Ciphertext-Policy Attribute-Based Encryption

@article{Bethencourt2007CiphertextPolicyAE,
  title={Ciphertext-Policy Attribute-Based Encryption},
  author={John Bethencourt and Amit Sahai and Brent Waters},
  journal={2007 IEEE Symposium on Security and Privacy (SP '07)},
  year={2007},
  pages={321-334}
}
In several distributed systems a user should only be able to access data if a user posses a certain set of credentials or attributes. Currently, the only method for enforcing such policies is to employ a trusted server to store the data and mediate access control. However, if any server storing the data is compromised, then the confidentiality of the data will be compromised. In this paper we present a system for realizing complex access control on encrypted data that we call ciphertext-policy… Expand
Implementing secure data access control for multi-authority cloud storage system using Ciphertext Policy-Attribute based encryption
  • S. V. Lekshmi, M. Revathi
  • Computer Science
  • International Conference on Information Communication and Embedded Systems (ICICES2014)
  • 2014
TLDR
The proposed solution enables the multi-authority to revoke user attributes with minimal effort by uniquely integrating the technique of proxy re-encryption with CP-ABE, and enable the authority to delegate most of laborious tasks to proxy servers. Expand
An encryption scheme for a secure policy updating
TLDR
A new variant of the CP-ABE scheme called ciphertext policy attribute based proxy re-encryption (CP-ABPRE) is presented, which allows to update the access control policy of the encrypted data without decrypting the ciphertext. Expand
Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption
TLDR
A scheme allows a storage server to update stored ciphertexts to disqualify revoked users from accessing data that was encrypted before the user's access was revoked while key update broadcasts can dynamically revoke selected users. Expand
Fully secure revocable attribute-based encryption
TLDR
This paper presents an ABE scheme that supports revocation and has full security in adaptive model and adapts the dual system encryption technique recently introduced by Waters to ABE to realize full security. Expand
A Secured and Efficient way for Data Access using Hierarchy-Attribute based Architecture on Cloud
61 Abstract— To solve the challenging problem of data sharing in cloud computing, Cipher text-policy attribute-based encryption (CP-ABE) has been a preferred encryption technology. The shared dataExpand
Enforcing Hidden Access Policy for Supporting Write Access in Cloud Storage Systems
TLDR
This paper introduces randomized hash-based public attribute key validation to cryptographically protect the content of access policy and dynamically enforce hidden policies to collaborative users and proposes a write access enforcement mechanism based the proxy re-encryption method to enable optimized and secure file re- Encryption. Expand
A secure and efficient Ciphertext-Policy Attribute-Based Proxy Re-Encryption for cloud data sharing
TLDR
The scheme is proved adaptively chosen ciphertext secure by leveraging dual system encryption technology and selective proof technique and it is proven adaptively CCA secure in the standard model without jeopardizing the expressiveness of access policy. Expand
Attribute based data sharing with attribute revocation
TLDR
This paper uniquely integrates the technique of proxy re-encryption with CP-ABE, and enables the authority to delegate most of laborious tasks to proxy servers, and shows that the proposed scheme is provably secure against chosen ciphertext attacks. Expand
Bounded Ciphertext Policy Attribute Based Encryption
TLDR
This work presents the first construction of a ciphertext-policy attribute based encryption scheme having a security proof based on a number theoretic assumption and supporting advanced access structures and support access structures which can be represented by a bounded size access tree with threshold gates as its nodes. Expand
An Efficient Approach for Data Outsourcing using Attribute based Encryption
A distributed system is a collection of autonomous computers linked by a computer network that appear to the users of the system as a single computer. In a large distributed system, security isExpand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 37 REFERENCES
Attribute-based encryption for fine-grained access control of encrypted data
TLDR
This work develops a new cryptosystem for fine-grained sharing of encrypted data that is compatible with Hierarchical Identity-Based Encryption (HIBE), and demonstrates the applicability of the construction to sharing of audit-log information and broadcast encryption. Expand
Multi-authority Attribute Based Encryption
TLDR
The question of whether a scheme could be constructed in which multiple authorities were allowed to distribute attributes is answered in the affirmative and how to apply the techniques to achieve a multiauthority version of the large universe fine grained access control ABE is shown. Expand
Secure attribute-based systems
TLDR
A novel secure information management architecture based on emerging attribute-based encryption (ABE) primitives is introduced and a policy system that meets the needs of complex policies is defined and illustrated and cryptographic optimizations that vastly improve enforcement efficiency are proposed. Expand
Hierarchical Identity Based Encryption with Constant Size Ciphertext
TLDR
A Hierarchical Identity Based Encryption system where the ciphertext consists of just three group elements and decryption requires only two bilinear map computations, regardless of the hierarchy depth, which is proved to be as efficient as in other HIBE systems. Expand
Attribute-Based Publishing with Hidden Credentials and Hidden Policies
TLDR
A system called PEAPOD (PrivacyEnhanced Attribute-based Publishing Of Data) that provides the following properties: users can securely publish data protected by attribute-based policies to multiple possible recipients without requiring interaction between senders and receivers. Expand
Attribute-based encryption with non-monotonic access structures
TLDR
An Attribute-Based Encryption scheme that allows a user's private key to be expressed in terms of any access formula over attributes based on the Decisional Bilinear Diffie-Hellman (BDH) assumption is constructed. Expand
Fuzzy Identity-Based Encryption
TLDR
Two constructions of Fuzzy IBE schemes can be viewed as an Identity-Based Encryption of a message under several attributes that compose a (fuzzy) identity and are both error-tolerant and secure against collusion attacks. Expand
Identity-Based Cryptosystems and Signature Schemes
TLDR
A novel type of cryptographic scheme, which enables any pair of users to communicate securely and to verify each other’s signatures without exchanging private or public keys, without keeping key directories, and without using the services of a third party. Expand
Chosen-Ciphertext Security from Identity-Based Encryption
TLDR
This work proposes a simple and efficient construction of a CCA-secure public-key encryption scheme from any CPA-secure identity-based encryption (IBE) scheme, which avoids non-interactive proofs of “well-formedness” which were shown to underlie most previous constructions. Expand
Automated trust negotiation using cryptographic credentials
TLDR
A policy language is introduced that enables negotiators to specify authorization requirements that must be met by an opponent to receive various amounts of information about certified attributes and the credentials that contain it, and supports the use of uncertified attributes. Expand
...
1
2
3
4
...