Revocation Basis and Proofs Access Control for Cloud Storage Multi-Authority Systems

Multi-Authority Ciphertext-Policy Attribute-Based Encryption (MA-CP-ABE) is a rising cryptographic primitive for implementing fine-grained attribute-based access control on the outsourced data in cloud storage. However, most of the previous multi-authority attribute-based systems area unit either proved to be secure in a very weak model or lack of potency in user revocation. In this paper, we have introduced the formal definition of the attributes' trust. Also, a new Revocation Basis and Proofs Access Control (RB-PAC) model for cloud storage multi-authority systems has been proposed. Our RB-PAC model ensures secure resource sharing among potential untrusted tenants, supports different access permissions to the same user at the same session, and effectively satisfies both the backward and forward secrecy security requirements. Also, RB-PAC is proven secure against the users' collusion attack. Finally, The experimental results have indicated through the trust dynamics that the trust level for each user is decaying over time. The decryption overhead is largely eliminated and not related to the number of system authorities. Also, a low overhead and short ciphertext update time at different numbers of revoked attributes and revoked users has been achieved.