DACPCC: A Data Access Control Scheme with Access Permission for Cloud Computing

被引：0

作者：

Wang Y.-D. ^{[1
]}

Yang J.-H. ^{[1
]}

机构：

[1] Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing

来源：

Yang, Jia-Hai (yang@cernet.edu.cn) | 2018年 / Chinese Institute of Electronics卷 / 46期

关键词：

Access control; Access permission; Attribute revocation; Cloud computing; CP-ABE;

D O I：

10.3969/j.issn.0372-2112.2018.01.033

中图分类号：

学科分类号：

摘要：

Currently, the most common encryption scheme of cloud computing access control system is CP-ABE, but the conventional CP-ABE encryption did not deal with the issue of user's access permission; data owners only allow the users to read the data but not to write, such kind of coarse access control mechanism is not flexible and low efficiency. To deal with this issue, the paper proposes a Data Access Control scheme with access Permission for Cloud Computing (DACPCC), it sets permission control keys to encrypt the data in cloud based on CP-ABE; the data owner controls the data's access permission by choosing the permission control keys. The paper illustrates the design details of the proposed scheme, then theoretically proves the security and evaluates the performance through simulated experiments; the results show that DACPCC allows the data owners to control the access permission of the data, and it is safe and more efficient. © 2018, Chinese Institute of Electronics. All right reserved.

引用

页码：236 / 244

页数：8

共 20 条

[1] Wang Y.D., Yang J.H., Xu C., Ling X., Yang Y., Survey on access control technologies for cloud computing, Journal of Software, 26, 5, pp. 1129-1150, (2015)
[2] Feng C., Qin Z., Yuan D., Et al., Key techniques access control for cloud computing, Acta Electronica Sinica, 42, 2, pp. 312-319, (2015)
[3] Sahai A., Waters B., Fuzzy identity-based encryption, Advances in Cryptology-EUROCRYPT 2005, pp. 457-473, (2005)
[4] Bethencourt J., Sahai A., Waters B., Ciphertext-Policy attribute-based encryption, Proc of the 2007 IEEE Symp on Security and Privacy, pp. 321-334, (2007)
[5] Li F.H., Su M., Shi G.Z., Ma J.F., Research status and development trends of access control model, Acta Electronica Sinica, 40, 4, pp. 805-813, (2012)
[6] Yu N.H., Hao Z., Et al., Review of cloud computing security, Acta Electronica Sinica, 41, 2, pp. 371-381, (2013)
[7] Goyal V., Jain A., Pandey O., Sahai A., Bounded ciphertext policy attribute based encryption, Proc of the ICALP 2008, pp. 579-591, (2008)
[8] Liang X.H., Cao Z.F., Lin H., Xing D.S., Provably secure and efficient bounded ciphertext policy attribute based encryption, Proc of the ASIAN ACM Symp. on Information, Computer and Communications Security (ASIACCS 2009), pp. 343-352, (2009)
[9] Liu X., Ma J., Xiong J., Et al., Ciphertext-policy hierarchical attribute-based encryption for fine-grained access control of encryption Data, International Journal of Network Security, 16, 4, pp. 351-357, (2014)
[10] Wan Z., Liu J., Deng R.H., HASBE: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing, Information Forensics and Security, IEEE Transactions, 7, 2, pp. 743-754, (2012)

← 1 2 →