encryption with constant-size ciphertexts. Public Key Cryptography, Lecture Notes in Computer Science, vol. Volume 6571, Catalano D, Fazio N, Gennaro R, Nicolosi A eds., Springer, Heidelberg, 2011; pp.90-108.

[27]

Naor D, Naor M, Lotspiech J. Revocation and tracing schemes for stateless receivers. In CRYPTO, Lecture Notes in Computer Science, Vol. Volume 2139, Kilian J ed. Springer, Heidelberg, 2001; pp.41-62.

Digital Library

[28]

Halevy D, Shamir A. The LSD broadcast encryption scheme. CRYPTO, Lecture Notes in Computer Science, vol. Volume 2442, Yung M ed., Springer, Heidelberg, 2002; pp.47-60.

[29]

Goodrich MT, Sun JZ, Tamassia R. Efficient tree-based revocation in groups of low-state devices. CRYPTO, Lecture Notes in Computer Science, vol. Volume 3152, Franklin MK ed., Springer, Heidelberg, 2004; pp.511-527.

[30]

Naor M, Pinkas B. Efficient trace and revoke schemes. Financial Cryptography, Lecture Notes in Computer Science, vol. Volume 1962, Frankel Y ed., Springer, Heidelberg, 2000; pp.1-20.

[31]

Delerablée C, Paillier P, Pointcheval D. Fully collusion secure dynamic broadcast encryption with constant-size ciphertexts or decryption keys. Pairing, Lecture Notes in Computer Science, vol. Volume 4575, Takagi T, Okamoto T, Okamoto E, Okamoto T eds., Springer, Heidelberg, 2007; pp.39-59.

[32]

Kusakawa M, Hiwatari H, Asano T, Matsuda S. Efficient dynamic broadcast encryption and its extension to authenticated dynamic broadcast encryption. CANS, Lecture Notes in Computer Science, vol. Volume 5339, Franklin MK, Hui LCK, Wong DS eds., Springer, Heidelberg, 2008; pp.31-48.

[33]

Lewko AB, Sahai A, Waters B. Revocation systems with very small private keys. IEEE Symposium on Security and Privacy, IEEE Computer Society, Los Alamitos, 2010; pp.273-285.

[34]

Boneh D, Gentry C, Waters B. Collusion resistant broadcast encryption with short ciphertexts and private keys. CRYPTO, Lecture Notes in Computer Science, vol. Volume 3621, Shoup V ed., Springer, Heidelberg, 2005; pp.258-275.

[35]

Sakai R, Furukawa J. Identity-based broadcast encryption. Technical reports, Cryptology ePrint Archive, Report 2007/217 2007. "http://eprint.iacr.org/2007/217"<span cssStyle="font-family:monospace">.</span>

[36]

Delerablée C. Identity-based broadcast encryption with constant size ciphertexts and private keys. ASIACRYPT, Lecture Notes in Computer Science, vol. Volume 4833, Kurosawa K ed., Springer, Heidelberg, 2007; pp.200-215.

[37]

Gentry C, Waters B. Adaptive security in broadcast encryption systems with short ciphertexts. EUROCRYPT 2009, Lecture Notes in Computer Science, vol. Volume 5479, Springer, Heidelberg, 2009; pp.171-188.

[38]

Ren Y, Gu D. Fully CCA2 secure identity based broadcast encryption without random oracles. Inf. Process. Lett. 2009; Volume 109 Issue 11: pp.527-533.

[39]

Krawczyk H, Rabin T. Chameleon signatures. NDSS, The Internet Society, Reston, VA, 2000; pp.143-154.

[40]

Ateniese G, <familyNamePrefix>de</familyNamePrefix>Medeiros B. Identity-based chameleon hash and applications. Financial Cryptography, Lecture Notes in Computer Science, vol. Volume 3110, Juels A ed., Springer, Heidelberg, 2004; pp.164-180.

[41]

Ateniese G, <familyNamePrefix>de</familyNamePrefix>Medeiros B. On the key exposure problem in chameleon hashes. SCN, Lecture Notes in Computer Science, vol. Volume 3352, Blundo C, Cimato S eds., Springer, Heidelberg, 2004; pp.165-179.

[42]

Gao W, Li F, Wang X. Chameleon hash without key exposure based on Schnorr signature. Computer Standards & Interfaces 2009; Volume 31 Issue 2: pp.282-285.

[43]

Chen X, Zhang F, Susilo W, Tian H, Li J, Kim K. Identity-based chameleon hash scheme without key exposure. ACISP, Lecture Notes in Computer Science, vol. Volume 6168, Steinfeld R, Hawkes P eds., Springer, Heidelberg, 2010; pp.200-215.

[44]

Chen X, Zhang F, Tian H, Wei B, Kim K. Discrete logarithm based chameleon hashing and signatures without key exposure. Computers & Electrical Engineering 2011; Volume 37 Issue 4: pp.614-623.

[45]

Konoma C, Mambo M, Shizuya H. The computational difficulty of solving cryptographic primitive problems related to the discrete logarithm problem. IEICE Transactions 2005; Volume 88-A Issue 1: pp.81-88.

[46]

Zhang F, Wang P. On relationship of computational Diffie-Hellman problem and computational square-root exponent problem. IWCC, Lecture Notes in Computer Science, vol. Volume 6639, Chee YM, Guo Z, Ling S, Shao F, Tang Y, Wang H, Xing C eds., Springer, Heidelberg, 2011; pp.283-293.

[47]

Zhang F. The computational square-root exponent problem revisited. Technical Report, Cryptology ePrint Archive, Report 2011/263 2011. "http://eprint.iacr.org/2011/263"<span cssStyle="font-family:monospace">.</span>

Cited By

Sabitha SRajasree M(2017)Access control based privacy preserving secure data sharing with hidden access policies in cloudJournal of Systems Architecture: the EUROMICRO Journal10.1016/j.sysarc.2017.03.00275:C(50-58)Online publication date: 1-Apr-2017
https://dl.acm.org/doi/10.1016/j.sysarc.2017.03.002

Achieving dynamic privileges in secure data sharing on cloud storage
1. Software and its engineering
  1. Software organization and properties
    1. Software system structures

Recommendations

Tracing and revoking scheme for dynamic privileges against pirate rebroadcast

Broadcast encryption provides a convenient method to distribute digital content to subscribers over an insecure broadcast channel so that only the qualified users can recover the data. Currently, there are only two broadcast encryption schemes designed ...
Achieving Secure Role-Based Access Control on Encrypted Data in Cloud Storage

With the rapid developments occurring in cloud computing and services, there has been a growing trend to use the cloud for large-scale data storage. This has raised the important security issue of how to control and prevent unauthorized access to data ...
Protecting outsourced data in cloud computing through access management

Data outsourcing is a major component for cloud computing because data owners are able to distribute resources to external services for sharing with users and organizations. A crucial problem for owners is how to secure sensitive information accessed by ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Security and Communication Networks

Security and Communication Networks Volume 7, Issue 11

November 2014

596 pages

ISSN:1939-0114

EISSN:1939-0122

Issue’s Table of Contents

Publisher

John Wiley & Sons, Inc.

United States

Publication History

Published: 01 November 2014

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 23 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Sabitha SRajasree M(2017)Access control based privacy preserving secure data sharing with hidden access policies in cloudJournal of Systems Architecture: the EUROMICRO Journal10.1016/j.sysarc.2017.03.00275:C(50-58)Online publication date: 1-Apr-2017
https://dl.acm.org/doi/10.1016/j.sysarc.2017.03.002

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents