CloudHKA: A cryptographic approach for hierarchical access control in cloud computing

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 7954 LNCS, Issue , 2013, Pages 37-52

  Chen, Yi Ruei ^a   Chu, Cheng Kang ^b   Tzeng, Wen Guey ^a   Zhou, Jianying ^b  

^a NATIONAL CHIAO TUNG UNIVERSITY   (Taiwan)

^b INSTITUTE FOR INFOCOMM RESEARCH   (Singapore)

Author keywords

Access control; Bell LaPadula security model; cloud computing; hierarchical key assignment; key management; outsourced data; proxy re encryption

Indexed keywords

HIERARCHICAL KEY ASSIGNMENT; KEY MANAGEMENT; OUTSOURCED DATUM; PROXY RE ENCRYPTIONS; SECURITY MODEL;

BELLS; CLOUD COMPUTING; DISTRIBUTED DATABASE SYSTEMS; MOBILE DEVICES; NETWORK SECURITY; PUBLIC KEY CRYPTOGRAPHY; WEB SERVICES;

ACCESS CONTROL;

EID: 84879857216     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-38980-1_3     Document Type: Conference Paper

References (31)

1. Akl, S.G., Taylor, P.D.: Cryptographic solution to a problem of access control in a hierarchy. ACM Transactions on Computer Systems 1(3), 239-248 (1983)
2. Atallah, M.J., Blanton, M., Fazio, N., Frikken, K.B.: Dynamic and efficient key management for access hierarchies. ACM Transactions on Information and System Security 12(3) (2009)
3. Atallah, M.J., Frikken, K.B., Blanton, M.: Dynamic and efficient key management for access hierarchies. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS), pp. 190-202 (2005)
4. Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Transactions on Information and System Security 9(1), 1-30 (2006)
5. Bell, D.E., Lapadula, L.J.: Secure computer systems: Unified exposition and multics interpretation. Technical Report MTR-2997, Mitre Corporation, Bedford, Massachusetts (1976)
6. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of the IEEE Symposium on Security and Privacy (S&P), pp. 321-334 (2007)
7. Blaze, M., Bleumer, G., Strauss, M.: Divertible protocols and atomic proxy cryptography. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 127-144. Springer, Heidelberg (1998) (Pubitemid 128081481)
8. Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: ACM Conference on Computer and Communications Security (CCS), pp. 417-426 (2008)
9. Canetti, R., Hohenberger, S.: Chosen-ciphertext secure proxy re-encryption. In: Proceedings of ACM Conference on Computer and Communications Security (CCS), pp. 185-194 (2007)
10. Chen, Y.-R., Chu, C.-K., Tzeng, W.-G., Zhou, J.: Cloudhka: A cryptographic approach for hierarchical access control in cloud computing. Cryptology ePrint Archive, Report 2013/208 (2013), http://eprint.iacr.org/
11. Chen, Y.-R., Tygar, J.D., Tzeng, W.-G.: Secure group key management using unidirectional proxy re-encryption schemes. In: Proceedings of the IEEE International Conference on Computer Communications (INFOCOM), pp. 1952-1960 (2011)
12. Chou, K.-Y., Chen, Y.-R., Tzeng, W.-G.: An efficient and secure group key management scheme supporting frequent key updates on pay-tv systems. In: Proceedings of the IEEE Asia-Pacific Network Operations and Management Symposium (APNOMS), pp. 1-8 (2011)
13. Crampton, J., Martin, K.M., Wild, P.R.: On key assignment for hierarchical access control. In: Proceedings of the IEEE Computer Security Foundations Workshop (CSFW), pp. 98-111 (2006)
14. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS), pp. 89-98 (2006)
15. Green, M., Ateniese, G.: Identity-based proxy re-encryption. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 288-306. Springer, Heidelberg (2007)
16. Green, M., Hohenberger, S., Waters, B.: Outsourcing the decryption of abe ciphertexts. In: Proceedings of the USENIX Security Symposium (2011)
17. Harn, L., Lin, H.-Y.: A cryptographic key generation scheme for multilevel data security. Computers & Security 9(6), 539-546 (1990)
18. Hur, J., Noh, D.K.: Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Transactions on Parallel and Distributed Systems 22(7), 1214-1221 (2011)
19. Luo, S., Shen, Q., Chen, Z.: Fully secure unidirectional identity-based proxy reencryption. In: Kim, H. (ed.) ICISC 2011. LNCS, vol. 7259, pp. 109-126. Springer, Heidelberg (2012)
20. MacKinnon, S.J., Taylor, P.D., Meijer, H., Akl, S.G.: An optimal algorithm for assigning cryptographic keys to control access in a hierarchy. IEEE Transactions on Computers 34(9), 797-802 (1985)
21. Ray, I., Ray, I., Narasimhamurthi, N.: A cryptographic solution to implement access control in a hierarchy and more. In: ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 65-73 (2002)
22. Rivest, R.L.: All-or-nothing encryption and the package transform. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 210-218. Springer, Heidelberg (1997)
23. Sahai, A., Seyalioglu, H., Waters, B.: Dynamic credentials and ciphertext delegation for attribute-based encryption. In: Safavi-Naini, R. (ed.) CRYPTO 2012. LNCS, vol. 7417, pp. 199-217. Springer, Heidelberg (2012)
24. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457-473. Springer, Heidelberg (2005)
25. De Santis, A., Ferrara, A.L., Masucci, B.: Efficient provably-secure hierarchical key assignment schemes. Theoretical Computer Science 412(41), 5684-5699 (2011)
26. Shao, J., Liu, P., Cao, Z., Wei, G.: Multi-use unidirectional proxy re-encryption. In: Proceedings of IEEE International Conference on Communications (ICC), pp. 1-5 (2011)
27. Tzeng, W.-G.: A time-bound cryptographic key assignment scheme for access control in a hierarchy. IEEE Transactions on Knowledge and Data Engineering (TKDE) 14(1), 182-188 (2002)
28. Wang, H., Cao, Z., Wang, L.: Multi-use and unidirectional identity-based proxy re-encryption schemes. Information Sciences 180(20), 4042-4059 (2010)
29. Wong, C.K., Gouda, M.G., Lam, S.S.: Secure group communications using key graphs. IEEE/ACM Transactions on Network 8(1), 16-30 (2000)
30. Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proceedings of the IEEE International Conference on Computer Communications (INFOCOM), pp. 534-542 (2010)
31. Zhong, S.: A practical key management scheme for access control in a user hierarchy. Computers & Security 21(8), 750-759 (2002)