Hidden Attribute Outsourced Decryption Access Control Scheme Based on CP-ABE

doi:10.3969/j.issn.1006-2475.2018.05.016

Abstract

Abstract: In conventional attribute-based encryption schemes, the data owner embeds the access structure to the ciphertext, thus the user receives the ciphertext with the access structure, however the access structure itself might contain private information of the data owner. This paper proposes a hidden attribute outsourced decryption access control scheme based on CP-ABE (Ciphertext-Policy Attribute-Based Encryption). The scheme can not only hide the attributes of the access control policy specified by the data owner, but also deliver the computation intensive decryption operations to the proxy server and guarantee that the unauthorized attribute authorization center or the proxy server can not decrypt the shared encrypted data alone.

Key words: hidden attribute, outsourced decryption, ciphertext-policy attribute-based encryption, access control

CLC Number:

TP309.7

CHEN Cheng, Nurmamat HELIL. Hidden Attribute Outsourced Decryption Access Control Scheme Based on CP-ABE[J]. Computer and Modernization, doi: 10.3969/j.issn.1006-2475.2018.05.016.

References

［1］   Sahai A, Waters B. Fuzzy identity-based encryption［C］// International Conference on Theory and Applications of Cryptographic Techniques. 2005:457-473.
［2］ Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data［C］// ACM Conference on Computer and Communications Security. 2006:89-98.
［3］ Ostrovsky R, Sahai A, Waters B. Attribute-based encryption with non-monotonic access structures［C］// ACM Conference on Computer & Communications Security. 2007:195-203.
［4］ Attrapadung N, Imai H. Conjunctive broadcast and attribute-based encryption［C］// Proceedings of 2009 3rd International Conference on Pairing-Based Cryptography. 2009:248-265.
［5］    Attrapadung N, Imai H. Attribute-based encryption supporting direct/indirect revocation modes［C］// International Conference on Cryptography and Coding. 2009:278-300. 〖LL〗〖HJ1.65mm〗
［6］ Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption［C］// IEEE Symposium on Security and Privacy. 2007:321-334.
［7］    Waters B. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization［C］// International Workshop on Public Key Cryptography.   2011:53-70.
［8］ Nishide T, Yoneyama K, Ohta K. Attribute-based encryption with partially hidden encryptor-specified access structures［C］// International Conference on Applied Cryptography and Network Security. 2008:111-129.
［9］ Yu Shucheng, Ren Kui, Lou Wenjing. Attribute-based content distribution with hidden policy［C］// IEEE Workshop on Secure Network Protocols. 2008:39-44.
［10］ Lai Junzuo, Deng R H, Li Yingjiu. Fully secure cipertext-policy hiding CP-ABE［C］// International Conference on Information Security Practice and Experience. 2011:24-39. 
［11］Lai Junzuo, Deng R H, Li Yingjiu. Expressive CP-ABE with partially hidden access structures［C］// ACM Symposium on Information, Computer and Communications Security. 2012:18-19.
［12］Hur J. Attribute-based secure data sharing with hidden policies in smart grid［J］. IEEE Transactions on Parallel & Distributed Systems, 2013,24(11):2171-2180.
［13］Zhang Yinghui, Chen Xiaofeng, Li Jin, et al. Anonymous attribute-based encryption supporting efficient decryption test［C］// ACM Symposium on Information, Computer and Communications Security. 2013:511-516.
［14］宋衍,韩臻,刘凤梅,等. 基于访问树的策略隐藏属性加密方案［J］. 通信学报, 2015,36(9):119-126.
［15］ 应作斌,马建峰,崔江涛. 支持动态策略更新的半策略隐藏属性加密方案［J］. 通信学报, 2015,36(12):178-189. 
［16］雷蕾,蔡权伟,荆继武,等. 支持策略隐藏的加密云存储访问控制机制［J］. 软件学报, 2016,27(6):1432-1450.
［17］张赛,杨庚,韩亚梅,等. 支持属性撤销的策略隐藏与层次化访问控制［J］. 计算机工程与应用, 2017,53(4):51-58.
［18］杜瑞颖,沈剑,陈晶,等. 基于策略隐藏属性加密的云访问控制方案［J］. 武汉大学学报(理学版), 2016,62(3):242-248.

[1]	Gulbostan Akim, Nurmamat Helil. ABAC Decision Recycling with Dynamic Policy Change [J]. Computer and Modernization, 2022, 0(10): 47-54.
[2]	LIU Zheng, WU Ke-hua, YE Chun-xiao. Security-enhanced Data Access Control for Multi-authority Cloud Storage [J]. Computer and Modernization, 2021, 0(10): 119-126.
[3]	LI Wen-quan, XU Su-ping. Tourism Resource Information Database System Based on Geographic Information [J]. Computer and Modernization, 2021, 0(08): 100-103.
[4]	LIU Xue-zhen, CUI Yan, DENG Xiao-fei, PENG Jie. An Efficient Attribute Revocation Scheme of Supporting Rights Management [J]. Computer and Modernization, 2021, 0(07): 95-101.
[5]	ZHAO Wei, QIN Li-han, YUN Chen-chao. Cross Platform Access Control of Technology Achievement Data Based on Portal Authentication Technology#br# [J]. Computer and Modernization, 2021, 0(07): 102-106.
[6]	SUN Guang-cheng, LI Hong-zhe, LI Sai-fei, ZHANG Xiao-wei. Internet of Things Access Control System Based on Blockchain [J]. Computer and Modernization, 2020, 0(11): 100-108.
[7]	MIAO Si-wei1， YU Wen-hao1， YAO Feng2， GAO Jing3. Security Analysis for PLC Access Control [J]. Computer and Modernization, 2019, 0(09): 41-.
[8]	YANG Yang, CAO Yan. Adaptive Access Control Model Based on Hazardous Events [J]. Computer and Modernization, 2019, 0(08): 98-.
[9]	ZHANG Peng, ZHOU Liang. Trust-based Dynamic Multi-level Access Control Model [J]. Computer and Modernization, 2019, 0(07): 116-.
[10]	LIU Sai1, NIE Qing-jie1, LIU Jun1, LI Dong-min2, LI Jing2. A New Access Control Model for Real Time Database #br# Backup System Based on Quantified Action [J]. Computer and Modernization, 2018, 0(01): 116-122.
[11]	SHI Ting-jun, ZHANG Ying-jie. Method of Access Control of Attribute-based Ciphertext Policy for Cloud Storage [J]. Computer and Modernization, 2017, 0(7): 111-116.
[12]	WANG Yao, LI Fei-fei, WANG Gang. Attribute-based Encryption Scheme of Efficient Full-verifiable Outsourced Decryption [J]. Computer and Modernization, 2017, 0(4): 114-117.
[13]	WEI Ming-lun, LYU Xin, XU Shu-fang, WANG Long-bao, LI Shui-yan, PING Ping, MA Hong-xu, LIU Xuan. An Efficient Attribute Based Encryption Data Sharing Scheme of #br# Supporting Attribute Revocation [J]. Computer and Modernization, 2016, 0(2): 66-71.
[14]	JI Kai-wei, LE Hong-bing. Research and Application of Rule Engine on Access Control [J]. Computer and Modernization, 2015, 0(8): 75-79.
[15]	XU Jian-zhen, CAO Huan-huan, SONG Ai-ling. Linked Hierarchical Routing Protocol Based on Access Control [J]. Computer and Modernization, 2015, 0(4): 14-19.