Advertisement

Towards Time-Bound Hierarchical Key Management in Cloud Computing

  • Tsu-Yang Wu
  • Chengxiang Zhou
  • Eric Ke Wang
  • Jeng-Shyang Pan
  • Chien-Ming Chen
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 297)

Abstract

Nowadays, data outsourcing in the cloud is used widely and popularly by people. It also arises several security problems. To control access of outsourced data with different priority becomes an important research issue. Recently, Chen et al. proposed the first hierarchical access control scheme in cloud computing. However, they did not concern with the time-bound property. In some applications such as Pay-TV, the time-bound property is necessary because subscriber may subscribe some channels during one month. In this paper, we propose the first time-bound hierarchical key management scheme in cloud computing without tamper-resistant devices. The security analysis demonstrates that the proposed scheme is provably secure against outsider and insider attacks.

Keywords

Time-bound hierarchical key management cloud computing bilinear pairing security 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Tang, Y., Lee, P., Lui, J., Perlman, R.: Secure overlay cloud storage with access control and assured deletion. IEEE Transactions on Dependable and Secure Computing 9(6), 903–916 (2012)CrossRefGoogle Scholar
  2. 2.
    Jung, T., Li, X.Y., Wan, Z., Wan, M.: Privacy preserving cloud data access with multi-authorities. In: IEEE INFOCOM, pp. 2625–2633. IEEE Press, New York (2013)Google Scholar
  3. 3.
    Chu, C.K., Chow, S.S.M., Tzeng, W.G., Zhou, J., Deng, R.H.: Key-aggregate cryptosystem for scalable data sharing in cloud storage. IEEE Transactions on Parallel and Distributed Systems 25(2), 468–477 (2014)CrossRefGoogle Scholar
  4. 4.
    Akl, S.G., Taylor, P.D.: Cryptographic solution to a problem of access control in a hierarchy. ACM Transactions on Computer Systems 1(3), 239–248 (1983)CrossRefGoogle Scholar
  5. 5.
    Jiang, T., Zheng, S., Liu, B.: Key distribution based on hierarchical access control for conditional access system in DTV broadcast. IEEE Transactions on Consumer Electronics 50(1), 225–230 (2004)CrossRefGoogle Scholar
  6. 6.
    Atallah, M.J., Blanton, M., Fazio, N., Frikken, K.B.: Dynamic and efficient key management for access hierarchies. In: 12th ACM Conference on Computer and Communications Security, pp. 190–201. ACM Press, New York (2005)Google Scholar
  7. 7.
    Kayem, A.V.D.M., Martin, P., Akl, S.G.: Heuristics for improving cryptographic key assignment in a hierarchy. In: 21st International Conference on Advanced Information Networking and Applications Workshops, pp. 531–536. IEEE Press, New York (2007)Google Scholar
  8. 8.
    Tzeng, W.G.: A time-bound cryptographic key assignment scheme for access control in hierarchy. IEEE Transactions on Knowledge and Data Engineering 14(1), 182–188 (2002)CrossRefMathSciNetGoogle Scholar
  9. 9.
    Yi, X., Ye, Y.: Security of Tzeng’s time-bound key assignment scheme access control in a hierarchy. IEEE Transactions on Knowledge and Data Engineering 15(4), 1054–1055 (2003)CrossRefGoogle Scholar
  10. 10.
    Chien, H.Y.: Efficient time-bound hierarchical key assignment scheme. IEEE Transactions on Knowledge and Data Engineering 16(10), 1301–1304 (2004)CrossRefMathSciNetGoogle Scholar
  11. 11.
    Yi, X.: Security of Chien’s efficient time-bound hierarchical key assignment scheme. IEEE Transactions on Knowledge and Data Engineering 17(9), 1298–1299 (2005)CrossRefGoogle Scholar
  12. 12.
    Yeh, J.H.: An RSA-based time-bound hierarchical key assignment scheme for electronic article subscription. In: 14th ACM International Conference on Information and Knowledge Management, pp. 285–286. ACM Press, New York (2005)Google Scholar
  13. 13.
    Wang, S.Y., Lih, C.S.: Merging: an efficient solution for a time-bound hierarchical key assignment scheme. IEEE Transactions on Dependable and Secure Computing 3(1), 91–100 (2006)CrossRefGoogle Scholar
  14. 14.
    Ateniese, G., Santis, A.D., Ferrara, A.L., Masucci, B.: Provably-secure time-bound hierarchical key assignment schemes. In: 13th ACM Conference on Computer and Communications Security, pp. 288–297. ACM Press, New York (2006)Google Scholar
  15. 15.
    Sui, Y., Maino, F., Guo, Y., Wang, K., Zou, X.: An efficient time-bound access control scheme for dynamic access hierarchy. In: 5th International Conference on Mobile Ad-hoc and Sensor Networks, pp. 279–286. IEEE Press, New York (2009)Google Scholar
  16. 16.
    Chen, C.M., Wu, T.Y., He, B.Z., Sun, H.M.: An efficient time-bound hierarchical key management scheme without tamper-resistant devices. In: 1st International Conference on Computing, Measurement, Control and Sensor Network, pp. 285–288. IEEE Press, New York (2012)CrossRefGoogle Scholar
  17. 17.
    Tseng, Y.M., Yu, C.H., Wu, T.Y.: Towards scalable key management for secure multicast communication. Information Technology and Control 41(2), 173–182 (2012)CrossRefGoogle Scholar
  18. 18.
    Chen, Y.-R., Chu, C.-K., Tzeng, W.-G., Zhou, J.: CloudHKA: a cryptography approach for hierarchical access control in cloud computing. In: Jacobson, M., Locasto, M., Mohassel, P., Safavi-Naini, R. (eds.) ACNS 2013. LNCS, vol. 7954, pp. 37–52. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  19. 19.
    Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  20. 20.
    Chen, L., Cheng, Z., Smart, N.P.: Identity-based key agreement protocols from pairings. International Journal of Information Security 6(4), 213–241 (2007)CrossRefGoogle Scholar
  21. 21.
    Wu, T.Y., Tseng, Y.M.: An ID-based mutual authentication and key exchange protocol for low-power mobile devices. The Computer Journal 53(7), 1062–1070 (2010)CrossRefGoogle Scholar
  22. 22.
    Sandhu, R.S., Samarati, P.: Access control: principle and practice. IEEE Communications Magazine 32(9), 40–48 (1994)CrossRefGoogle Scholar
  23. 23.
    Rivest, R.L.: All-or-nothing encryption and the package transform. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 210–218. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  24. 24.

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Tsu-Yang Wu
    • 1
    • 2
  • Chengxiang Zhou
    • 1
  • Eric Ke Wang
    • 1
    • 2
  • Jeng-Shyang Pan
    • 1
    • 2
  • Chien-Ming Chen
    • 1
    • 2
  1. 1.Shenzhen Graduate School, Harbin Institute of TechnologyShenzhenChina
  2. 2.Shenzhen Key Laboratory of Internet Information CollaborationShenzhenChina

Personalised recommendations