Owner Specified Excessive Access Control for Attribute Based Encryption
Attribute-based encryption (ABE) has emerged as a promising solution for access control to diverse set of users in cloud computing systems. Policy can just specify whether (or not) any specific user should be given access to data, but it lacks to provide data owner the privilege to specify (how much) fraction, or (which) specific chunk from that data to be accessed or decrypted. In this paper, we address this issue, and propose a scheme that will give data owner excessive access control, so that he can specify specific chunk out of total data to be accessed by user depending on his attributes. In our scheme, a data owner can encrypt data over attributes specified in a policy, but even if user’s attributes satisfy the policy; he can decrypt data (partially or fully) fractionally based on his attributes specified by owner. The owner can also prioritize user’s access based on his designation, or hierarchal role in a specific organization. We also address to resolve the issue of attributes repetition, due to which the cost of computations in encryption by owner and ciphertext size is reduced. Furthermore, we achieve it with a single ciphertext over policy for entire data, and proof our scheme to be secure in the generic group and random oracle model. Theoretical comparisons of computations with existing constructions, and performance of the scheme evaluated in the Charm simulator is reasonable enough to be adopted in practice.
- 원문이 없습니다.
유료 다운로드의 경우 해당 사이트의 정책에 따라 신규 회원가입, 로그인, 유료 구매 등이 필요할 수 있습니다. 해당 사이트에서 발생하는 귀하의 모든 정보활동은 NDSL의 서비스 정책과 무관합니다.
NDSL에서는 해당 원문을 복사서비스하고 있습니다. 위의 원문복사신청 또는 장바구니 담기를 통하여 원문복사서비스 이용이 가능합니다.
- 이 논문과 함께 출판된 논문 + 더보기