Fine-grained document sharing using attribute-based encryption in cloud servers
Hierarchical cryptographic key management of access control can be modeled as a partially ordered set in which a high security class can derive its descendant encryption keys, but not vice versa. In this paper, we propose a practical key management scheme for our segment-based document which is a novel XML-based document format for web publishing, called CEBX. The proposed scheme is not only efficient on key generation and key derivation, but also secure against collusion attack, reverse attack and key modification attack. Excellent dynamics are also supported in our scheme and updates of nodes or edges are locally affected in the hierarchy. Nodes of the hierarchy can define passwords to protect the segments of CEBX document, supporting more flexible business strategies in a digital rights management system.