TY - GEN
T1 - Extending the ciphertext-policy attribute based encryption scheme for supporting flexible access control
AU - Lang, Bo
AU - Xu, Runhua
AU - Duan, Yawei
PY - 2013
Y1 - 2013
N2 - Ciphertext-Policy Attribute Based Encryption (CP-ABE) is recognized as an important data protection mechanism in cloud computing environment for its flexible, scalable and fine-grained access control features. For enhancing its security, efficiency and policy flexibility, researchers have proposed different schemes of CP-ABE which have different kinds of access policy structures. However, as far as we know, most of these structures only support AND, OR and threshold attribute operations. In order to achieve more effective data self-protection mechanisms in open environments such as Cloud computing, CP-ABE needs to support more flexible attribute based policies, most of which are described using operators of NOT, <, ≤, >, ≥. This paper proposed an Extended CP-ABE(ECP-ABE) scheme based on the existing CP-ABE scheme. The ECP-ABE scheme can express any access policy represented by arithmetic comparison and logical expressions that involve NOT, <, ≤, >, ≥ operators in addition to AND, OR and threshold operators. We prove the Chosen-plaintext Attack (CPA) security of our scheme under the Decisional Bilinear Diffie- Hellman (DBDH) assumption in the standard model, and also discuss the experimental results of the efficiency of ECP-ABE.
AB - Ciphertext-Policy Attribute Based Encryption (CP-ABE) is recognized as an important data protection mechanism in cloud computing environment for its flexible, scalable and fine-grained access control features. For enhancing its security, efficiency and policy flexibility, researchers have proposed different schemes of CP-ABE which have different kinds of access policy structures. However, as far as we know, most of these structures only support AND, OR and threshold attribute operations. In order to achieve more effective data self-protection mechanisms in open environments such as Cloud computing, CP-ABE needs to support more flexible attribute based policies, most of which are described using operators of NOT, <, ≤, >, ≥. This paper proposed an Extended CP-ABE(ECP-ABE) scheme based on the existing CP-ABE scheme. The ECP-ABE scheme can express any access policy represented by arithmetic comparison and logical expressions that involve NOT, <, ≤, >, ≥ operators in addition to AND, OR and threshold operators. We prove the Chosen-plaintext Attack (CPA) security of our scheme under the Decisional Bilinear Diffie- Hellman (DBDH) assumption in the standard model, and also discuss the experimental results of the efficiency of ECP-ABE.
KW - Attribute based access control
KW - Ciphertext-policy attribute based encryption (cp-abe)
KW - Cloud computing
KW - Extended cp-abe
UR - https://www.scopus.com/pages/publications/84887647585
M3 - 会议稿件
AN - SCOPUS:84887647585
SN - 9789898565730
T3 - ICETE 2013 - 10th International Joint Conference on E-Business and Telecommunications; SECRYPT 2013 - 10th International Conference on Security and Cryptography, Proceedings
SP - 147
EP - 157
BT - ICETE 2013 - 10th International Joint Conference on E-Business and Telecommunications; SECRYPT 2013 - 10th International Conference on Security and Cryptography, Proceedings
T2 - 10th International Conference on Security and Cryptography, SECRYPT 2013 - Part of 10th International Joint Conference on E-Business and Telecommunications, ICETE 2013
Y2 - 29 July 2013 through 31 July 2013
ER -