Fine-Grained Access Control System Based on Outsourced Attribute-Based Encryption

Li, Jin; Chen, Xiaofeng; Li, Jingwei; Jia, Chunfu; Ma, Jianfeng; Lou, Wenjing

doi:10.1007/978-3-642-40203-6_33

Cited by 115 publications

(64 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Recently, much research effort has been devoted largely to ensure the security of cloud computing [15]- [18] and remotely stored data [1]- [3], [9], [11], [19]- [21]. Ateniese et al [1] defined the "provable data possession" (PDP) model for ensuring possession of files on untrusted storages.…”

Section: A Related Workmentioning

confidence: 99%

OPoR: Enabling Proof of Retrievability in Cloud Computing with Resource-Constrained Devices

Jin

Tan

Chen

et al. 2015

IEEE Trans. Cloud Comput.

Self Cite

View full text Add to dashboard Cite

UPCommonsPortal del coneixement obert de la UPC http://upcommons.upc.edu/e-prints Li, Jin [et al.] Abstract-Cloud Computing moves the application software and databases to the centralized large data centers, where the management of the data and services may not be fully trustworthy. In this work, we study the problem of ensuring the integrity of data storage in Cloud Computing. To reduce the computational cost at user side during the integrity verification of their data, the notion of public verifiability has been proposed. However, the challenge is that the computational burden is too huge for the users with resource-constrained devices to compute the public authentication tags of file blocks. To tackle the challenge, we propose OPoR, a new cloud storage scheme involving a cloud storage server and a cloud audit server, where the latter is assumed to be semi-honest. In particular, we consider the task of allowing the cloud audit server, on behalf of the cloud users, to pre-process the data before uploading to the cloud storage server and later verifying the data integrity. OPoR outsources the heavy computation of the tag generation to the cloud audit server and eliminates the involvement of user in the auditing and in the preprocessing phases. Furthermore, we strengthen the Proof of Retrievability (PoR) model to support dynamic data operations, as well as ensure security against reset attacks launched by the cloud storage server in the upload phase.

show abstract

Section: A Related Workmentioning

confidence: 99%

OPoR: Enabling Proof of Retrievability in Cloud Computing with Resource-Constrained Devices

Jin

Tan

Chen

et al. 2015

IEEE Trans. Cloud Comput.

Self Cite

View full text Add to dashboard Cite

show abstract

“…Specifically, it has to re-issue private keys to all the other "affected" physicians, which introduces an overhead computation at authority. This issue can be fixed by using outsourced key-issuing protocol and delegating the attribute-related computation to other cloud service provider [21]. With this technique [21], during a single re-issuing of private key, the authority just needs to nearly three single-based modular exponentiations at local, and its complexity is minimized.…”

Section: Physician Revocationmentioning

confidence: 99%

“…Generally, there are two alternatives for secure delegating decryption: one is based on blinding private keys [12] and the other is to introduce a trivial attribute and use it to control local decryption [21]. In this paper, we just focus the former technique and attempt to extend it to our setting for facilitate physicians' decryption.…”

Section: Fig 3 Algorithms For Physician Revocationmentioning

confidence: 99%

Designing cloud-based electronic health record system with attribute-based encryption

Xhafa

Zhao

et al. 2014

Multimed Tools Appl

Self Cite

View full text Add to dashboard Cite

Aquesta és una còpia de la versió author's final draft d'un article publicat a la revista Multimedia tools and applications.La publicació final està disponible a Springer a través de http://dx.doi.org/10.1007/s11042- 013-1829-6 This is a copy of the author 's final draft version of an article published in the journal Multimedia tools and applications.The final publication is available at Springer via http://dx.doi.org/10.1007/s11042-013-1829-6Article publicat / Published article: Xhafa, F., Li, Jingwei, Zhao, G., Li, Jin, Chen, X., Wong, D.S., F. Abstract With the development of cloud computing, electronic health record (EHR) system has appeared in the form of patient-centric, in which patients store their personal health records (PHRs) at a remote cloud server and selectively share them with physicians for convenient medical care. Although the newly emerged form has many advantages over traditional client-server model, it inevitably introduces patients' concerns on the privacy of their PHRs due to the fact that cloud servers are very likely to be in a different trusted domain from that of the patients.In this paper, aiming at allowing for efficient storing and sharing PHRs and also eliminating patients' worries about PHR privacy, we design a secure cloud-based EHR system, which guarantees security and privacy of medical data stored in the cloud, relying on cryptographic primitive but not the full trust over cloud servers. Based on our proposed basic EHR system, we provide several extensions including adding searchability, supporting revocation functionality and enabling efficient local decryption, which fills the gap between theoretical proposal and practical application.

show abstract

“…Zhou et al [28] presented a CP-ABE scheme with constant-size ciphertexts and AND * +,− policy while the decryption cost linearly grows with the number of attributes in universe. Although outsourced ABE [11,15,17] can reduce the computation cost of users, the systems have to introduce additional servers. Currently, the CP-ABE construction proposed by Chen et al [6] is most efficient.…”

Section: Introductionmentioning

confidence: 99%

Computationally Efficient Ciphertext-Policy Attribute-Based Encryption with Constant-Size Ciphertexts

et al. 2014

Self Cite

View full text Add to dashboard Cite

Abstract. Ciphertext-policy attribute-based encryption (CP-ABE) is extremely suitable for cloud computing environment in that it enables data owners to make and enforce access policies themselves. However, most of the existing CP-ABE schemes suffer severe efficiency drawbacks due to large computation cost and ciphertext size, both of which linearly increase with the complexity of access policies. Aiming at tackling the challenge above, in this paper, we propose a CP-ABE scheme which features constant computation cost and constant-size ciphertexts. The proposed CP-ABE scheme is proven selective-secure in the random oracle model under the decision n-Bilinear Diffie-Hellman Exponent (n-BDHE) assumption, where n represents the total number of attributes in universe. In particular, the proposed scheme can efficiently support AND-gate access policies with multiple attribute values and wildcards. Performance comparisons indicate that the proposed CP-ABE scheme is promising in real-world applications, especially for the scenarios where computation and bandwidth issues are major concerns.

show abstract

Fine-Grained Access Control System Based on Outsourced Attribute-Based Encryption

Cited by 115 publications

References 19 publications

OPoR: Enabling Proof of Retrievability in Cloud Computing with Resource-Constrained Devices

OPoR: Enabling Proof of Retrievability in Cloud Computing with Resource-Constrained Devices

Designing cloud-based electronic health record system with attribute-based encryption

Computationally Efficient Ciphertext-Policy Attribute-Based Encryption with Constant-Size Ciphertexts

Contact Info

Product

Resources

About