scholarly journals A Collusion-Resistant Blockchain-Enabled Data Sharing Scheme with Decryption Outsourcing under Time Restriction

2021 ◽  
Vol 2021 ◽  
pp. 1-11
Author(s):  
Xieyang Shen ◽  
Chuanhe Huang ◽  
Xiajiong Shen ◽  
Jiaoli Shi ◽  
Danxin Wang
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Time Slot ◽  
Security Analysis ◽  
Collusion Resistance ◽  
Time Restrictions ◽  
Control Scheme ◽  
And Performance ◽  
Ciphertext Policy ◽  
Time Restriction

With the ever-increasing demands on decentralization and transparency of cloud storage, CP-ABE (Ciphertext Policy-Attribute-Based Encryption) has become a promising technology for blockchain-enabled data sharing methods due to its flexibility. However, real-world blockchain applications usually have some special requirements like time restrictions or power limitations. Thus, decryption outsourcing is widely used in data sharing scenarios and also causes concerns about data security. In this paper, we proposed a secure access control scheme based on CP-ABE, which could share contents during a particular time slot in blockchain-enabled data sharing systems. Specifically, we bind the time period with both ciphertexts and the keys to archive the goal of only users who have the required attributes in a particular time slot can decrypt the content. Besides, we use time slots as a token to protect the data and access control scheme when users want to outsource the decryption phase. The security analysis shows that our scheme can provide collusion resistance ability under a time restriction, and performance evaluations indicate that our scheme uses less time in decryption compared to other schemes while ensuring security.

Efficient Attribute-Based Data Sharing Scheme with Hidden Access Structures

2019 ◽  
Vol 62 (12) ◽  
pp. 1748-1760 ◽  
Author(s):  
Yang Chen ◽  
Wenmin Li ◽  
Fei Gao ◽  
Wei Yin ◽  
Kaitai Liang ◽  
...  
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Inner Product ◽  
Access Structure ◽  
Online Data ◽  
Fine Grained ◽  
Access Structures ◽  
Attribute Based Encryption ◽  
And Performance ◽  
Ciphertext Policy

AbstractOnline data sharing has become a research hotspot while cloud computing is getting more and more popular. As a promising encryption technique to guarantee the security shared data and to realize flexible fine-grained access control, ciphertext-policy attribute-based encryption (CP-ABE) has drawn wide attentions. However, there is a drawback preventing CP-ABE from being applied to cloud applications. In CP-ABE, the access structure is included in the ciphertext, and it may disclose user’s privacy. In this paper, we find a more efficient method to connect ABE with inner product encryption and adopt several techniques to ensure the expressiveness of access structure, the efficiency and security of our scheme. We are the first to present a secure, efficient fine-grained access control scheme with hidden access structure, the access structure can be expressed as AND-gates on multi-valued attributes with wildcard. We conceal the entire attribute instead of only its values in the access structure. Besides, our scheme has obvious advantages in efficiency compared with related schemes. Our scheme can make data sharing secure and efficient, which can be verified from the analysis of security and performance.

TrustAccess: A Trustworthy Secure Ciphertext-Policy and Attribute Hiding Access Control Scheme Based on Blockchain

2020 ◽  
Vol 69 (6) ◽  
pp. 5784-5798 ◽  
Author(s):  
Sheng Gao ◽  
Guirong Piao ◽  
Jianming Zhu ◽  
Xindi Ma ◽  
Jianfeng Ma
Keyword(s):  
Access Control ◽  
Control Scheme ◽  
Ciphertext Policy

scholarly journals Secure Data Access Control with Cipher Text Update and Computation Outsourcing in Fog Computing for Internet of Things

2021 ◽  
Vol 12 (2) ◽  
pp. 1592-1597
Author(s):  
Shaik Jaffer Vali , Et. al.
Keyword(s):  
Access Control ◽  
Fog Computing ◽  
Information Access ◽  
Security Analysis ◽  
Data Access ◽  
The Novel ◽  
Fine Grained ◽  
Cipher Text ◽  
Data Access Control ◽  
Ciphertext Policy

Fog Computing is a region of Computer Science that is under steady construction and development, and related to data security, the worldview turns out to be more solid and secure for IoT's edge stages. The verification of limited memory devices has serious issues since memory utilization is high when applied with different models that have the motivation behind shared confirmation. In this paper, we propose the Novel cipher text-based encryption model (NCEM) which has an information access control plot dependent on Ciphertext-Policy it give information privacy, fine-grained control, and mysterious validation in a multi-authority fog computing framework. The sign cryption and plan cryption overhead for the client is altogether diminished by redistributing the bothersome calculation tasks to fog hubs. The proposed conspire is demonstrated to be secure in the standard model and can give trait repudiation and public unquestionable status. The security analysis, asymptotic multifaceted nature examination, and implementation results demonstrate that our construction can offset the security objectives with useful effectiveness in calculation.

scholarly journals ECC-Based Lightweight Authentication And Access Control Scheme For IoT E-Healthcare

2021 ◽  
Author(s):  
Hailong Yao ◽  
Qiao Yan ◽  
Xingbing Fu ◽  
Zhibin Zhang ◽  
Caihui Lan
Keyword(s):  
Access Control ◽  
Healthcare System ◽  
Secure Communication ◽  
Wireless Body Area Network ◽  
Security Analysis ◽  
Communication Overhead ◽  
Single Server ◽  
Area Network ◽  
Control Scheme ◽  
Multi Server

Abstract The E-healthcare system has a complex architecture, diverse business types, and sensitive data security. To meet the secure communication and access control requirements in the user-medical server, user-patient, patient-medical server and other scenarios in the E-healthcare system, secure and efficient authenticated key agreement and access authorization scheme need to be studied. However, the existing multi-server solutions do not consider the authentication requirements of the Wireless Body Area Network(WBAN), and are not suitable for user-patient, patient-medical server scenarios; most of the existing WBAN authentication scheme are single-server type, which are difficult to meet the requirements of multi-server applications; the study of user-patient real-time scenarios has not received due attention. This work first reveals the structural flaws and security vulnerabilities of the existing typical schemes, and then proposes an authentication and access control architecture suitable for multiple scenarios of the E-healthcare system with separate management and business, and designs a novel ECC-based multi-factor remote authentication and access control scheme for E-healthcare using physically uncloneable function (PUF) and hash. Security analysis and efficiency analysis show that the new scheme has achieved improved functionality and higher security while maintaining low computational and communication overhead.

scholarly journals Security and Performance of Single Sign-on Based on One-Time Pad Algorithm

Cryptography ◽  
2020 ◽  
Vol 4 (2) ◽  
pp. 16
Author(s):  
Maki Kihara ◽  
Satoshi Iriyama
Keyword(s):  
Access Control ◽  
Personal Information ◽  
Security Analysis ◽  
Free Access ◽  
Multiple Systems ◽  
Single Sign On ◽  
Man In The Middle ◽  
Execution Speed ◽  
And Performance ◽  
The One

Single sign-on (SSO) techniques allow access control for multiple systems with a single login. The aim of our study is to construct an authentication algorithm that provides the authentication information of a user to a requester without requiring any specific token, thereby achieving domain-free access control. In this study, we propose an authentication algorithm for SSO based on a verifiable encryption (VE)-based authentication algorithm and implementation. VE is a kind of cryptosystem that allows calculation on cyphertexts, generating an encrypted result, which matches the distance between two plaintexts when decrypting. In our approach, we first construct the mathematical SSO algorithm based on the VE-based algorithm, and then implement the algorithm by applying the one-time pad to the algorithm and using sample data. We also consider robustness against theoretical attacks such as man-in-the-middle attack. In addition to that, our algorithm is robust against the well-known classical and theoretical attacks, the man-in-the-middle attack against the proposed algorithm is also impracticable. Furthermore, with security analysis using Proverif, the algorithm has been shown to be secure. The execution speed is less than 1 ms even with a text length of 8192 bits. Based on our results, it is evident that the computational burden of trusted third parties, such as a certificate authority, can be alleviated because the public key agreement is not required in our algorithm. Moreover, since only the authentication information is disclosed to the service provider, big tech such as GAFA cannot obtain personal information of the user without consent. As for the originality of our algorithm, any personal information, such as biometric information and non-contact magnetic IC cards in addition to the pair of ID and password, which is used for common SSO algorithms, is available.

scholarly journals Efficient Hierarchical and Time-Sensitive Data Sharing with User Revocation in Mobile Crowdsensing

2021 ◽  
Vol 2021 ◽  
pp. 1-17
Author(s):  
Jiawei Zhang ◽  
Jianfeng Ma ◽  
Teng Li ◽  
Qi Jiang
Keyword(s):  
Data Sharing ◽  
High Efficiency ◽  
Data Access ◽  
Sensitive Data ◽  
Mobile Crowdsensing ◽  
Data Access Control ◽  
Sharing Scheme ◽  
User Revocation ◽  
And Performance ◽  
Ciphertext Policy

Recently, cloud-based mobile crowdsensing (MCS) has developed into a promising paradigm which can provide convenient data sensing, collection, storage, and sharing services for resource-constrained terminates. Nevertheless, it also inflicts many security concerns such as illegal access toward user secret and privacy. To protect shared data against unauthorized accesses, many studies on Ciphertext-Policy Attribute-Based Encryption (CP-ABE) have been proposed to achieve data sharing granularity. However, providing a scalable and time-sensitive data-sharing scheme across hierarchical users with compound attribute sets and revocability remains a big issue. In this paper, we investigate this challenge and propose a hierarchical and time-sensitive CP-ABE scheme, named HTR-DAC, which is characteristics of time-sensitive data access control with scalability, revocability, and high efficiency. Particularly, we propose a time-sensitive CP-ABE for hierarchical structured users with recursive attribute sets. Moreover, we design a robust revocable mechanism to achieve direct user revocation in our scheme. We also integrate verifiable outsourced decryption to improve efficiency and guarantee correctness in decryption procedure. Extensive security and performance analysis is presented to demonstrate the security requirement satisfaction and high efficiency for our data-sharing scheme in MCS.

Sign in / Sign up

Export Citation Format

Share Document