DET-ABE: A Java API for Data Confidentiality and Fine-Grained Access Control from Attribute Based Encryption

Abstract: Many works in the literature have proposed information security mechanisms relying on Paring Based Cryptography (PBC), for example, Ciphertext Policy Attribute Based Encryption (CP-ABE). However, a public set of software modules that allow integrating that kind of encryption for data security of information systems in an easy and transparent way is still missing. Available APIs like PBC (C-based) or jPBC (Java-based) are focused on low level arithmetic operations and several non trivial issues must still be ad… Show more

“…high, medium, and low) 1 . III) In the Mitigation Phase, a security module performs the encryption of the file depending on the risk scoring detected in the previous phase by using a multi-level security engine, which uses symmetric encryption to ensure privacy and confi-85 dentiality [20], attribute-based encryption to ensure confidentiality and access control [21,22,13], and digital signatures to ensure integrity and authentication [23,13]. Security level can be changed onthe-fly and the security level for the three types of 90 encryption is determined based on the risk level detected on the file content/context (The bigger the risk level, the larger the size of the encryption keys) and the access control attributes are chosen for each file depending on the context (The attributes of the 95 users included in a sharing operations are on-thefly defined and used in the encryption/decryption of each file).…”

“…A realization of digital envelopes from ABE based on symmetric cryptography (AES) to encrypt data and policy-based attribute to encrypt the AES key by using public key cryptography has been [22] proposed. In this model, only the recipient of the dig-195 ital envelope, with its private key, can decrypt the key with which to decrypt the data.…”

A policy-based containerized filter for secure information sharing in organizational environments

“…high, medium, and low) 1 . III) In the Mitigation Phase, a security module performs the encryption of the file depending on the risk scoring detected in the previous phase by using a multi-level security engine, which uses symmetric encryption to ensure privacy and confi-85 dentiality [20], attribute-based encryption to ensure confidentiality and access control [21,22,13], and digital signatures to ensure integrity and authentication [23,13]. Security level can be changed onthe-fly and the security level for the three types of 90 encryption is determined based on the risk level detected on the file content/context (The bigger the risk level, the larger the size of the encryption keys) and the access control attributes are chosen for each file depending on the context (The attributes of the 95 users included in a sharing operations are on-thefly defined and used in the encryption/decryption of each file).…”

“…A realization of digital envelopes from ABE based on symmetric cryptography (AES) to encrypt data and policy-based attribute to encrypt the AES key by using public key cryptography has been [22] proposed. In this model, only the recipient of the dig-195 ital envelope, with its private key, can decrypt the key with which to decrypt the data.…”

A policy-based containerized filter for secure information sharing in organizational environments

Attribute-Based Data Retrieval with Keyword Search over Encrypted Data in Cloud

A pairing-based cryptographic approach for data security in the cloud