Title :
Dynamic User Revocation and Key Refreshing for Attribute-Based Encryption in Cloud Storage
Author :
Xu, Zhiqian ; Martin, Keith M.
Author_Institution :
Inf. Security Group, R. Holloway, Univ. of London, London, UK
Abstract :
Cloud storage provides the potential for on-demand massive data storage, but its highly dynamic and heterogeneous environment presents significant data protection challenges. Ciphertext-policy attribute-based encryption (CP-ABE) enables fine-grained access control. However, important issues such as efficient user revocation and key refreshing are not straightforward, which constrains the adoption of CP-ABE in cloud storage systems. In this paper we propose a dynamic user revocation and key refreshing model for CP-ABE schemes. A key feature of our model is its generic possibility in general CP-ABE schemes to refresh the system keys or remove the access from a user without issuing new keys to other users or re-encrypting existing ciphertexts. Our model is efficient and suitable for application in cloud storage environments. As an example, we use BSW´s CP-ABE scheme to show the adaptation of our model to a CP-ABE scheme.
Keywords :
authorisation; cloud computing; cryptography; storage management; virtualisation; BSW CP-ABE scheme; ciphertext-policy attribute-based encryption; cloud computing technology; cloud storage systems; data protection challenges; dynamic user revocation; fine-grained access control; key refreshing; ondemand massive data storage; storage virtualization; Adaptation models; Cloud computing; Data models; Encryption; Permission; CP-ABE; cloud storage; key refreshing; user revocation;
Conference_Titel :
Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on
Conference_Location :
Liverpool
Print_ISBN :
978-1-4673-2172-3
DOI :
10.1109/TrustCom.2012.136
