A Secure Communication Model for Expressive Access Control Using CP-ABE
نویسندگان
چکیده
Attribute Based Encryption is a technique that associates user’s attributes with keys. Data is encrypted using a specific policy and only those keys whose attributes satisfy that policy are allowed to decrypt it. In this paper, we propose a secure communication model based on Ciphertext Policy Attribute Based Encryption (CP-ABE). This model allows Role Based Access Control for documents without the use of a secure server to enforce the access policies. We propose a scalable implementation for key revocation and user attribute updation with improved flexibility. Our method uses a key revoke-list and key-version to achieve this. We show the implementation using the CP-ABE toolkit, an open source library that implements the CP-ABE scheme. We also show how confidentiality, integrity and source authentication is achieved in our model.
منابع مشابه
An Efficient CP-ABE with Constant Size Secret Keys using ECC for Lightweight Devices
The energy cost of asymmetric cryptography is a vital component of modern secure communications, which inhibits its wide spread adoption within the ultra-low energy regimes such as Implantable Medical Devices (IMDs) and Radio Frequency Identification (RFID) tags. The ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptographic tool, where an encryptor can decide the access...
متن کاملExpressive, Efficient, and Revocable Data Access Control for Multi-Authority Cloud Storage
Data access control is an efficient way to make sure the data security in the cloud. Due to data outsourcing and untrusted cloud servers, the data access control becomes a challenging issue in cloud storage systems. Ciphertext-Policy Attribute-based Encryption (CP-ABE) is regarded as one of the most suitable technologies for data access control in cloud storage, because it gives data owners mor...
متن کاملIR-CP-ABE: Identity Revocable Ciphertext-Policy Attribute-Based Encryption for Flexible Secure Group-Based Communication
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is an access control mechanism over encrypted data and well suited for secure group-based communication. However, it also suffers from the following problem, i.e., it is impossible to build all desired groups. For example, if two group members have exactly the same attributes, how to construct a group including only one of the two members? O...
متن کاملDoS-Resistant Attribute-Based Encryption in Mobile Cloud Computing with Revocation
Security and privacy are very important challenges for outsourced private data over cloud storages. By taking Attribute-Based Encryption (ABE) for Access Control (AC) purpose we use fine-grained AC over cloud storage. In this paper, we extend previous Ciphertext Policy ABE (CP-ABE) schemes especially for mobile and resource-constrained devices in a cloud computing environment in two aspects, a ...
متن کاملA Fully Secure Ciphertext-Policy Attribute-Based Encryption With a Tree-Based Access Structure
A new fully secure ciphertext-policy attributed based encryption (CP-ABE) scheme with high expressibity access policy is presented. Our CP-ABE scheme uses tree-based access structure which includes AND, OR, threshold and NOT gates which granted high degree of expressibility for encryptor to make an access policy. Moreover, our scheme achieves full security CP-ABE definition where any access str...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- I. J. Network Security
دوره 19 شماره
صفحات -
تاریخ انتشار 2017