Achieving revocable fine-grained cryptographic access control over cloud data

Author

Yanjiang YANG
Xuhua DING, Singapore Management UniversityFollow
Haibing LU
Zhiguo WAN
Jianying ZHOU

Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

11-2013

Abstract

Attribute-based encryption (ABE) is well suited for finegrained access control for data residing on a cloud server. However, existing approaches for user revocation are not satisfactory. In this work, we propose a new approach which works by splitting an authorized user’s decryption capability between the cloud and the user herself. User revocation is attained by simply nullifying the decryption ability at the cloud, requiring neither key update nor re-generation of cloud data. We propose a concrete scheme instantiating the approach, which features lightweight computation at the user side. This makes it possible for users to use resource-constrained devices such as mobile phones to access cloud data. We implement our scheme, and also empirically evaluate its performance.

Discipline

Information Security

Research Areas

Cybersecurity

Publication

Proceedings of the 16th International Conference on Information Security: ISC 2013 Dallas, Texas, November 13-15

First Page

293

Last Page

308

ISBN

9783319276588

Publisher

Springer International Publishing Switzerland 2015

City or Country

Dallas, TX

Citation

YANG, Yanjiang; DING, Xuhua; LU, Haibing; WAN, Zhiguo; and ZHOU, Jianying. Achieving revocable fine-grained cryptographic access control over cloud data. (2013). Proceedings of the 16th International Conference on Information Security: ISC 2013 Dallas, Texas, November 13-15. 293-308.
Available at: https://ink.library.smu.edu.sg/sis_research/1968

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.