Proxy Re-Encryption Based Multi-Factor Access Control for Ciphertext in Cloud

doi:10.1007/s12204-018-1962-5

Abstract

Abstract: Cloud computing provides a wide platform for information sharing. Users can access data and retrieve service easily and quickly. Generally, the data in cloud are transferred with encrypted form to protect the information. As an important technology of cloud security, access control should take account of multi-factor and ciphertext to satisfy the complex requirement for cloud data protection. We propose a proxy re-encryption (PRE) based multi-factor access control (PMAC) for cipher text in the above background. The PMAC adapts to the privacy and the protection of data confidently. We explain the motivation and some assumptions of PMAC at first. Then we define system model and algorithm. The system model and algorithm show how to create the data with corresponding accessing policy and how to grant and revoke the permission.

Key words: proxy re-encryption (PRE)| access control| multi-factor| cipher text| cloud computing

摘要： Cloud computing provides a wide platform for information sharing. Users can access data and retrieve service easily and quickly. Generally, the data in cloud are transferred with encrypted form to protect the information. As an important technology of cloud security, access control should take account of multi-factor and ciphertext to satisfy the complex requirement for cloud data protection. We propose a proxy re-encryption (PRE) based multi-factor access control (PMAC) for cipher text in the above background. The PMAC adapts to the privacy and the protection of data confidently. We explain the motivation and some assumptions of PMAC at first. Then we define system model and algorithm. The system model and algorithm show how to create the data with corresponding accessing policy and how to grant and revoke the permission.

关键词: proxy re-encryption (PRE)| access control| multi-factor| cipher text| cloud computing

CLC Number:

TP 393

SU Mang (苏铓), WANG Liangchen (汪良辰), FU Anmin (付安民), YU Yan (俞研). Proxy Re-Encryption Based Multi-Factor Access Control for Ciphertext in Cloud[J]. Journal of Shanghai Jiao Tong University (Science), 2018, 23(5): 666-670.

References 15

[1]	WANG Y D, YANG J H, XU C, et al. Survey on accesscontrol technologies for cloud computing [J]. Journalof Software, 2015, 26(5): 1129-1150 (in Chinese).
[2]	JHA S, SURAL S, VAIDYA J, et al. Security analysisof temporal RBAC under an administrative model [J].Computers & Security, 2014, 46: 154-172.
[3]	YANG L, TANG Z, LI R F, et al. Roles query algorithmin cloud computing environment based on userrequire [J]. Journal of Communications, 2010, 7(32):169-175 (in Chinese).
[4]	LUO J,WANG H J, GONG X, et al. A novel role-basedaccess control model in cloud environments [J]. InternationalJournal of Computational Intelligence Systems,2016, 9(1): 1-9.
[5]	LI J W, SQUICCIARINI A, LIN D, et al. SecLoc:Securing location-sensitive storage in the cloud[C]//Proceedings of the 20th ACM Symposium on AccessControl Models and Technologies. Vienna, Austria:ACM, 2015: 51-61.
[6]	ZHOU L, VARADHARAJAN V, HITCHENS M.Trust enhanced cryptographic role-based access controlfor secure cloud data storage [J]. IEEE Transactionson Information Forensics and Security, 2015,10(11): 2381-2395.
[7]	ZHOU L, VARADHARAJAN V, GOPINATH K. Asecure role-based cloud storage system for encryptedpatient-centric health records [J]. The Computer Journal,2016, 59(11): 1593-1611.
[8]	XU P, JIAO T F, WU Q H, et al. Conditional identitybasedbroadcast proxy re-encryption and its applicationto cloud email [J]. IEEE Transactions on Computers,2016, 65(1): 66-79.
[9]	ZHANG Y H, LI J, CHEN X F, et al. Anonymousattribute based proxy re-encryption for access controlin cloud computing [J]. Security and CommunicationNetworks, 2016, 9(14): 2397-2411.
[10]	LI J G, ZHAO X X, ZHANG Y C, et al. Provably securecertificate-based conditional proxy re-encryption[J]. Journal of Information Science and Engineering,2016, 32(4): 813-830.
[11]	LIU Q, WANG G J, WU J. Time-based proxy reencryptionscheme for secure data sharing in a cloudenvironment [J]. Information Sciences, 2014, 258(3):355-370.
[12]	YANG Y J, LU H B,WENG J, et al. Fine-grained conditionalproxy re-encryption and application [J]. LectureNotes in Computer Science, 2014, 8782: 206-222.
[13]	TANG Q. Type-based proxy re-encryption and its construction[J]. Lecture Notes in Computer Science, 2008,5365: 130-144.
[14]	SU M, SHI G Z, XIE R N, et al. Multi-element basedon proxy re-encryption scheme for mobile cloud computing[J]. Journal of Communications, 2015, 36(11):73-79 (in Chinese).
[15]	SU M, LI F H, SHI G Z, et al. A user-centric datasecure creation scheme in cloud computing [J]. ChineseJournal of Electronics, 2016, 25(4): 753-760.