Fine-grained user access control in ciphertext-policy attribute-based encryption

Junbeom Hur, Chanil Park, Seong Oun Hwang

Research output: Contribution to journalArticle

7 Citations (Scopus)

Abstract

Key revocation is one of the most challenging and open issues in attribute-based encryption (ABE). The previous revocable ABE schemes feature a mechanism that revokes the attribute key periodically without any consideration of the user membership associated with the attribute. Thus, non-revoked users are enforced to access the key authority periodically to receive keying materials in order to update the current key. This is due to the fact that the revocation is done only on the attribute level, which results in security and scalability problems. In this paper, we propose a fine-grained user revocation scheme without affecting any non-revoked users who share the same attributes in ciphertext-policy ABE; it does not require the users to access the key authority and to update keys periodically. The proposed scheme improves the efficiency compared with previous revocable schemes and enhances the security in terms of the backward/forward secrecy on any membership changes in the ciphertext-policy ABE system.

Original languageEnglish
Pages (from-to)253-261
Number of pages9
JournalSecurity and Communication Networks
Volume5
Issue number3
DOIs
Publication statusPublished - 2012 Jan 1
Externally publishedYes

Fingerprint

Access control
Cryptography
Scalability

Keywords

  • Access control
  • Attribute-based encryption
  • Ciphertext-policy
  • Cryptography
  • Revocation

ASJC Scopus subject areas

  • Information Systems
  • Computer Networks and Communications

Cite this

Fine-grained user access control in ciphertext-policy attribute-based encryption. / Hur, Junbeom; Park, Chanil; Hwang, Seong Oun.

In: Security and Communication Networks, Vol. 5, No. 3, 01.01.2012, p. 253-261.

Research output: Contribution to journalArticle

@article{e1d9f0d018d7420da3a3acdc5a56d5cd,
title = "Fine-grained user access control in ciphertext-policy attribute-based encryption",
abstract = "Key revocation is one of the most challenging and open issues in attribute-based encryption (ABE). The previous revocable ABE schemes feature a mechanism that revokes the attribute key periodically without any consideration of the user membership associated with the attribute. Thus, non-revoked users are enforced to access the key authority periodically to receive keying materials in order to update the current key. This is due to the fact that the revocation is done only on the attribute level, which results in security and scalability problems. In this paper, we propose a fine-grained user revocation scheme without affecting any non-revoked users who share the same attributes in ciphertext-policy ABE; it does not require the users to access the key authority and to update keys periodically. The proposed scheme improves the efficiency compared with previous revocable schemes and enhances the security in terms of the backward/forward secrecy on any membership changes in the ciphertext-policy ABE system.",
keywords = "Access control, Attribute-based encryption, Ciphertext-policy, Cryptography, Revocation",
author = "Junbeom Hur and Chanil Park and Hwang, {Seong Oun}",
year = "2012",
month = "1",
day = "1",
doi = "10.1002/sec.345",
language = "English",
volume = "5",
pages = "253--261",
journal = "Security and Communication Networks",
issn = "1939-0122",
publisher = "John Wiley and Sons Inc.",
number = "3",

}

TY - JOUR

T1 - Fine-grained user access control in ciphertext-policy attribute-based encryption

AU - Hur, Junbeom

AU - Park, Chanil

AU - Hwang, Seong Oun

PY - 2012/1/1

Y1 - 2012/1/1

N2 - Key revocation is one of the most challenging and open issues in attribute-based encryption (ABE). The previous revocable ABE schemes feature a mechanism that revokes the attribute key periodically without any consideration of the user membership associated with the attribute. Thus, non-revoked users are enforced to access the key authority periodically to receive keying materials in order to update the current key. This is due to the fact that the revocation is done only on the attribute level, which results in security and scalability problems. In this paper, we propose a fine-grained user revocation scheme without affecting any non-revoked users who share the same attributes in ciphertext-policy ABE; it does not require the users to access the key authority and to update keys periodically. The proposed scheme improves the efficiency compared with previous revocable schemes and enhances the security in terms of the backward/forward secrecy on any membership changes in the ciphertext-policy ABE system.

AB - Key revocation is one of the most challenging and open issues in attribute-based encryption (ABE). The previous revocable ABE schemes feature a mechanism that revokes the attribute key periodically without any consideration of the user membership associated with the attribute. Thus, non-revoked users are enforced to access the key authority periodically to receive keying materials in order to update the current key. This is due to the fact that the revocation is done only on the attribute level, which results in security and scalability problems. In this paper, we propose a fine-grained user revocation scheme without affecting any non-revoked users who share the same attributes in ciphertext-policy ABE; it does not require the users to access the key authority and to update keys periodically. The proposed scheme improves the efficiency compared with previous revocable schemes and enhances the security in terms of the backward/forward secrecy on any membership changes in the ciphertext-policy ABE system.

KW - Access control

KW - Attribute-based encryption

KW - Ciphertext-policy

KW - Cryptography

KW - Revocation

UR - http://www.scopus.com/inward/record.url?scp=84857466096&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84857466096&partnerID=8YFLogxK

U2 - 10.1002/sec.345

DO - 10.1002/sec.345

M3 - Article

AN - SCOPUS:84857466096

VL - 5

SP - 253

EP - 261

JO - Security and Communication Networks

JF - Security and Communication Networks

SN - 1939-0122

IS - 3

ER -