Attribute Based DRM Scheme with Efficient Revocation in Cloud Computing

The existing digital rights management (DRM) schemes in cloud computing introduce a heavy computation overhead on the content provider for key distribution. In this paper, we propose an attribute-based DRM scheme in cloud computing by combining the techniques of ciphertextpolicy attribute-based encryption (CP-ABE) and proxy reencryption (PRE). We first divide the content encryption key into two parts, content master key and assistant key. Then we enforce access policies based on attributes to distribute the content master key securely. Thus the users who satisfy the access policy can recover the content master key, and then obtain assistant key from the key server and decrypt the content. Furthermore, we achieve efficient attribute and user revocation by allowing the attribute authority to delegate the key server to refuse to issue the assistant key for the revoked users. The security and performance analyses indicate that the proposed scheme is secure, efficient, and privacy-preserving.