Skip to main content
SpringerLink
Log in
Book cover

Chinese Conference on Trusted Computing and Information Security

CTCIS 2018: Trusted Computing and Information Security pp 360–371Cite as

A Cloud Storage Data Access Control Scheme Based on Attribute-Sets Encryption

  • Conference paper
  • First Online:

  • 543 Accesses

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 960))

Abstract

In order to solve the data security problem in cloud storage system, an access control scheme which supports for a finer attribute expression for cloud storage data based on CP-ASBE (Ciphertext-Policy Attribute-Sets Based Encryption) is proposed in this paper, which can solve the problem of attribute confusion based on attribute encryption algorithm. A multi-authorization center is used to address single-point security issues. The digest of plaintext is used to encrypt the plaintext, and then the CP-ASBE encryption key is used to improve the efficiency and save the storage space of the cloud storage. In terms of attribute revocation, access control lists are used to handle coarse-grained privilege revocation. For fine-grained attribute revocation, proxy re-encryption is used and the complex calculations are delegated to the computationally powerful DataNode node. The confidentiality, integrity, non-repudiation, availability and security of the scheme are analyzed and proved. The results show that the cloud storage data access control scheme based on CP-ASBE can effectively improve the security of user data in HDFS (Hadoop Distributed File System) cloud storage system.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Wang, Y.Z., Ji, X.L., Cheng, X.Q.: Network big data: present and future. Chin. J. Comput. 36(6), 1125–1138 (2013)

    Article  Google Scholar 

  2. Liu, Z.H., Zhang, Q.: Research overview of big data technology. J. Zhejiang Univ. (Eng. Sci.) 48(6), 957–972 (2014)

    MATH  Google Scholar 

  3. Li, X.L., Gong, H.G.: A survey on big data systems. Sci. Sinica Informationis 45(1), 1–44 (2015)

    MathSciNet  Google Scholar 

  4. Xia, J.B., Wei, Z.K., Fu, K.: Review of research and application on Hadoop in cloud computing. Comput. Sci. 43(11), 6–11 (2016)

    Google Scholar 

  5. Li, H., Zhang, M., Feng, D.-G., Hui, Z.: Research on access control of big data. Chin. J. Comput. 1, 72–91 (2017)

    MathSciNet  Google Scholar 

  6. Ijaz, I., Aslam, A., Bukhari, B., et al.: Securing cloud infrastructure through PKI. In: International Conference on Computing, Communication and Networking Technologies, pp. 1–6. IEEE (2014)

    Google Scholar 

  7. Ma, Y.: Study of security mechanism based on Hadoop. Inf. Secur. Commun. Priv. 6, 95–98 (2012)

    Google Scholar 

  8. Yin, X.C., Liu, Z.G., Lee, H.J.: An efficient and secured data storage scheme in cloud computing using ECC-based PKI. In: International Conference on Advanced Communication Technology, pp. 523–527 IEEE (2014)

    Google Scholar 

  9. Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39568-7_5

    Chapter  Google Scholar 

  10. Boneh, D., Franklin, M.: Identity based encryption from the weil pairing. SIAM J. Comput. 32(3), 213–229 (2001)

    MathSciNet  MATH  Google Scholar 

  11. Liu, D., Fan, Y.: Design and implementation on cloud document secure storage management system based on IBE mechanism. Netinfo Secur. 12, 1–7 (2016)

    Google Scholar 

  12. Liu, Z.: Research and implementation on cloud computing security based on HDFS. Comput. Model. New Technol. 17(5B), 41–45 (2013)

    Google Scholar 

  13. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27

    Chapter  Google Scholar 

  14. Chase, M.: Multi-authority attribute based encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 515–534. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-70936-7_28

    Chapter  Google Scholar 

  15. Ruj, S., Nayak, A., Stojmenovic, I.: DACC: distributed access control in clouds. In: IEEE, International Conference on Trust, Security and Privacy in Computing and Communications, pp. 91–98. IEEE (2011)

    Google Scholar 

  16. Chase, M., Chow, S.S.M.: Improving privacy and security in multi-authority attribute-based encryption. In: ACM Conference on Computer and Communications Security, pp. 121–130. ACM (2009)

    Google Scholar 

  17. Kim, S.H., Lee, I.Y.: Study on user authority management for safe data protection in cloud computing environments. Symmetry 7(1), 269–283 (2015)

    Article  Google Scholar 

  18. Müller, S., Katzenbeisser, S., Eckert, C.: Distributed attribute-based encryption. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 20–36. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00730-9_2

    Chapter  Google Scholar 

  19. Bobba, R., Khurana, H., Prabhakaran, M.: Attribute-sets: a practically motivated enhancement to attribute-based encryption. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 587–604. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04444-1_36

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Software, East China Jiaotong University, Nanchang, 330000, Jiangxi, China

    Lihua Zhang, Qi Yi & Fan Lan

  2. School of Electrical and Automation Engineering, East China Jiaotong University, Nanchang, 330013, Jiangxi, China

    Panpan Jiang & Tengfei Jiang

Authors
  1. Lihua Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Panpan Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Qi Yi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Fan Lan
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Tengfei Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lihua Zhang .

Editor information

Editors and Affiliations

  1. School of Cyber Science and Engineering, Wuhan University, Wuhan, China

    Huanguo Zhang

  2. School of Cyber Science and Engineering, Wuhan University, Wuhan, China

    Bo Zhao

  3. School of Cyber Science and Engineering, Wuhan University, Wuhan, China

    Fei Yan

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zhang, L., Jiang, P., Yi, Q., Lan, F., Jiang, T. (2019). A Cloud Storage Data Access Control Scheme Based on Attribute-Sets Encryption. In: Zhang, H., Zhao, B., Yan, F. (eds) Trusted Computing and Information Security. CTCIS 2018. Communications in Computer and Information Science, vol 960. Springer, Singapore. https://doi.org/10.1007/978-981-13-5913-2_22

Download citation

  • DOI: https://doi.org/10.1007/978-981-13-5913-2_22

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-13-5912-5

  • Online ISBN: 978-981-13-5913-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation