Revocable attribute-based access control in mutli-autority systems

Imine, Youcef; Lounis, Ahmed; Bouabdallah, Abdelmadjid

doi:10.1016/j.jnca.2018.08.008

Cited by 16 publications

(7 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [15,16], a user and attribute revocable access control scheme is proposed.The scheme supports the revocation of the user or the user's attributes, and the terminal members cannot access the original resources after revocation. At the same time, in the scheme, users can add or reduce attributes according to their own needs, and the amount of calculation is small in this process.…”

Section: Related Workmentioning

confidence: 99%

Dynamic permission access control model based on privacy protection

et al. 2022

View full text Add to dashboard Cite

Access control technology is one of the key technologies to ensure safe resource sharing. Identity authentication and authority distribution are two key technologies for access control technology to restrict unauthorized users from accessing resources and resources can only be accessed by authorized legal users. However, user privacy protection and frequent permission changes are two thorny issues that need to be solved urgently by access control technology. To deal with these problems, this paper proposes a dynamic access control technology based on privacy protection. Compared with existing access control technologies, the main advantages of this paper are as follows: 1) encrypt and hide the attributes of entities, and use attribute-based identity authentication technology for identity authentication, which not only achieves the purpose of traditional identity authentication, but also ensures the attributes and privacy of entities are not leaked; 2) Binding resource access permissions with entity attributes, dynamically assigning and adjusting resource access control permissions through changes in entity attributes, making resource access control more fine-grained and more flexible. Security proof and performance analysis show that the proposed protocol safe under the hardness assumption of the discrete logarithm problem (DLP) Dynamic permission access control model based on privacy protection and the decision bilinear Diffie-Hellman (DBDH) problem. Compared with the cited references, it has the advantages of low computational complexity, short computational time, and low communication overhead.

show abstract

Section: Related Workmentioning

confidence: 99%

Dynamic permission access control model based on privacy protection

et al. 2022

View full text Add to dashboard Cite

show abstract

“…But this scheme does not support attribute revocation. Imine et al [29] divided the access system into the public domain and the private domain, and introduced complementary sharing to realize attribute revocation in the public domain and user revocation in the private domain. But in this scheme, two ciphertext algorithms need to be constructed to deal with different revocation situations.…”

Section: ) User Revocationmentioning

confidence: 99%

Efficient Attribute-Based Encryption Outsourcing Scheme With User and Attribute Revocation for Fog-Enabled IoT

Zheng

Li³

2020

IEEE Access

View full text Add to dashboard Cite

With the rapid growth of Internet of Things (IoT) applications, fog computing enables the IoT to provide efficient services by extending the cloud computing paradigm to the edge of the network. However, the existing attribute-based encryption schemes rarely focus on user and attribute revocation in fog computing and most of them still impose high computational and storage overhead on resource-limited IoT devices. In this paper, we propose an efficient attribute-based encryption outsourcing scheme with user and attribute revocation for fog-enabled IoT. The proposed scheme improves the existing encryption scheme that uses the concept of attribute groups to achieve attribute revocation, making it suitable for fog computing and improving the efficiency of ciphertext update. In addition, it implements a novel method of user revocation in fog computing based on the characteristics of fog computing. In order to reduce the computing and storage burden of IoT devices, the heavy computation operations of encryption and decryption are outsourced to fog nodes and part of secret keys are stored in fog nodes. The security analysis shows that the proposed scheme is secure under the Decisional Bilinear Diffie-Hellman (DBDH) assumption. The performance analysis shows that the proposed scheme has high revocation efficiency and is efficient enough to be deployed in practical fog computing. INDEX TERMS Fog computing, attribute-based encryption, revocation, outsourcing, access control.

show abstract

“…However, in the time-based methodologies, the withdrawal is not instantly and the retracted users can still get into the data up to the next key generation phase, while proxy-key frameworks donot get to a fine-grained access and the users are not allowed to gain into their data if the proxy is not online. However, in 2018, Imine et al [Imine, Lounis and Bouabdallh (2018)] proposed a new and proficient withdrawal framework for dispersed attribute-based systems in order to solve these restrictions. Their proposed framework certifies changeable and fine-grained Access Control and averts security degradations.…”

Section: Security and Privacy Challenges In Access Control Big Datamentioning

confidence: 99%

“…Yet, this framework has some problems in the AC withdrawal, which is one of its main downsides. In 2018, Imine et al [Imine, Lounis and Bouabdallh (2018)] proposed a new methodology which implements revocation for disperse attribute-scheme for multi-authority systems, such as cloud-based systems in which DB are stored. Specifically, this scheme brings the following advantages: a) Rekeying is not needed because of the secret sharing of the revocation's allocation.…”

Section: Framework For Access Control Big Datamentioning

confidence: 99%

“…For instance, the CSBAC [Ashwin, Hong, Thomas et al (2017)] framework has a minimal overhead in order to prevent unauthorized users to misuse and abuse users' data, however the authors of this framework are planning to make the following two important enhancements in their framework: 1) advancing the theoretical methodology for assessing data sensitivity and 2) a deeper analysis performance of individual components. Moreover, the authors of the Revocable Attribute-based AC [Imine, Lounis and Bouabdallh (2018)] framework, would like to improve the cost efficiency for encryption and description on the components with very few resources, for instance they would like to experiment the feasibility of adding proxy servers in the system. Furthermore, since the Role and Access Based Data Segregator [Gupta, Pandhi, Bindu et al (2016)] is a conceptual model, the authors are planning to implement this model for Hadoop framework.…”

Section: Summary and Future Directionsmentioning

confidence: 99%

See 1 more Smart Citation

Security and Privacy Frameworks for Access Control Big Data Systems

Centonze¹

2019

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

In the security and privacy fields, Access Control (AC) systems are viewed as the fundamental aspects of networking security mechanisms. Enforcing AC becomes even more challenging when researchers and data analysts have to analyze complex and distributed Big Data (BD) processing cluster frameworks, which are adopted to manage yottabyte of unstructured sensitive data. For instance, Big Data systems' privacy and security restrictions are most likely to failure due to the malformed AC policy configurations. Furthermore, BD systems were initially developed toped to take care of some of the DB issues to address BD challenges and many of these dealt with the "three Vs" (Velocity, Volume, and Variety) attributes, without planning security consideration, which are considered to be patch work. Some of the BD "three Vs" characteristics, such as distributed computing, fragment, redundant data and node-to node communication, each with its own security challenges, complicate even more the applicability of AC in BD. This paper gives an overview of the latest security and privacy challenges in BD AC systems. Furthermore, it analyzes and compares some of the latest AC research frameworks to reduce privacy and security issues in distributed BD systems, which very few enforce AC in a cost-effective and in a timely manner. Moreover, this work discusses some of the future research methodologies and improvements for BD AC systems. This study is valuable asset for Artificial Intelligence (AI) researchers, DB developers and DB analysts who need the latest AC security and privacy research perspective before using and/or improving a current BD AC framework.

show abstract

Revocable attribute-based access control in mutli-autority systems

Cited by 16 publications

References 18 publications

Dynamic permission access control model based on privacy protection

Dynamic permission access control model based on privacy protection

Efficient Attribute-Based Encryption Outsourcing Scheme With User and Attribute Revocation for Fog-Enabled IoT

Security and Privacy Frameworks for Access Control Big Data Systems

Contact Info

Product

Resources

About