TY - GEN
T1 - Multi-authority attribute-based encryption supporting hierarchal access policy and range policy
AU - Xu, Yuexiang
AU - Dong, Xiaolei
AU - Shen, Jiachen
N1 - Publisher Copyright:
© 2020 IEEE.
PY - 2020/8
Y1 - 2020/8
N2 - Attribute-based encryption (ABE) is an appropriate technique to solve the problems of data sharing in cloud computing for the reason it can offer fine-grained access control. A large amount of data usually has a hierarchal structure, which can be leveraged to improve the efficiency of ABE. For some attributes which have numerical values, it is common to make a policy to determine if a certain number is in a given range. However, it is inefficient to trivially make an OR gate consisting of all the values in the range. Moreover, as cloud computing becomes more and more widely used, ABE with single authority is no longer applicable. Thus, a multi-authority ABE scheme supporting range policy is proposed. In the proposed scheme, there is one trusted central authority and multiple attribute authorities that manage different attribute domains. The shared data can be encrypted with an integrated access policy to save storage overhead and encryption and decryption time. Extension to range policy is realized by using classic segment tree. In addition, we prove our scheme is secure against CPA under standard model and analyze the efficiency of our scheme in comparison.
AB - Attribute-based encryption (ABE) is an appropriate technique to solve the problems of data sharing in cloud computing for the reason it can offer fine-grained access control. A large amount of data usually has a hierarchal structure, which can be leveraged to improve the efficiency of ABE. For some attributes which have numerical values, it is common to make a policy to determine if a certain number is in a given range. However, it is inefficient to trivially make an OR gate consisting of all the values in the range. Moreover, as cloud computing becomes more and more widely used, ABE with single authority is no longer applicable. Thus, a multi-authority ABE scheme supporting range policy is proposed. In the proposed scheme, there is one trusted central authority and multiple attribute authorities that manage different attribute domains. The shared data can be encrypted with an integrated access policy to save storage overhead and encryption and decryption time. Extension to range policy is realized by using classic segment tree. In addition, we prove our scheme is secure against CPA under standard model and analyze the efficiency of our scheme in comparison.
KW - Attribute-based Encryption
KW - cloud computing
KW - hierarchal access structure
KW - range policy
UR - https://www.scopus.com/pages/publications/85096596233
U2 - 10.1109/CCNS50731.2020.00026
DO - 10.1109/CCNS50731.2020.00026
M3 - 会议稿件
AN - SCOPUS:85096596233
T3 - Proceedings - 2020 International Conference on Computer Communication and Network Security, CCNS 2020
SP - 81
EP - 86
BT - Proceedings - 2020 International Conference on Computer Communication and Network Security, CCNS 2020
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2020 International Conference on Computer Communication and Network Security, CCNS 2020
Y2 - 21 August 2020 through 23 August 2020
ER -