Searchable ciphertext‐policy attribute‐based encryption with revocation in cloud storage

Li, Jiguo; Shi, Yuerong; Zhang, Yichen

doi:10.1002/dac.2942

Cited by 123 publications

(55 citation statements)

References 38 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Several other access control models derivated from the CP-ABE scheme have been proposed in the literature. 34,[62][63][64][65][66][67][68][69][70][71][72][73] To achieve a more fine-grained access control mechanism in the cloud storage services and to protect the privacy and security of the data stored in the cloud, Wang et al 74 proposed to combine the hierarchical identity-based encryption 75 and CP-ABE, the so-called HABE. Wan et al 76 extended the work of Bobba et al 61 and designed the hierarchical attribute-set-based encryption for more flexible and scalable access control in cloud computing.…”

Section: Attribute-based Encryptionmentioning

confidence: 99%

A survey on access control mechanisms for cloud computing

Sibai

Gemayel

Abdo

et al. 2019

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Cloud computing is an Internet‐based computing where the information technology resources are provided to end users following their request. With this technology, users and businesses can access programs, storage, and application development platforms through the Internet and via the services offered by the cloud service providers (CSPs). One of the biggest obstructions in the cloud computing environment is data security. Actually, the data are dispersed across multiple machines and storage devices such as servers, computers, and various mobile devices. The uncontrolled access to these resources and data leads to many important data security risks for the end users. In this way, and in order to ensure the reliability of the cloud and the trust of the users regarding this environment, controlling access to data and resources as well as protecting and ensuring their security becomes a critical task for CSPs. In this work, we present a comprehensive review of existing access control mechanisms used in the cloud computing environment. The advantages and disadvantages of each of these models are discussed and presented along with their analysis. Also, we study the cloud requirements of these models, and we evaluate existing control mechanisms against these requirements.

show abstract

Section: Attribute-based Encryptionmentioning

confidence: 99%

A survey on access control mechanisms for cloud computing

Sibai

Gemayel

Abdo

et al. 2019

Trans Emerging Tel Tech

View full text Add to dashboard Cite

show abstract

“…Unlike in asymmetric settings, securely encapsulating a single keyword/index is nearly trivial in symmetric settings. In these schemes and subsequent work [8][9][10][11], researchers focus on how to handle full text indices and try to improve efficiency. Another line of work uses deterministic encryption [8,12].…”

Section: Related Workmentioning

confidence: 99%

“…Starting with the work of Boneh et al [13][14][15], searchable encryption has also been considered in the public key setting [10,[16][17][18][19]. The early works lack function privacy until the first definition was suggested very recently by Boneh et al [20].…”

Section: Related Workmentioning

confidence: 99%

Efficient Asymmetric Index Encapsulation Scheme for Anonymous Content Centric Networking

Ma¹,

Cao²,

Wang³

2017

Security and Communication Networks

View full text Add to dashboard Cite

Content Centric Networking (CCN) is an effective communication paradigm that well matches the features of wireless environments. To be considered a viable candidate in the emerging wireless networks, despite the clear benefits of locationindependent security, CCN must at least have parity with existing solutions for confidential and anonymous communication. This paper designs a new cryptographic scheme, called Asymmetric Index Encapsulation (AIE), that enables the router to test whether an encapsulated header matches the token without learning anything else about both of them. We suggest using the AIE as the core protocol of anonymous Content Centric Networking. A construction of AIE which strikes a balance between efficiency and security is given. The scheme is proved to be secure based on the DBDH assumption in the random oracle with tight reduction, while the encapsulated header and the token in our system consist of only three elements.

show abstract

“…The risk of unauthorized access to the cloud data increases dramatically. Another solution called proof of retrievability [12][13][14][15][16] utilized error correcting coding technique to recover the damaged data. Remote data possession auditing is a solution to guarantee the availability and integrity of data outsourced to the cloud.…”

mentioning

confidence: 99%

“…To reduce the computation and communication cost, these schemes utilize the sampling technique combined with homomorphic verification instead of the whole-file retrieval verification. Another solution called proof of retrievability [12][13][14][15][16] utilized error correcting coding technique to recover the damaged data. Most previous schemes only verify the data correctness without error identification, localization, and correction.…”

mentioning

confidence: 99%

Parallel checking of content integrity in multi‐cloud storage of heterogeneous sensor systems

Mao

Chen

Yan

et al. 2016

Int J Communication

View full text Add to dashboard Cite

Heterogeneous sensor systems collect a large amount of sensor data. Because of limited processing capability of sensor nodes, such data are typically stored and processed in a centralized environment in the cloud. However, when data are managed and processed by multiple cloud servers, users do not physically possess these data. The risk of unauthorized access to the cloud data increases dramatically. Therefore, enforcing the integrity of the outsourced data remotely becomes a challenge in the heterogeneous sensor system. Remote data possession auditing is a solution to guarantee the availability and integrity of data outsourced to the cloud. Most existing solutions only target at a single cloud service provider (CSP) environment without considering the multi-cloud scenario. How to audit the data possession among the distributed CSP servers effectively becomes a major concern. In this paper, we propose a parallel cloud data possession checking scheme for the multi-cloud environment. Our approach utilizes the homomorphic verification tag created by the Paillier cryptosystem to support unlimited query challenges and introduces the error-correction encoding method to ensure error localization and data correction. We prototype our solution and analyze the scheme comprehensively. Our evaluation results demonstrate the efficiency and security of our method. It also supports simultaneous verification of multiple CSPs. Figure 1. Overall architecture of heterogeneous sensor system.As another example, heterogeneous sensors are also used in earthquake or volcano monitoring, where different types of sensors, including temperature and acceleration, are used to obtain environmental data that are processed in cloud servers [5]. When such systems are integrated with cloud-storage infrastructure, users lose the physical possession of the out-sourced data. There is a dramatic increase in the potential risk in unauthorized access to the data, such as the incident in the S3 service of Amazon [6]. We will present the generalized architecture in Section 3.Intuitively, to ensure that data are stored correctly, we can verify data using general cryptographicbased approaches, for example, hash functions and digital signature schemes. Deswarte et al. [7,8] first make use of the RSA signature scheme combined with hash functions to verify the correctness of outsourced files. However, such a verification scheme needs to access or retrieve the whole outsourced data, which will cause high performance overhead (e.g., computation complexity and communication cost).The work of [9, 10], and [11] proposed the provable data possession model. To reduce the computation and communication cost, these schemes utilize the sampling technique combined with homomorphic verification instead of the whole-file retrieval verification. The approach proposed by Ateniese et al. [9] supports public data possession audit with unbounded times of challenge. Most previous schemes only verify the data correctness without error identification, localization, and correction. ...

show abstract

Searchable ciphertext‐policy attribute‐based encryption with revocation in cloud storage

Cited by 123 publications

References 38 publications

A survey on access control mechanisms for cloud computing

A survey on access control mechanisms for cloud computing

Efficient Asymmetric Index Encapsulation Scheme for Anonymous Content Centric Networking

Parallel checking of content integrity in multi‐cloud storage of heterogeneous sensor systems

Contact Info

Product

Resources

About