Abstract
Disclosure of sensitive data leads to identity theft and violation of privacy. The untrusted cloud service provider (CSP) may try to disclose/misuse the data. It is necessary to provide access control and security over the outsourced and shared data to hide it from the CSP and unauthorized users. Traditional access control schemes are prone to security threats in the cloud environment. Attribute-based access control schemes (ABAC) are well suited for the cloud environment. Attribute-based encryption (ABE) is a promising cryptographic solution to provide fine-grained access control over the shared data. It selectively shares the data among the users and hides data from the CSP and unauthorized users. It preserves the privacy of users and the security of data being shared. Users can decrypt the data only if their attributes are satisfied with the access policy associated in the ciphertext. This paper presents a comprehensive survey of the ABE schemes. Taxonomy, performance comparison, and applications of ABE schemes are dealt with. The taxonomy and performance comparison help the selection of the most suitable ABE scheme based on specific usage scenarios. Thus, the survey opens up very interesting avenues for further research in this area, which are also discussed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Waters B (2011) Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Cryptography-PKC 2011. Springer Berlin Heidelberg, pp 53, 70
Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: Proceedings of the IEEE symposium on security and privacy, pp 321–334
Xu S, Yang G, Mu Y, Deng RH (2018) Secure fine-grained access control and data sharing for dynamic groups in cloud. IEEE Trans Inf Forensics Secur
Ruj S, Stojmenovic M, Nayak A (2014) Decentralized access control with anonymous authentication of data stored in clouds. IEEE Trans Parallel Distrib Syst 25(2):384–394
Deng H, Wu Q, Qin B, Domingo-Ferrer J, Zhang L, Liu J, Shi W (2014) Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts. Inf Sci 275:370–384
Hur J (2013) Improving security and efficiency in attribute-based data sharing. IEEE Trans Knowl Data Eng 25(10)
Huang Q, Yang Y, Shen M (2017) Secure and efficient data collaboration with hierarchical attribute-based encryption in cloud computing. Future Gener Comput Syst 72:239, 249
Hur J (2013) Attribute-based secure data sharing with hidden policies in smart grid. IEEE Trans Parallel Distrib Syst 24(11):2171–2180
Teng W, Yang G, **ang Y, Zhang T, Wang D (2015) Attributebased access control with constant-size ciphertext in cloud computing. IEEE Trans Cloud Comput 99:1–11
Chase M, Chow SSM (2009) Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM conference on computer and communications security, pp 121–130
Muller S, Katzenbeisser S (2008) Distributed attribute-based encryption. ICISC, Lect Notes Comput Sci Springer 5461:20–36
Lewko AB, Waters B (2011) Decentralizing attribute-based encryption. In: Proceedings of the Annual international conference on the theory and applications of cryptographic techniques (EUROCRYPT), pp 568–588
Ruj S, Stojmenovic M, Nayak A (2012) Privacy preserving access control with authentication for securing data in clouds. In: 12th IEEE/ACM international symposium on cluster, cloud and grid computing, pp 556–563
Wan Z, Liu J, Deng RH (2012) HASBE: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE Trans Inf Forensics Secur 7(2):743–754
Wang G, Liu Q, Wu J (2010) Hierarchical attribute-based encryption for finegrained access control in cloud storage services. In: Proceedings of the 17th ACM conference on computer and communications security (CCS), pp 735–737
Ruj S, Nayak A, Stojmenovic I (2011) DACC: distributed access control in clouds. In: IEEE 10th international conference on trust, security and privacy in computing and communications (TrustCom), pp 91–98
Yu S, Wang C, Ren K, Lou W (2010) Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM symposium on information, computer and communications security (ASIACCS), pp 261–270
Li M, Yu S, Ren K, Lou W (2010) Securing personal health records in cloud computing: patient-centric and fine-grained data access control in multi-owner settings. In: Proceedings of the sixth international ICST conference on security and privacy in communication networks (SecureComm), pp 89–106
Li M, Yu S, Yao Z, Kui R, Lou W (2013) Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans Parallel Distrib Syst 24(1):131–143
Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: International conference on advances in cryptology (EUROCRYPT), pp 457–473
Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: ACM conference on computer and communication security, pp 89–98
Cheung L, Newport C (2007) Provably secure ciphertext-policy attribute-based encryption. In: ACM conference on computer and communication security, pp 456–465
Green M, Hohenberger S, Waters B (2011) Outsourcing the decryption of ABE ciphertexts. In: Proceedings of the USENIX security symposium, vol 3
Yang K, Jia X, Ren K (2012) Dac-macs: effective data access control for multiauthority cloud storage systems. In: IACR cryptology ePrint Archive, pp 419–429
Zhao F, Nishide T, Sakurai K (2011) Realizing fine-grained and flexible access control to outsourced data with attribute-based cryptosystems. In: Seventh international conference on information security practice and experience (ISPEC), pp 83–97
Nishide T, Yoneyamma K, Ohta K (2008) Attribute-based encryption with partially hidden encryptor-specified access structures. In: ACNS, pp 111–129
Keita Emura, Atsuko Miyaji, Akito Nomura, Kazumasa Omote, Masakazu Soshi (2009) A ciphertext-policy attribute-based encryption scheme with constant ciphertext length. Lect Notes Comput Sci 5451:13–23
Hur J, Noh DK (2011) Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans Parallel Distrib Syst 22(7):1214–1221
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Sabitha, S., Rajasree, M.S. (2020). Attribute-Based Access Control Schemes in Cloud: Performance and Research Directions. In: Sharma, D.K., Balas, V.E., Son, L.H., Sharma, R., Cengiz, K. (eds) Micro-Electronics and Telecommunication Engineering. Lecture Notes in Networks and Systems, vol 106. Springer, Singapore. https://doi.org/10.1007/978-981-15-2329-8_24
Download citation
DOI: https://doi.org/10.1007/978-981-15-2329-8_24
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-2328-1
Online ISBN: 978-981-15-2329-8
eBook Packages: EngineeringEngineering (R0)