i-manager Publications

Improving Security and Efficiency in Attribute Based Data Sharing using Cloud

Rohan Shendkar*, Monika Rokade**, Saurabh Kshirsagar***, Sharayu Kotkar****

*-****Indira College of Engineering and Management, Parandwadi, Pune, India.

Periodicity:July - September'2021
DOI : https://doi.org/10.26634/jse.16.1.13990

Abstract

Attribute-based encryption of cipher text policies seems promising in terms of securing cloud data sharing since the data owner has complete control over the access policy. However, CP-ABE has a key escrow issue, in which users' secret keys must be issued by a trusted key authority. Attributes with arbitrary states are not supported by CP-ABE systems. As a result, it explores attribute-based data sharing to address the key escrow issue while simultaneously improving the expressiveness of attributes, resulting in a technique that is more amenable to cloud computing applications. The proposed two-party key issuance mechanism, ensures that neither the key authority nor the cloud service provider can compromise a user's entire secret key. Furthermore, it offers the concept of an attribute with weight, which is used to improve the expression of an attribute and cannot only extend the expression from binary to arbitrary states but also reduce the complexity of access policies.

Keywords

Secure Data Sharing, Attribute-Based Encryption, Removing Escrow, Weighted Attribute, Cloud Computing.

How to Cite this Article?

Shendkar, R., Rokade, M., Kshirsagar, S. and Kotkar, S. (2021). Improving Security and Efficiency in Attribute-Based Data Sharing using Cloud. i-manager's Journal on Software Engineering, 16(1), 15-22. https://doi.org/10.26634/jse.16.1.13990

References

[1]. Atallah, M. J., & Li, J. (2005). Secure outsourcing of sequence comparisons. International Journal of Information Security, 4(4), 277-287.

[2]. Atallah, M. J., Pantazopoulos, K. N., Rice, J. R., & Spafford, E. E. (2002). Secure outsourcing of scientific computations. In Advances in Computers (Vol. 54, pp. 215-272). Elsevier.

[3]. Beimel, A. (1996). Secure schemes for secret sharing and key distribution (Doctorial Dissertation). Technion-Israel Institute of Technology, Haifa, Israel.

[4]. Bell, D. E., & La Padula, L. J. (1976). Secure Computer System: Unified Exposition and Multics Interpretation. The MITRE Corporation, Bedford, Massachusetts (pp.1-134).

[5]. Benjamin, D., & Atallah, M. J. (2008, October). Private and cheating-free outsourcing of algebraic computations. In 2008, Sixth Annual Conference on Privacy, Security and Trust (pp. 240-245). IEEE.

[6]. Bethencourt, J., Sahai, A., & Waters, B. (2007, May). Ciphertext-policy attribute-based encryption. In 2007, IEEE Symposium on Security and Privacy (SP'07) (pp. 321-334). IEEE.

[7]. Boldyreva, A., Goyal, V., & Kumar, V. (2008, October). Identity-based encryption with efficient revocation. In Proceedings of the 15th ACM Conference on Computer and Communications Security (pp. 417-426).

[8]. Chase, M., & Chow, S. S. (2009, November). Improving privacy and security in multi-authority attribute-based encryption. In Proceedings of the 16th ACM Conference on Computer and Communications Security (pp. 121-130).

[9]. Cheung, L., & Newport, C. (2007, October). Provably secure ciphertext policy ABE. In Proceedings of the 14th ACM Conference on Computer and Communications Security (pp. 456-465).

[10]. Chow, S. S. (2009, March). Removing escrow from identity-based encryption. In International Workshop on Public Key Cryptography (pp. 256-276). Springer, Berlin, Heidelberg.

[11]. Goyal, V., Jain, A., Pandey, O., & Sahai, A. (2008, July). Bounded ciphertext policy attribute based encryption. In International Colloquium on Automata, Languages, and Programming (pp. 579-591). Springer, Berlin, Heidelberg.

[12]. Goyal, V., Pandey, O., Sahai, A., & Waters, B. (2006, October). Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM Conference on Computer and Communications Security (pp. 89-98).

[13]. Lewko, A., Sahai, A., & Waters, B. (2010, May). Revocation systems with very small private keys. In 2010, IEEE Symposium on Security and Privacy (pp. 273-285). IEEE.

[14]. Li, J., Li, N., & Winsborough, W. H. (2005, November). Automated trust negotiation using cryptographic credentials. In Proceedings of the 12th ACM Conference on Computer and Communications Security (pp. 46-57).

[15]. Li, P., Li, J., Huang, Z., Li, T., Gao, C. Z., Yiu, S. M., & Chen, K. (2017). Multi-key privacy-preserving deep learning in cloud computing. Future Generation Computer Systems, 74, 76-85.

[16]. Liang, X., Cao, Z., Lin, H., & Xing, D. (2009, March). Provably secure and efficient bounded ciphertext policy attribute based encryption. In Proceedings of the 4th International Symposium on Information, Computer, and Communications Security (pp. 343-352).