Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing

Jiguo Li, Wei Yao, Yichen Zhang, Huiling Qian, Jinguang Han

Research output: Contribution to journalArticle

81 Citations (Scopus)

Abstract

With the development of cloud computing, outsourcing data to cloud server attracts lots of attentions. To guarantee the security and achieve flexibly fine-grained file access control, attribute based encryption (ABE) was proposed and used in cloud storage system. However, user revocation is the primary issue in ABE schemes. In this article, we provide a ciphertext-policy attribute based encryption (CP-ABE) scheme with efficient user revocation for cloud storage system. The issue of user revocation can be solved efficiently by introducing the concept of user group. When any user leaves, the group manager will update users' private keys except for those who have been revoked. Additionally, CP-ABE scheme has heavy computation cost, as it grows linearly with the complexity for the access structure. To reduce the computation cost, we outsource high computation load to cloud service providers without leaking file content and secret keys. Notably, our scheme can withstand collusion attack performed by revoked users cooperating with existing users. We prove the security of our scheme under the divisible computation Diffie-Hellman assumption. The result of our experiment shows computation cost for local devices is relatively low and can be constant. Our scheme is suitable for resource constrained devices.
Original languageUndefined/Unknown
Pages (from-to)785-796
Number of pages12
JournalIEEE Transactions on Services Computing
Volume10
Issue number5
DOIs
Publication statusPublished - 22 Jan 2016
Externally publishedYes

Cite this

Li, Jiguo ; Yao, Wei ; Zhang, Yichen ; Qian, Huiling ; Han, Jinguang. / Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing. In: IEEE Transactions on Services Computing. 2016 ; Vol. 10, No. 5. pp. 785-796.
@article{557c66ad9032470ebbafc4b04d4cd91f,
title = "Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing",
abstract = "With the development of cloud computing, outsourcing data to cloud server attracts lots of attentions. To guarantee the security and achieve flexibly fine-grained file access control, attribute based encryption (ABE) was proposed and used in cloud storage system. However, user revocation is the primary issue in ABE schemes. In this article, we provide a ciphertext-policy attribute based encryption (CP-ABE) scheme with efficient user revocation for cloud storage system. The issue of user revocation can be solved efficiently by introducing the concept of user group. When any user leaves, the group manager will update users' private keys except for those who have been revoked. Additionally, CP-ABE scheme has heavy computation cost, as it grows linearly with the complexity for the access structure. To reduce the computation cost, we outsource high computation load to cloud service providers without leaking file content and secret keys. Notably, our scheme can withstand collusion attack performed by revoked users cooperating with existing users. We prove the security of our scheme under the divisible computation Diffie-Hellman assumption. The result of our experiment shows computation cost for local devices is relatively low and can be constant. Our scheme is suitable for resource constrained devices.",
author = "Jiguo Li and Wei Yao and Yichen Zhang and Huiling Qian and Jinguang Han",
year = "2016",
month = "1",
day = "22",
doi = "10.1109/TSC.2016.2520932",
language = "Undefined/Unknown",
volume = "10",
pages = "785--796",
journal = "IEEE Transactions on Services Computing",
issn = "1939-1374",
publisher = "IEEE Computer Society",
number = "5",

}

Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing. / Li, Jiguo; Yao, Wei; Zhang, Yichen; Qian, Huiling; Han, Jinguang.

In: IEEE Transactions on Services Computing, Vol. 10, No. 5, 22.01.2016, p. 785-796.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Flexible and Fine-Grained Attribute-Based Data Storage in Cloud Computing

AU - Li, Jiguo

AU - Yao, Wei

AU - Zhang, Yichen

AU - Qian, Huiling

AU - Han, Jinguang

PY - 2016/1/22

Y1 - 2016/1/22

N2 - With the development of cloud computing, outsourcing data to cloud server attracts lots of attentions. To guarantee the security and achieve flexibly fine-grained file access control, attribute based encryption (ABE) was proposed and used in cloud storage system. However, user revocation is the primary issue in ABE schemes. In this article, we provide a ciphertext-policy attribute based encryption (CP-ABE) scheme with efficient user revocation for cloud storage system. The issue of user revocation can be solved efficiently by introducing the concept of user group. When any user leaves, the group manager will update users' private keys except for those who have been revoked. Additionally, CP-ABE scheme has heavy computation cost, as it grows linearly with the complexity for the access structure. To reduce the computation cost, we outsource high computation load to cloud service providers without leaking file content and secret keys. Notably, our scheme can withstand collusion attack performed by revoked users cooperating with existing users. We prove the security of our scheme under the divisible computation Diffie-Hellman assumption. The result of our experiment shows computation cost for local devices is relatively low and can be constant. Our scheme is suitable for resource constrained devices.

AB - With the development of cloud computing, outsourcing data to cloud server attracts lots of attentions. To guarantee the security and achieve flexibly fine-grained file access control, attribute based encryption (ABE) was proposed and used in cloud storage system. However, user revocation is the primary issue in ABE schemes. In this article, we provide a ciphertext-policy attribute based encryption (CP-ABE) scheme with efficient user revocation for cloud storage system. The issue of user revocation can be solved efficiently by introducing the concept of user group. When any user leaves, the group manager will update users' private keys except for those who have been revoked. Additionally, CP-ABE scheme has heavy computation cost, as it grows linearly with the complexity for the access structure. To reduce the computation cost, we outsource high computation load to cloud service providers without leaking file content and secret keys. Notably, our scheme can withstand collusion attack performed by revoked users cooperating with existing users. We prove the security of our scheme under the divisible computation Diffie-Hellman assumption. The result of our experiment shows computation cost for local devices is relatively low and can be constant. Our scheme is suitable for resource constrained devices.

UR - http://www.scopus.com/inward/record.url?eid=2-s2.0-85032255532&partnerID=MN8TOARS

U2 - 10.1109/TSC.2016.2520932

DO - 10.1109/TSC.2016.2520932

M3 - Article

VL - 10

SP - 785

EP - 796

JO - IEEE Transactions on Services Computing

JF - IEEE Transactions on Services Computing

SN - 1939-1374

IS - 5

ER -