Journal
IEEE TRANSACTIONS ON SERVICES COMPUTING
Volume 15, Issue 6, Pages 3485-3498Publisher
IEEE COMPUTER SOC
DOI: 10.1109/TSC.2021.3096177
Keywords
Ciphertext-policy attribute-based encryption; cloud data sharing; privacy preserving; policy updating; policy hiding
Funding
- key project of Anhui provincial department of education [KJ2018A0031]
- National Natural Science Foundation of China [62072109, U1804263]
- AXA Research Fund
- Singapore National Research Foundation Cybersecurity RD Grant [NRF2018NCR-NSOE004-0001]
Ask authors/readers for more resources
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a powerful encryption paradigm for data confidentiality in cloud data sharing. However, the access policy in traditional CP-ABE reveals sensitive information. To address this, this article proposes a novel CP-ABE system called Privacy-Preserving Policy Updating ABE (3PU-ABE), which utilizes a security-enhanced Attribute Cuckoo Filter (se-ACF) to hide the access policy and enable policy updating.
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is one of the potent encryption paradigms in protecting data confidentiality in the cloud data sharing scenario. However, the access policy of the traditional CP-ABE is in plaintext form that reveals significant sensitive information of data owners and data visitors. To mitigate this problem, two approaches have been proposed in the literature. One is partially hidden, where the attributes in the access policy are divided into two parts: the plaintext attribute names and the hidden attribute values. The other approach fully hides the attributes in the access policy which, unfortunately, hinders efficient and correct decryption as well as dynamic policy-updating. In this article, we design a security-enhanced Attribute Cuckoo Filter (se-ACF) to hide the access policy and propose a new CP-ABE system, called Privacy-Preserving Policy Updating ABE (3PU-ABE), which effectively integrates policy hiding and policy updating. We conduct rigorous security analysis and performance evaluation of 3PU-ABE. The results indicate that 3PU-ABE completely hides the access policy without affecting the decryption, and entails better policy updating efficiency than similar works.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available