• PDF / 336,302 Bytes
• 20 Pages / 439.37 x 666.142 pts Page_size
• 71 Downloads / 185 Views

DOWNLOAD

REPORT

Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai 200240, China [email protected] 2 Shanghai Key Lab for Trustworthy Computing, East China Normal University, Shanghai 200062, China {dongxiaolei,zfcao}@sei.ecnu.edu.cn 3 College of Information Technology, Shanghai Ocean University, Shanghai 201306, China [email protected]

Abstract. As a sophisticated mechanism for secure fine-grained access control, ciphertext-policy attribute-based encryption (CP-ABE) is a highly promising solution for commercial applications such as cloud computing. However, there still exists one major issue awaiting to be solved, that is, the prevention of key abuse. Most of the existing CP-ABE systems missed this critical functionality, hindering the wide utilization and commercial application of CP-ABE systems to date. In this paper, we address two practical problems about the key abuse of CP-ABE: (1) The key escrow problem of the semi-trusted authority; and, (2) The malicious key delegation problem of the users. For the semi-trusted authority, its misbehavior (i.e., illegal key (re-)distribution) should be caught and prosecuted. And for a user, his/her malicious behavior (i.e., illegal key sharing) need be traced. We affirmatively solve these two key abuse problems by proposing the first accountable authority CP-ABE with whitebox traceability that supports policies expressed in any monotone access structures. Moreover, we provide an auditor to judge publicly whether a suspected user is guilty or is framed by the authority. Keywords: Attribute-based encryption · Ciphertext-policy · Key abuse · White-box traceablity · Public auditing

1

Introduction

As a new commercial and exciting paradigm, cloud computing has attracted much attention from both industrial and academic world. Due to the advantage of cloud computing, plenty of enterprises and individuals can share and outsource their data to cloud servers instead of building and maintaining data centers of their own, and themselves or other authorized users can access the outsorced data anywhere c Springer International Publishing Switzerland 2015  G. Pernul et al. (Eds.): ESORICS 2015, Part II, LNCS 9327, pp. 270–289, 2015. DOI: 10.1007/978-3-319-24177-7 14

Accountable Authority CP-ABE with WT and PA in the Cloud

271

and anytime [1]. Despite lots of benefits provided by cloud computing, the concerns on data security are probably the main obstacles hindering the wide usage of cloud services. To address the data security concerns, encryption has been applied on the data of enterprises and individuals before outsourcing. Nevertheless, in some practical applications of cloud computing, data is often shared with some potential users without knowing who will receive it, thus a fine-grained access control over data is desired. Attribute-Based Encryption (ABE, [13]) is a promising approach to protect the confidentiality of sensitive data and express fine-grained access control for cloud computing. In a CP-ABE system, enterprises and individuals can specify access p

Recommend Documents

Making Any Identity-Based Encryption Accountable, Efficiently

147 39 363KB

Public-Key Encryption

154 32 2MB

Public-key Encryption

185 18 3MB

Quality of Internal Auditing in the Public Sector Perspectives from

143 43 4MB

Public Sector Accounting, Auditing and Control in South Eastern Europe

162 82 2MB

Authority and Identity A Sociolinguistic History of Europe before th

182 28 3MB

Outsourced Multi-authority ABE with White-Box Traceability for Cloud-IoT

137 77 56MB

Privacy Protection and User Traceability in Strong Key-Exposure Resilient Auditing for Cloud Storage

189 53 23MB

Auditing Good Government in Africa Public Sector Reform, Professiona

186 52 1MB

Bounded-Collusion Identity-Based Encryption from Semantically-Secure Public-Key Encryption: Generic Constructions with S

171 120 8MB

Public Cloud Data Auditing with Practical Key Update and Zero Knowledge Privacy

124 68 367KB

A Blockchain-Based Decentralized Public Auditing Scheme for Cloud Storage

193 2 56MB