Attribute-based fine-grained access control with efficient revocation in cloud storage systems

Kan Yang, Xiaohua Jia, Kui Ren
2013 Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security - ASIA CCS '13  
Cloud storage service allows data owner to host their data in the cloud and through which provide the data access to the users. Because the cloud server is not trustworthy in the cloud storage system, we cannot rely on the server to conduct data access control. To achieve data access control on untrusted servers, traditional methods usually require the data owner to encrypt the data and deliver decryption keys to authorized users. In these methods, however, the key management is very
more » ... and inefficient. In this paper, we design an access control framework in cloud storage systems and propose a fine-grained access control scheme based on Ciphertext-Policy Attribute-based Encryption (CP-ABE) approach. In our scheme, the data owner is in charge of defining and enforcing the access policy. We also propose an efficient attribute revocation method for CP-ABE systems, which can greatly reduce the attribute revocation cost. The analysis shows that our proposed access control scheme is efficient and provably secure in the random oracle model.
doi:10.1145/2484313.2484383 dblp:conf/ccs/YangJR13 fatcat:dnz6dv4fujhjbb43oihzbfoluu