SpringerLink
Log in

Secure access privilege delegation using attribute-based encryption

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Attribute-based encryption (ABE) is widely used for a secure and efficient data sharing. The predetermined access policy of ABE shares the data with intended data users. However, ABE is not preferable in many applications that require collaboration among data users. In such applications, an authorized data user may be interested to collaborate with another data user who does not adhere to the access policy. Fixed access policy of ABE does not allow an authorized data user (who satisfies the access policy) to collaborate or share the data with any unauthorized data user (who fails to satisfy the access policy). Thus, due to the static and predefined access policy, data collaboration in ABE is significantly challenging. In this work, we attempt to address this important issue of ABE through proxy re-encryption mechanism. We have formally proved the security of our proposed system. Moreover, we have demonstrated that the proposed system permits revocation of delegation rights.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price includes VAT (Germany)

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

Data availability

Data sharing is not applicable to this article as no datasets were generated or analyzed during the current study.

References

  1. Tian, G., Hu, Y., Wei, J., Liu, Z., Huang, X., Chen, X., Susilo, W.: “Blockchain-based secure deduplication and shared auditing in decentralized storage,” IEEE Trans. Dependable Secure Comput., 2021

  2. Yu, Y., Li, Y., Yang, B., Susilo, W., Yang, G., Bai, J.: Attribute-based cloud data integrity auditing for secure outsourced storage. IEEE Trans. Emerg. Top. Comput. 8(2), 377–390 (2017)

    Article  Google Scholar 

  3. Panda, S., Mukherjee, A., Halder, R., Mondal, S.: “Blockchain-enabled emergency detection and response in mobile healthcare system,” in 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC). IEEE, 2022, pp. 1–5

  4. Panda, S., Mondal, S., Kumar, N.: Slap: A secure and lightweight authentication protocol for machine-to-machine communication in industry 4.0. Comput. Electr. Eng. 98, 107669 (2022)

    Article  Google Scholar 

  5. Yu, S., Wang, C., Ren, K., Lou, W., “Achieving secure, scalable, and fine-grained data access control in cloud computing” in,: Proceedings IEEE INFOCOM. Ieee 2010, 1–9 (2010)

  6. Sahai, A., Waters, B.: “Fuzzy identity-based encryption,” in Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 2005, pp. 457–473

  7. Goyal, V., Pandey, O., Sahai, A., Waters, B.: “Attribute-based encryption for fine-grained access control of encrypted data,” in Proceedings of the 13th ACM conference on Computer and communications security, 2006, pp. 89–98

  8. Odelu, V., Das, A.K., Rao, Y.S., Kumari, S., Khan, M.K., Choo, K.-K.R.: Pairing-based cp-abe with constant-size ciphertexts and secret keys for cloud environment. Comput. Stand. Interfaces 54, 3–9 (2017)

    Article  Google Scholar 

  9. Susilo, W., Jiang, P., Guo, F., Yang, G., Yu, Y., Mu, Y.: Eacsip: Extendable access control system with integrity protection for enhancing collaboration in the cloud. IEEE Trans. Inf. Forensics Secur. 12(12), 3110–3122 (2017)

    Article  Google Scholar 

  10. Huang, Q., Li, N., Yang, Y., “Dacsc: Dynamic and fine-grained access control for secure data collaboration in cloud computing,” in,: IEEE Global Communications Conference (GLOBECOM). IEEE 2018, 1–7 (2018)

  11. Ahuja,R., Mohanty, S. K.: “A scalable attribute-based access control scheme with flexible delegation cum sharing of access privileges for cloud storage,” IEEE Transactions on Cloud Computing, 2017

  12. Deng, H., Qin, Z., Wu, Q., Guan, Z., Zhou, Y.: Flexible attribute-based proxy re-encryption for efficient data sharing. Inf. Sci. 511, 94–113 (2020)

    Article  MathSciNet  MATH  Google Scholar 

  13. Hong, H., Sun, Z.: Sharing your privileges securely: A key-insulated attribute based proxy re-encryption scheme for iot. World Wide Web 21, 595–607 (2018)

    Article  Google Scholar 

  14. Kawai, Y.: “Outsourcing the re-encryption key generation: Flexible ciphertext-policy attribute-based proxy re-encryption,” in Information Security Practice and Experience: 11th International Conference, ISPEC: Bei**g, China, May 5–8, 2015. Proceedings. Springer 2015, 301–315 (2015)

  15. Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1), 131–143 (2012)

    Article  Google Scholar 

  16. Liu, X., Liu, Q., Peng, T., Wu, J.: Dynamic access policy in cloud-based personal health record (phr) systems. Inf. Sci. 379, 62–81 (2017)

    Article  Google Scholar 

  17. Shamir, A.: “Identity-based cryptosystems and signature schemes,” in Workshop on the theory and application of cryptographic techniques. Springer, 1984, pp. 47–53

  18. Fan, C.-I., Huang, L.-Y., Ho, P.-H.: Anonymous multireceiver identity-based encryption. IEEE Trans. Comput. 59(9), 1239–1249 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  19. Kiayias, A., Tang, Q.: “Making any identity-based encryption accountable, efficiently,” in European Symposium on Research in Computer Security. Springer, 2015, pp. 326–346

  20. Boyen, X., Waters, B.: “Anonymous hierarchical identity-based encryption (without random oracles),” in Annual International Cryptology Conference. Springer, 2006, pp. 290–307

  21. De, S. J., Ruj, S.: “Efficient decentralized attribute based access control for mobile clouds,” IEEE transactions on cloud computing, 2017

  22. Ge, C., Susilo, W., Baek, J., Liu, Z., **a, J., Fang, L.: “Revocable attribute-based encryption with data integrity in clouds,” IEEE Transactions on Dependable and Secure Computing, 2021

  23. Rasori, M., Perazzo, P., Dini, G., Yu, S.: Indirect revocable kp-abe with revocation undoing resistance. IEEE Trans. Serv. Comput. 15(5), 2854–2868 (2021)

    Article  Google Scholar 

  24. Hong, H., Sun, Z.: A flexible attribute based data access management scheme for sensor-cloud system. J. Syst. Architect. 119, 102234 (2021)

  25. Blaze, M., Bleumer, G., Strauss, M.: “Divertible protocols and atomic proxy cryptography,” in International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 1998, pp. 127–144

  26. Canetti, R., Hohenberger, S.: “Chosen-ciphertext secure proxy re-encryption,” in Proceedings of the 14th ACM conference on Computer and communications security, 2007, pp. 185–194

  27. Taban, G., Cárdenas, A. A., Gligor, V. D.: “Towards a secure and interoperable drm architecture,” in Proceedings of the ACM workshop on Digital rights management, 2006, pp. 69–78

  28. Zhang, J., Zhang, Z., Guo, H.: Towards secure data distribution systems in mobile cloud computing. IEEE Trans. Mob. Comput. 16(11), 3222–3235 (2017)

    Article  Google Scholar 

  29. Mizuno, T., Doi, H.: Hybrid proxy re-encryption scheme for attribute-based encryption, in Information Security and Cryptology: 5th International Conference, Inscrypt: Bei**g, China, December 12–15, 2009. Revised Selected Papers 5. Springer 2010, 288–302 (2009)

  30. Panda, S., Mondal, S., Dewri, R., Das, A. K.: “Towards achieving efficient access control of medical data with both forward and backward secrecy,” Comput. Commun., 2022

  31. Ge, C., Susilo, W., Liu, Z., **a, J., Szalachowski, P., Fang, L.: Secure keyword search and data sharing mechanism for cloud computing. IEEE Trans. Dependable Secure Comput. 18(6), 2787–2800 (2020)

    Google Scholar 

  32. Beimel, A.: “Secret-sharing schemes: A survey,” in International conference on coding and cryptology. Springer, 2011, pp. 11–46

  33. Kiltz, E.: “Chosen-ciphertext security from tag-based encryption,” in Theory of Cryptography Conference. Springer, 2006, pp. 581–600

  34. Rogaway, P.: “Evaluation of some blockcipher modes of operation,” Cryptography Research and Evaluation Committees (CRYPTREC) for the Government of Japan, 2011

  35. Katz, J., Lindell, Y.: Introduction to modern cryptography. CRC press, 2014

  36. Akinyele, J.A., Garman, C., Miers, I., Pagano, M.W., Rushanan, M., Green, M., Rubin, A.D.: Charm: A framework for rapidly prototy** cryptosystems. J. Cryptogr. Eng. 3(2), 111–128 (2013)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science & Engineering, Indian Institute of Technology Patna, Bihta, India

    Suryakanta Panda & Samrat Mondal

  2. Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad, India

    Ashok Kumar Das

  3. Institute of Cybersecurity and Cryptology, University of Wollongong, Wollongong, Australia

    Willy Susilo

Authors
  1. Suryakanta Panda
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Samrat Mondal
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ashok Kumar Das
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Willy Susilo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Suryakanta Panda.

Ethics declarations

Conflicts of interest

The authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Panda, S., Mondal, S., Das, A.K. et al. Secure access privilege delegation using attribute-based encryption. Int. J. Inf. Secur. 22, 1261–1276 (2023). https://doi.org/10.1007/s10207-023-00690-2

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-023-00690-2

Keywords

Search

Navigation