当前位置: X-MOL 学术Cluster Comput. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
PMTER-ABE: a practical multi-authority CP-ABE with traceability, revocation and outsourcing decryption for secure access control in cloud systems
Cluster Computing ( IF 3.6 ) Pub Date : 2021-01-01 , DOI: 10.1007/s10586-020-03202-2
Kamalakanta Sethi , Ankit Pradhan , Padmalochan Bera

Attribute-based encryption (ABE) has evolved as an efficient and secure method for storage of data with fine-grained access control in cloud platforms. In recent years, increasing diversification in the design of ABE schemes has led to significant research in the assimilation of properties like traceability, revocation, and outsourcing decryption. However, most of the recent ABE schemes incorporate few of these properties and hence lack in robustness to adapt with varying demands of cloud systems. In modern ABE designs, the notions of forward and backward secrecy have been introduced to accommodate the delegation of a large number of heterogeneous users in the system. In general, these features are realized under the concept of user revocation. On the other hand, to control malicious users in the system, it is necessary to implement traceability in integration with user revocation. Finally, for resource-constrained users, outsourcing decryption to proxy servers is a viable option. Thus, we propose PMTER-ABE, a practical decentralized multi-authority traceable and efficiently revocable attribute-based cryptosystem with outsourcing decryption advantage. The key features of our cryptosystem are (i) incorporating large attribute universe with highly expressive policies, (ii) integrating forward and backward secrecy under user revocation, (iii) implementing white-box traceability to detect malicious users, and (iv) outsourcing decryption to reduce the computational overhead of decryption on users. We present the formal proofs for correctness, security, and traceability of PMTER-ABE along with performance analysis. The efficiency and usability of PMTER-ABE is shown with practical implementation and experimental results.



中文翻译:

PMTER-ABE:实用的多权限CP-ABE,具有可追溯性,吊销和外包解密功能,用于云系统中的安全访问控制

基于属性的加密(ABE)已经发展成为一种高效且安全的方法,用于在云平台中使用细粒度的访问控制来存储数据。近年来,随着ABE方案设计的日益多样化,已经对同化诸如可追溯性,吊销和外包解密之类的特性进行了大量研究。但是,大多数最新的ABE方案都很少包含这些属性,因此缺乏适应云系统变化需求的鲁棒性。在现代的ABE设计中,引入了前向和后向保密性的概念,以适应系统中大量异构用户的委派。通常,这些功能是在用户撤销的概念下实现的。另一方面,要控制系统中的恶意用户,与用户撤销集成时,必须实现可跟踪性。最后,对于资源受限的用户,将解密外包给代理服务器是一个可行的选择。因此,我们提出了PMTER-ABE,这是一种实用的分散多机构可追踪且可有效撤消的基于属性的密码系统,具有外包解密的优势。我们的密码系统的关键特征是(i)将大型属性Universe与高表现力策略相结合;(ii)在用户吊销下集成向前和向后保密;(iii)实现白盒可追溯性以检测恶意用户;以及(iv)外包解密减少用户解密的计算开销。我们提供PMTER-ABE正确性,安全性和可追溯性的正式证明,以及性能分析。

更新日期:2021-01-01
down
wechat
bug