The economy and security of modern society relies on increasingly remote and distributed infrastructures. This trend increases both the complexity of access control to outsourced data and the need of privacy-preserving mechanisms. Indeed, access control policies should be flexible and distinguishable among users with different privileges. Also, privacy preservation should be ensured against curious storage system administrators, for outsourced data, as well as access requestors identities if

more »

... ded. In this paper, we propose a multi-level access control mechanism based on an original use of attribute based encryption schemes. Our construction has several advantages. First, it ensures fine-grained access control, supporting multi-security levels with respect to different granted access rights for each outsourced data file. Second, relying on an attribute based mechanism, key management is minimized, such that users sharing the same access rights are not required to collaborate to extract the secret enciphering key. Third, our proposal is proven to provide efficient processing and communication overhead, compared to classical usage of attribute based encryption schemes. Sharing sensitive data between different involved actors is often an issue, due to the complexity of ac-Kaaniche, N. and Laurent, M. Attribute based Encryption for Multi-level Access Control Policies.