当前位置:
X-MOL 学术
›
IEEE Trans. Cloud Comput.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Efficient Decentralized Attribute Based Access Control for Mobile Clouds
IEEE Transactions on Cloud Computing ( IF 6.5 ) Pub Date : 2020-01-01 , DOI: 10.1109/tcc.2017.2754255 Sourya Joyee De , Sushmita Ruj
IEEE Transactions on Cloud Computing ( IF 6.5 ) Pub Date : 2020-01-01 , DOI: 10.1109/tcc.2017.2754255 Sourya Joyee De , Sushmita Ruj
Fine grained access control is a requirement for data stored in untrusted servers like clouds. Owing to the large volume of data, decentralized key management schemes are preferred over centralized ones. Often encryption and decryption are quite expensive and not practical when users access data from resource constrained devices. We propose a decentralized attribute based encryption (ABE) scheme with fast encryption, outsourced decryption and user revocation. Our scheme is very specific to the context of mobile cloud as the storage of encrypted data and the partial decryption of ciphertexts are dependent on the cloud and users with mobile devices can upload data to the cloud or access data from it by incurring very little cost for encryption and decryption respectively. The main idea is to divide the encryption into two phases, offline preprocessing phase which is done when the device is otherwise not in use and an online phase when the data is actually encrypted with the policy. This makes encryption faster and more efficient than existing decentralized ABE schemes. For decryption outsourcing, data users need to generate a transformed version of the decryption key allowing an untrusted proxy server to partially decrypt the ciphertext without gaining any information about the plaintext. Data users can then fully decrypt the partially decrypted ciphertext without performing any costly pairing operations. We also introduce user revocation in this scheme without incurring too much additional cost in the online phase. Comparison with other ABE schemes shows that our scheme significantly reduces computation times for both data owners and data users and highly suitable for use in mobile devices.
中文翻译:
移动云的高效去中心化属性访问控制
细粒度访问控制是存储在不受信任的服务器(如云)中的数据的要求。由于数据量大,分散式密钥管理方案优于集中式密钥管理方案。当用户从资源受限的设备访问数据时,加密和解密通常非常昂贵且不切实际。我们提出了一种具有快速加密、外包解密和用户撤销的去中心化基于属性的加密(ABE)方案。我们的方案非常适用于移动云环境,因为加密数据的存储和密文的部分解密都依赖于云,拥有移动设备的用户可以将数据上传到云或从云中访问数据,只需支付很少的成本分别加密和解密。主要思想是将加密分为两个阶段,离线预处理阶段在设备未使用时完成,在线阶段在数据实际使用策略加密时完成。这使得加密比现有的去中心化 ABE 方案更快、更有效。对于解密外包,数据用户需要生成解密密钥的转换版本,允许不受信任的代理服务器部分解密密文,而无需获得有关明文的任何信息。然后,数据用户可以完全解密部分解密的密文,而无需执行任何昂贵的配对操作。我们还在该方案中引入了用户撤销,而不会在在线阶段产生过多的额外成本。
更新日期:2020-01-01
中文翻译:
移动云的高效去中心化属性访问控制
细粒度访问控制是存储在不受信任的服务器(如云)中的数据的要求。由于数据量大,分散式密钥管理方案优于集中式密钥管理方案。当用户从资源受限的设备访问数据时,加密和解密通常非常昂贵且不切实际。我们提出了一种具有快速加密、外包解密和用户撤销的去中心化基于属性的加密(ABE)方案。我们的方案非常适用于移动云环境,因为加密数据的存储和密文的部分解密都依赖于云,拥有移动设备的用户可以将数据上传到云或从云中访问数据,只需支付很少的成本分别加密和解密。主要思想是将加密分为两个阶段,离线预处理阶段在设备未使用时完成,在线阶段在数据实际使用策略加密时完成。这使得加密比现有的去中心化 ABE 方案更快、更有效。对于解密外包,数据用户需要生成解密密钥的转换版本,允许不受信任的代理服务器部分解密密文,而无需获得有关明文的任何信息。然后,数据用户可以完全解密部分解密的密文,而无需执行任何昂贵的配对操作。我们还在该方案中引入了用户撤销,而不会在在线阶段产生过多的额外成本。
京公网安备 11010802027423号