Skip to main content

MPLDS: An integration of CP-ABE and local differential privacy for achieving multiple privacy levels data sharing

Abstract

In ciphertext-policy attribute-based encryption (CP-ABE), once malicious users successfully decrypt the encrypted data, they can obtain the real original personal privacy data, leading to serious privacy leakages problems. Thus, if the user does not access the original private data but the perturbed data while guaranteeing statistical characteristics, the privacy protection capabilities of CP-ABE will be greatly improved. Motivated by this, an integration of basic CP-ABE and local differential privacy (LDP) or achieving multiple privacy levels data sharing (MPLDS) is constructed to provide double privacy protection for data owners, which is with a relatively lower complexity and higher data utility. To prevent different trusted users from colluding and gaining more privacy beyond their trust levels, a randomized perturbation strategy is elaborately designed for resisting collusion attacks (RCA) while ensuring the fact that the output of RCA perturbation strategy is the same as that of the original perturbation, which has been proved from the theoretical level. Finally, the proposed MPLDS scheme is simulated and verified on both synthetic and real data sets, which indicates that the proposed MPLDS scheme outperforms the existing MPPDS scheme while greatly reducing the complexity.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Notes

  1. 1.

    Basic CP-ABE is relative to hierarchical CP-ABE, that is, the basic CP-ABE is non-hierarchical access tree structure.

  2. 2.

    Semantic security under chosen-plaintext attack (CPA) is modelled by an IND-sAtt-CPA game.

References

  1. 1.

    Hur J, Noh DK (2011) Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans Parallel Distrib Syst 22(7):1214–1221

    Article  Google Scholar 

  2. 2.

    Rao YS (2017) A secure and efficient ciphertext-policy attribute-based signcryption for personal health records sharing in cloud computing. Futur Gener Comput Syst 67:133–151

    Article  Google Scholar 

  3. 3.

    Zhang Y, Zheng D, Deng RH (2018) Security and privacy in smart health: Efficient policy-hiding attribute-based access control. IEEE Internet Things J 5(3):2130–2145

    Article  Google Scholar 

  4. 4.

    Ghane S, Jolfaei A et al (2020) Preserving privacy in the internet of connected vehicles. IEEE Trans Intell Transp Syst e3952:1-10, Early Access

  5. 5.

    Asuquo P, Cruickshank H, Morley J (2018) Security and privacy in location-based services for vehicular and mobile communications: An overview, challenges, and countermeasures. IEEE Internet Things J 5(6):4778–4802

    Article  Google Scholar 

  6. 6.

    Castiglione A et al (2016) Hierarchical and shared access control. IEEE Trans Inf Forensics Secur 11(4):850–865

    Google Scholar 

  7. 7.

    Alderman J, Farley N, Crampton J (2017) Tree-based cryptographic access control. in: European Symposium on Research in Computer Security, Springer, Cham. https://doi.org/10.1007/978-3-319-66402-6_5

  8. 8.

    Castiglione A, Santis AD, Masucci B (2014) Hierarchical and shared key assignment. In: International Conference on Network-based Information Systems. IEEE: 263-270

  9. 9.

    Crampton J, Farley N, Gutin G et al (2015) Cryptographic enforcement of information flow policies without public information. in: International Conference on Applied Cryptography and Network Security, Springer, Cham. https://doi.org/10.1007/978-3-319-28166-7_19

  10. 10.

    Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. in: 2006 13th ACM Conference on Computer and Communications Security (CCS), ACM: 89-98

  11. 11.

    Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security & Privacy, IEEE: 321-334

  12. 12.

    Ibraimi L, Tang Q et al (2009) Efficient and provable secure ciphertext-policy attribute-based encryption schemes. Information Security Practice and Experience. Springer, Berlin Heidelberg, pp 1–12

    Google Scholar 

  13. 13.

    Zhang L, Gao X, Kang L, Liang P, Mu Y (2021) Distributed ciphertext-policy attribute-based encryption with enhanced collusion resilience and privacy preservation. IEEE Syst J (Early Access). https://doi.org/10.1109/JSYST.2021.3072793

  14. 14.

    Chen N, Li J, Zhang Y, Guo Y (2020) Efficient CP-ABE scheme with shared decryption in cloud storage. IEEE Trans Comput (Early Access). https://doi.org/10.1109/TC.2020.3043950

  15. 15.

    Wang S, Zhou J, Joseph K (2016) An efficient file hierarchy attribute-based encryption scheme in cloud computing. IEEE Trans Inf Forensics Secur 11(6):1265–1277

    Article  Google Scholar 

  16. 16.

    Kim I, Susilo W, Baek J, Kim J (2020) Harnessing policy authenticity for hidden ciphertext policy attribute based encryption. IEEE Trans Dependable Secure Comput (Early Access). https://doi.org/10.1109/TDSC.2020.3040712

  17. 17.

    Li J, Yao W et al (2018) User collusion avoidance CP-ABE with efficient attribute revocation for cloud storage. IEEE Syst J 12(2):1767–1777

    Article  Google Scholar 

  18. 18.

    Teng W, Yang G et al (2017) Attribute-based access control with constant-size ciphertext in cloud computing. IEEE Transactions on Cloud Computing 5(4):617–627

    Article  Google Scholar 

  19. 19.

    Zhou Z, Huang D, Wang Z (2015) Efficient privacy-preserving ciphertext-policy attribute based-encryption and broadcast encryption. IEEE Trans Comput 64(1):126–138

    MathSciNet  Article  Google Scholar 

  20. 20.

    Yang Z, Xing Z et al (2019) A verifiable hidden policy CP-ABE with decryption testing scheme and its application in VANET. Trans Emerg Telecommun Technol e3785, Early Access

  21. 21.

    Xiao X, Tao Y et al (2019) Optimal random perturbation at multiple privacy levels. Very Large Data Bases 2(1):814–825

    Google Scholar 

  22. 22.

    Kim JM, Edemacu K, Jang B (2019) MPPDS: Multilevel privacy-preserving data sharing in a collaborative eHealth system. IEEE Access 7:109910–109923

    Article  Google Scholar 

  23. 23.

    Erlingsson Ú, Pihur V, Korolova A (2014) Rappor: Randomized aggregatable privacy-preserving ordinal response. In: 2014 ACM SIGSAC conference on computer and communications security, ACM: 1054-1067

  24. 24.

    Ye Q, Meng X et al (2018) Survey on local differential privacy. Journal of Software 29(7):1981–2005

    MathSciNet  Google Scholar 

  25. 25.

    Wang J, Wang Y, Zhao G et al (2019) Location protection method for mobile crowd sensing based on local differential privacy preference. Peer-to-Peer Networking and Applications 12:1097–1109

    Article  Google Scholar 

  26. 26.

    Song H, Luo T, Li J (2019) Common criterion of privacy metrics and parameters analysis based on error probability for randomized response. IEEE Access 7:16964–16978

    Article  Google Scholar 

  27. 27.

    Song H, Luo T, Wang X, Li J (2020) Multiple sensitive values-oriented personalized privacy preservation based on randomized response. IEEE Trans Inf Forensics Secur 15:2209–2224

    Article  Google Scholar 

  28. 28.

    Huang H, Chen D, Li Y (2021) IM-LDP: Incentive mechanism for mobile crowd-sensing based on local differential privacy. IEEE Commun Lett 25(3):960–964

    Article  Google Scholar 

  29. 29.

    Zhao Y et al (2020) Local differential privacy based federated learning for Internet of things. IEEE Internet Things J. https://doi.org/10.1109/JIOT.2020.3037194

  30. 30.

    Kairouz P, Oh S, Viswanath P (2014) Extremal mechanisms for local differential privacy. In: 2014 28th Conference on Neural Information Processing Systems (NIPS) pp 2879-2887

  31. 31.

    Newman D J, Hettich S, Blake C L, Merz C J (1998) UCI repository of machine learning databases. Dept. Inf. Comput. Sci., Univ. California, Irvine, CA, USA, 1998. [Online]. http://www.ics.uci.edu/mlearn/MLRepository.html

  32. 32.

    Ben L (2013) The java pairing-based cryptography (JPBC) Library. [Online]. http://gas.dia.unisa.it/projects/jpbc/#.XyzzqzMpWTA

Download references

Author information

Affiliations

Authors

Corresponding author

Correspondence to Tao Luo.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This work was supported in part by the National Key Research and Development Program of China under Grant No. 2019YFC1709200 and No. 2019YFC1709202, and the National Science Foundation of China under Grant No. 61571065.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Song, H., Han, X., Lv, J. et al. MPLDS: An integration of CP-ABE and local differential privacy for achieving multiple privacy levels data sharing. Peer-to-Peer Netw. Appl. (2021). https://doi.org/10.1007/s12083-021-01238-8

Download citation

Keywords

  • Privacy preservation
  • Multiple privacy levels
  • Ciphertext-policy attribute-based encryption (CP-ABE)
  • Local privacy differential (LDP)
  • Resisting collusion attacks