4.7 Article

Revocable Identity-Based Access Control for Big Data with Verifiable outsourced Computing

Journal

IEEE TRANSACTIONS ON BIG DATA
Volume 8, Issue 1, Pages 1-13

Publisher

IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
DOI: 10.1109/TBDATA.2017.2697448

Keywords

Access control; big data; identity-based signcryption; revocation; verifiable outsourced computing

Funding

  1. National Science Foundation of China [61370026]
  2. National High Technology Research and Development Program of China [2015AA016007]
  3. Sichuan Key Technology Support Program [2014GZ0106]
  4. Science and Technology Project of Guangdong Province [2016A010101002]
  5. Fundamental Research Funds for the Central Universities [ZYGX2016J091]

Ask authors/readers for more resources

The paper presents an identity-based signcryption scheme with efficient revocation and the ability to outsource unsigncryption, enabling secure big data communications. The scheme achieves end-to-end confidentiality, authentication, non-repudiation, and integrity, while providing scalable revocation functionality.
To be able to leverage big data to achieve enhanced strategic insight, process optimization and make informed decision, we need to be an efficient access control mechanism for ensuring end-to-end security of such information asset. Signcryption is one of several promising techniques to simultaneously achieve big data confidentiality and authenticity. However, signcryption suffers from the limitation of not being able to revoke users from a large-scale system efficiently. We put forward, in this paper, the first identity-based (ID-based) signcryption scheme with efficient revocation as well as the feature to outsource unsigncryption to enable secure big data communications between data collectors and data analytical system(s). Our scheme is designed to achieve end-to-end confidentiality, authentication, non-repudiation, and integrity simultaneously, while providing scalable revocation functionality such that the overhead demanded by the private key generator (PKG) in the key-update phase only increases logarithmically based on the cardiality of users. Although in our scheme the majority of the unsigncryption tasks are outsourced to an untrusted cloud server, this approach does not affect the security of the proposed scheme. We then prove the security of our scheme, as well as demonstrating its utility using simulations.

Authors

I am an author on this paper
Click your name to claim this paper and add it to your profile.

Reviews

Primary Rating

4.7
Not enough ratings

Secondary Ratings

Novelty
-
Significance
-
Scientific rigor
-
Rate this paper

Recommended

No Data Available
No Data Available