User Key Revocation Method for Multi-cloud Service Providers

Li Shuan-bao; Wang Xue-rui; Fu Jian-ming; Zhang Huan-guo

doi:10.11999/JEIT150205

Volume 37 Issue 9

Sep. 2015

Turn off MathJax

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2015 > 37(9): 2225-2231

Li Shuan-bao, Wang Xue-rui, Fu Jian-ming, Zhang Huan-guo. User Key Revocation Method for Multi-cloud Service Providers[J]. Journal of Electronics & Information Technology, 2015, 37(9): 2225-2231. doi: 10.11999/JEIT150205

Citation:

Li Shuan-bao, Wang Xue-rui, Fu Jian-ming, Zhang Huan-guo. User Key Revocation Method for Multi-cloud Service Providers[J]. Journal of Electronics & Information Technology, 2015, 37(9): 2225-2231. doi: 10.11999/JEIT150205

Citation:

PDF( 337 KB)

User Key Revocation Method for Multi-cloud Service Providers

doi: 10.11999/JEIT150205

Received Date: 2015-02-03
Rev Recd Date: 2015-05-18
Publish Date: 2015-09-19

Abstract

Abstract

Key information leakage is one of the most serious problems in Intercloud service, to solve this problem, a scheme of user key revocation on attribute-based ring signatures is proposed. Focused on user ciphertext access in Intercloud, the mechanism of ciphertext matrixes mapping without attribute leakage is discussed, multi-authority can extend attribute sets for generation key, then full user attributes can not be acquired by Cloud Service Providers (CSP), thus overhead on attribute storage is reduced. In addition, user signature verification revocation based on revocable ring and monotone span programs is designed, which constitutes ring of CSPs, authorities and users. Receiving CSP can define ciphertext access structure, users can access ciphertext through source CSP verifying, and authorities can remove decryption key from attribute-lost users without affecting any other users. The mechanism of collusion resistance with integrating attributes on the basis of Ciphertext-Policy Attribute Base Encryption (CP-ABE) and monotone span programs is discussed, with which user attribute confidentiality can be protected from leakage. Finally, to prove the effectiviness of the proposed model, the performance analysis of communication cost and computational efficiency are verified.
- Cloud computing,
- Ring signature,
- Access structure,
- Verify,
- Collusion

FullText(HTML)

References(24)

References

Buyya R, Ranjan R, and Calheiros N R. InterCloud: utility- oriented federation of cloud computing environments for scaling of application services[C]. Proceedings of Algorithms and Architectures for Parallel Processing, Berlin, 2010: 13-31.

李拴保, 傅建明, 张焕国. 环境下基于环签密的用户身份属性保护方案[J]. 通信学报，2014, 35(9): 99-111.

Li Shuan-bao, Fu Jian-ming, and Zhang Huan-guo. Scheme on user identity attribute preserving based on ring signcryption for cloud computing[J]. Journal on Communications, 2014, 35(9): 99-111.

冯登国, 张敏, 杨妍妍. 云计算安全研究[J]. 软件学报, 2011, 22(1): 71-83.

Feng Deng-guo, Zhang Min, and Yang Yan-yan. Study on cloud computing security[J]. Journal of Software, 2011, 22(1): 71-83.

Liu D Y W, Liu J K, and Mu Y. Revocable ring signature[J]. Journal of Computer Science and Technology, 2007, 12(6): 785-794.

Chuang I-hsun and Li Syuan-hao. An effective privacy protection scheme for cloud computing[C]. Proceedings of Advanced Communication Technology, Gangwon-Do, 2011: 260-265.

Wang Guo-jun and Liu Qin. Hierarchical attribute-based encryption for fine-grained access control in cloud storage services[C]. Proceedings of Computer and Communications Security, Pairs, 2010: 735-737.

Sherman S M C and He Yi-jun. Simple privacy-preserving identity-management for cloud environment[C]. Proceedings of Applied Cryptography and Network Necurity, Berlin, 2012: 526-543.

Mao Shao-wu and Zhang Huan-guo. A resistant quantum key exchange protocol and its corresponding encryption scheme [J]. China Communications, 2014, 11(9): 12-23.

张倩颖, 冯登国, 赵世军. 基于可信芯片的平台身份证明方案研究[J]. 通信学报，2014, 35(8): 95-106.

Zhang Qian-ying, Feng Deng-guo, and Zhao Shi-jun. Research of platform identity attestation based on trusted chip[J]. Journal on Communications, 2014, 35(8): 95-106.

冯登国, 张敏, 李昊. 大数据隐私与安全保护[J]. 计算机学报, 2014, 37(1): 246-258.

Feng Den-guo, Zhang Min, and Li Hao. Big data privacy and security protection[J]. Journal of Computer, 2014, 37(1): 246-258.

Yu Shu-cheng and Wang Cong. Achieving secure, scalable, and fine-grained data access control in cloud computing[C]. Proceedings of Computer Communications, Pairs, 2010b: 15-19.

Yu Shu-cheng and Wang Cong. Attribute based data sharing with attribute revocation[C]. Proceedings of Information, Computer and Communications Security, Pairs, 2010a: 261-270.

Wang Guo-jun and Liu Qin. Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers[J]. Computers Security, 2011, 30(3): 320-331.

Wei Li-fei and Zhu Hao-jin. Security and privacy for storage and computation in cloud computing[J]. Information Sciences, 2014, 258: 371-386.

Adeela W and Asad R. A framework for preservation of cloud users data privacy using dynamic reconstruction of metadata [J]. Journal of Network and Computer Applications, 2013, 36(2): 235-248.

Dan B and Matt F. Identity-based encryption from the weil pairing[C]. Proceedings of Cryptology, Berlin, 2001: 213-229.

Zhang Yan, Feng Deng-guo, and Zhang Zheng-feng. On the security of an efficient attribute-based signature[C]. Proceedings of Network and System Security, Berlin, 2013: 381-392.

Lewko A and Waters B. Decentralizing attribute-based encryption[C]. Proceedings of EUROCRYPT, Paterson, 2011: 568-588.

Bethencourt J, Sahai A, and Waters B. Ciphertext-policy attribute-based encryption[C]. Proceedings of the IEEE Security and Privacy, Paris, 2007: 321-334.

Shamir A. How to share secret[J]. Communication of Association for Computing Machinery, 2002, 40(11): 612-613.

Relative Articles

Supplements(0)

Cited By

Proportional views