SHI Jiaoli, HUANG Chuanhe, HE Kai, SHEN Xieyang. ACS-HCA: An Access Control Scheme Under Hierarchical Cryptography Architecture[J]. Chinese Journal of Electronics, 2019, 28(1): 52-61. doi: 10.1049/cje.2018.10.002
Citation: SHI Jiaoli, HUANG Chuanhe, HE Kai, SHEN Xieyang. ACS-HCA: An Access Control Scheme Under Hierarchical Cryptography Architecture[J]. Chinese Journal of Electronics, 2019, 28(1): 52-61. doi: 10.1049/cje.2018.10.002

ACS-HCA: An Access Control Scheme Under Hierarchical Cryptography Architecture

doi: 10.1049/cje.2018.10.002
Funds:  This work is supported by the National Natural Science Foundation of China (No.61373040, No.61772385).
More Information
  • Corresponding author: HUANG Chuanhe (corresponding author) received the B.Sc., M.Sc., and Ph.D. degrees in computer science from Wuhan University, Wuhan, China, in 1985, 1988, and 2002, respectively. He is currently a professor at the School of Computing, Wuhan University. His research interests include network security, Software defined network (SDN), opportunistic network, wireless network, and spatial information network. (Email:huangch@whu.edu.cn)
  • Received Date: 2016-04-27
  • Rev Recd Date: 2017-11-20
  • Publish Date: 2019-01-10
  • Binding access policies to data, Ciphertext-policy attribute-based encryption (CP-ABE) enables data access control to be independent from a certain application and lets users face data directly. It is regarded as one of the most suitable access control methods in cloud storage system and gets the attention of extensive researches. In those researches, Hierarchical cryptography architecture (HCA) is often applied to improve the efficiency of the system. There exist two open issues:illegal leakage of symmetric keys and low efficiency of revocation of an attribute of a user. We propose an Access control scheme under Hierarchical cryptography architecture (ACS-HCA). In this scheme, key derivation mechanism and forward derivation function are used to avoid the leakage of symmetric keys, All-orNothing transform is used to prevent the illegal reuse of symmetric keys, and attribute revocation is realized without re-issuing other users' private keys. Analyses and simulations demonstrate that our scheme sustains less encrypting cost on each owner and less decrypting cost on each user, but gain high efficiency in revocation of an attribute of a user.
  • loading
  • K. Yang, X.H. Jia, K. Ren, et al., "DAC-MACS:Effective data access control for multi-authority cloud storage systems", INFOCOM, Turin, Italy, pp.2895-2903, 2013.
    X. Dong, J.D. Yu, Y. Luo, et al., "Achieving an effective, scalable and privacy-preserving data sharing service in cloud computing", Computers & Security, Vol.42, No.5, pp.151-164, 2014.
    Q. Huang, Z. Ma, Y. Yang, et al., "EABDS:Attributebased secure data sharing with efficient revocation in cloud computing", Chinese Journal of Electronics, Vol.24, No.4, pp.862-868, 2015.
    J. Hur and K. Kang, "Secure data retrieval for decentralized disruption-tolerant military networks", IEEE/ACM Transactions on Networking, Vol.22, No.1, pp.16-26, 2014.
    Y. Chen, L. Song and G. Yang, "Attribute-based access control for multi-authority systems with constant size ciphertext in cloud computing", China Communications, Vol.13, No.2, pp.146-162, 2016.
    Q. Zhao, Y. Zhang, G. Zhang et al., "Ciphertext-policy attribute based encryption supporting any monotone access structures without escrow", Chinese Journal of Electronics, Vol.26, No.3, pp.640-646, 2017.
    S. Mang, F. Li, G. Shi, et al., "A user-centric data secure creation scheme in cloud computing", Chinese Journal of Electronics, Vol.25, No.4, pp.753-760, 2016.
    Y. Chen, L. Song and G. Yang, "Attribute-based access control for multi-authority systems with constant size ciphertext in cloud computing", China Communications, Vol.13, No.2, pp.146-162, 2016.
    J. Li, W. Yao, Y. Zhang, et al., "Flexible and fine-grained attribute-based data storage in cloud computing", IEEE Transactions on Services Computing, Published Online, 2017.
    K. Yang, Z. Liu, X.H. Jia, et al., "Time-domain attributebased access control for cloud-based video", content sharing:A cryptographic approach", IEEE Transactions on Multimedia, Vol.18, No.5, pp.940-950, 2016.
    J. Li, W. Yao, J. Han, et al., "User collusion avoidance CPABE with efficient attribute revocation for cloud storage", IEEE Systems Journal, Published Online, 2017.
    J.K. Resch and J.S. Plank, "AONT-RS:Blending security and performance in dispersed storage", systems, FAST-2011:9th Usenix Conference on File and Storage Technologies, USENIX, pp.191-202, 2012.
    J. Bethencourt, A. Sahai and B. Waters, "Ciphertext-policy attribute-based encryption", IEEE Symposium on Security and Privacy, Berkeley, CA, United states, pp.321-334, 2007.
    Y. Zhu, H. Hu, G.-J. Ahn, et al., "Comparison-based encryption for fine-grained access control in clouds", 2th ACM conference on Data and Application Security and Privacy, Texas, USA, pp.105-116, 2012.
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Article Metrics

    Article views (52) PDF downloads(210) Cited by()
    Proportional views
    Related

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return