Achieving Scalable and Optimized Attribute Revocation in Cloud Computing

Somchart FUGKEAW, Hiroyuki SATO
2017 IEICE transactions on information and systems  
Revocation is one of the major problems for access control systems. Especially, the revocation cost for the data outsourced in the third party environment such as cloud storage systems. The revocation in the cloud-based access control typically deals with the cryptographic operations that introduce costly overheads for key re-generation, file reencryption, and key re-distribution. Also, the communication for retrieving files for re-encryption and loading them back to the cloud is another
more » ... ial cost for data owners. In this paper, we propose a Very Lightweight Proxy Re-Encryption (VL-PRE) scheme to efficiently support attributebased revocation and policy update in the collaborative data sharing in cloud computing environment. To this end, we propose three-phase VL-PRE protocol including re-encryption key generation, re-encryption key update, and re-encryption key renewal for supporting the optimized attribute revocation and policy update. Finally, we conduct the experiments to evaluate the performance of our VL-PRE and show that it exhibits less computation cost with higher scalability in comparison with existing PRE schemes. key words: revocation, data access control, policy update, proxy reencryption Somchart Fugkeaw is currently a Ph.D. candidate with the Department of Electrical Engineering and Information Systems, University of Tokyo. His research interests include security and privacy in cloud computing, access control models, and PKI. Hiroyuki Sato is currently an Associate Professor with the Department of Electrical Engineering and Information Systems, University of Tokyo. His research interests include programming language, trust, information security, and optimization.
doi:10.1587/transinf.2016ntp0006 fatcat:ika57zv53rbxvgtwrpgfowbrti