SpringerLink
Log in

An attribute-based lightweight cloud data access control using hypergraph structure

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Cloud file storage systems are the current trend of enterprises and also of individual users. Due to the malicious or unauthorized users, file sharing among the cloud users has become the biggest challenge in the recent times. Attribute-based signcryption (ABSC) is known as the versatile cryptographic primitive which achieves the fine-grained access control over robust cloud storage. ABSC combines attribute-based encryption (ABE) and attribute-based signatures to achieve privacy-oriented confidentiality along with the authenticity. Unfortunately, most of the present ABE and ABSC schemes leverage heavy computational overheads against the key length, the ciphertext size or the expressive access structures used. In this paper, a new ABSC scheme is devised to reduce computational overheads, more particularly, at cloud by introducing the more expressive hypergraph access structure, Attribute HyperGraph. On a positive note, the proposed system outperforms and shows less cloud computational timing without exponentiations unlike Deng et al. (IEEE Access 6:39473–39486, 2018. https://doi.org/10.1109/ACCESS.2018.2843778), Liu et al. (Future Gener Comput Syst 52:67–76, 2015. https://doi.org/10.1016/j.future.2014.10.014) and Li et al. (IEEE Trans Parallel Distrib Syst 25(8):2201–2210, 2014. https://doi.org/10.1109/TPDS.2013.271) schemes. Subsequently, the system does not incur any cryptographic computations associated with designcryption at cloud unlike Deng et al. (2018).

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Advances in Cryptology—EUROCRYPT 2005. Springer, Berlin, pp 457–473. ISBN 978-3-540-32055-5

  2. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS’06, New York, NY, USA, 2006. ACM, pp 89–98. ISBN 1-59593-518-5. https://doi.org/10.1145/1180405.1180418

  3. Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: 2007 IEEE Symposium on Security and Privacy (SP’07), pp. 321–334. https://doi.org/10.1109/sp.2007.11

  4. Chase M (2007) Multi-authority attribute-based encryption. In: Theory of Cryptography. Springer, Berlin, pp 515–534. ISBN 978-3-540-70936-7

  5. Wang G, Liu Q, Wu J, Guo M (2011) Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers. Comput Secur 30(5):320–331. https://doi.org/10.1016/j.cose.2011.05.006

    Article  Google Scholar 

  6. Attrapadung N, Imai H (2009) Conjunctive broadcast and attribute-based encryption. In: Shacham H, Waters B (eds) Pairing-Based Cryptography—Pairing 2009. Springer, Berlin, pp 248–265. ISBN 978-3-642-03298-1

  7. Pandit T, Pandey SK, Barua R (2014) Attribute-based signcryption: signer privacy, strong unforgeability and IND-CCA2 security in adaptive-predicates attack. In: Chow SSM, Liu JK, Hui LCK, Yiu SM (eds) Provable Security. Springer International Publishing, Cham, pp 274–290. ISBN 978-3-319-12475-9

  8. Liu Z, Cao Z, Wong DS (2013) White-box traceable ciphertext-policy attribute-based encryption supporting any monotone access structures. IEEE Trans Inf Forensics Secur 8(1):76–88. https://doi.org/10.1109/TIFS.2012.2223683

    Article  Google Scholar 

  9. Zhang Y, Zheng D (2017) Anonymous attribute-based encryption with large universe and threshold access structures. In: 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC), vol 1, pp 870–874. https://doi.org/10.1109/cse-euc.2017.175

  10. Wolf MM, Klinvex AM, Dunlavy DM (2016). Advantages to modeling relational data using hypergraphs versus graphs. In 2016 IEEE High Performance Extreme Computing Conference (HPEC), pp 1–7. https://doi.org/10.1109/hpec.2016.7761624

  11. Deng F, Wang Y, Peng L, **ong H, Geng J, Qin Z (2018) Ciphertext-policy attribute-based signcryption with verifiable outsourced designcryption for sharing personal health records. IEEE Access 6:39473–39486. https://doi.org/10.1109/ACCESS.2018.2843778

    Article  Google Scholar 

  12. Xu Q, Tan C, Fan Z, Zhu W, **ao Y, Cheng F (2018) Secure multi-authority data access control scheme in cloud storage system based on attribute-based signcryption. IEEE Access 6:34051–34074. https://doi.org/10.1109/ACCESS.2018.2844829

    Article  Google Scholar 

  13. Xue K, Chen W, Li W, Hong J, Hong P (2018) Combining data owner-side and cloud-side access control for encrypted cloud storage. IEEE Trans Inf Forensics Secur 13(8):2062–2074. https://doi.org/10.1109/TIFS.2018.2809679

    Article  Google Scholar 

  14. Agrawal S, Chase M (2017) FAME: fast attribute-based message encryption. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS’17. ACM, pp 665–682. ISBN 978-1-4503-4946-8. https://doi.org/10.1145/3133956.3134014

  15. Lee C-C, Chung P-S, Hwang M-S (2013) A survey on attribute-based encryption schemes of access control in cloud environments. Int J Netw Secur 15(4):231–240. https://doi.org/10.6633/IJNS.201307.15(4).01

    Article  Google Scholar 

  16. Liu Z, Liu Y, Fan Y (2018) Searchable attribute-based signcryption scheme for electronic personal health record. IEEE Access 6:76381–76394. https://doi.org/10.1109/ACCESS.2018.2878527

    Article  Google Scholar 

  17. Debnath S, Nunsanga MVL, Bhuyan B (2019) Study and scope of signcryption for cloud data access control. In: Advances in computer, communication and control. Springer Singapore, pp 113–126. ISBN 978-981-13-3122-0

  18. Ruj S (2014) Attribute based access control in clouds: a survey. In: 2014 International Conference on Signal Processing and Communications (SPCOM), pp 1–6. https://doi.org/10.1109/spcom.2014.6983992

  19. Li Q, Zhu H (2017) Multi-authority attribute-based access control scheme in mhealth cloud with unbounded attribute universe and decryption outsourcing. In: 2017 9th International Conference on Wireless Communications and Signal Processing (WCSP), pp 1–7. https://doi.org/10.1109/wcsp.2017.8171106

  20. Yundong F, ** W, Jiasheng W (2017) Multi-authority attribute-based encryption access control scheme with hidden policy and constant length ciphertext for cloud storage. In: 2017 IEEE Second International Conference on Data Science in Cyberspace (DSC), pp 205–212. https://doi.org/10.1109/dsc.2017.10

  21. Yang K, Jia X (2012) Attributed-based access control for multi-authority systems in cloud storage. In: 2012 IEEE 32nd International Conference on Distributed Computing Systems, pp 536–545. https://doi.org/10.1109/icdcs.2012.42

  22. Sreenivasa Rao Y (2017) A secure and efficient ciphertext-policy attribute-based signcryption for personal health records sharing in cloud computing. Future Gener Comput Syst 67:133–151. https://doi.org/10.1016/j.future.2016.07.019

    Article  Google Scholar 

  23. He K, Guo J, Weng J, Weng J, Liu JK, Yi X (2018) Attribute-based hybrid Boolean keyword search over outsourced encrypted data. IEEE Trans Dependable Secure Comput. https://doi.org/10.1109/TDSC.2018.2864186

    Article  Google Scholar 

  24. Nikam R, Potey M (2016) Cloud storage security using multi-factor authentication. In: 2016 International Conference on Recent Advances and Innovations in Engineering (ICRAIE), pp 1–7. https://doi.org/10.1109/icraie.2016.7939528

  25. Jemel M, Serhrouchni A (2017) Decentralized access control mechanism with temporal dimension based on blockchain. In: 2017 IEEE 14th International Conference on e-Business Engineering (ICEBE), pp 177–182. https://doi.org/10.1109/icebe.2017.35

  26. Zhou D, Huang J, Schölkopf B (2006) Learning with hypergraphs: clustering, classification, and embedding. In: Proceedings of the 19th International Conference on Neural Information Processing Systems, NIPS’06, pp 1601–1608. MIT Press, Cambridge. http://dl.acm.org/citation.cfm?id=2976456.2976657

  27. Rich. Human resources data set (Version 3) - Version 13 of dataset. https://www.kaggle.com/rhuebner/human-resources-data-set

  28. Bethencourt J, Sahai A, Waters B (2011) Advanced crypto software collection: the cpabe toolkit. http://acsc.cs.utexas.edu/cpabe. Accessed 24 Mar 2011

  29. PKCS1-PSS sign method. https://www.dlitz.net/software/pycrypto/api/current/Crypto.Signature.PKCS1_PSS-module.html. Accessed 24 Mar 2012

  30. Liu J, Huang X, Liu JK (2015) Secure sharing of personal health records in cloud computing: ciphertext-policy attribute-based signcryption. Future Gener Comput Syst 52:67–76. https://doi.org/10.1016/j.future.2014.10.014(Special Section: Cloud Computing: Security, Privacy and Practice)

    Article  Google Scholar 

  31. Li J, Huang X, Li J, Chen X, **ang Y (2014) Securely outsourcing attribute-based encryption with checkability. IEEE Trans Parallel Distrib Syst 25(8):2201–2210. https://doi.org/10.1109/TPDS.2013.271

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. SRM Institute of Science and Technology, Ramapuram, India

    R. Mythili

  2. SRM Institute of Science and Technology, Kattankulathur, India

    Revathi Venkataraman & T. Sai Raj

Authors
  1. R. Mythili
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Revathi Venkataraman
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. T. Sai Raj
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to R. Mythili.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Appendices

Appendix

1.1 Security algorithmic phases of AHG-CPABSC scheme

This appendix section is dedicated to list our security algorithms. Security proof is not within the scope of this paper and will be extended as the future work.

figure s

Signature used in the proposed system

The signature used by the system follows Rivest–Shamir–Adleman (RSA) implementation public key cryptography standards (PKCS 1) [29]. The system generates the public key and private key as given follows:

  1. 1.

    Two random prime numbers (namely \( p \) and \( q \)) are selected

  2. 2.

    \( \lambda (n) \) is calculated as \( \lambda (n) = {\text{lcm}}(p - 1,q - 1) \), where \( \lambda \) is Carmichael’s quotient function, \( n = pq \) and \( {\text{lcm}} \) is least common multiple

  3. 3.

    An integer \( e \) is chosen such that \( 1 < e < \lambda (n) \) and \( \gcd (e,\lambda (n)) = 1 \), where \( { \gcd } \) is the greater common divisor

  4. 4.

    An integer \( s \) is computed such that \( se \equiv 1 \;\bmod \;\lambda (n) \)

Public key \( \upsilon = (e,n) \)

Private key \( r = (d,n) \)

The steps for signing the data are as follows:

  1. 1.

    The hash of the plaintext is calculated using SHA256 algorithm

  2. 2.

    The hash \( h \) is encrypted using the RSA private key of the signer (sender) to obtain the signature. \( S = h^{d} \;\bmod \; n \)

The steps for verifying the data are as follows:

  1. 1.

    The hash \( h^{\prime } \) of the plaintext is calculated using SHA256 algorithm

  2. 2.

    The hash h is obtained by decrypting the signature S using RSA public key of the signer (sender). \( h = S^{e} \;\bmod \;n \)

  3. 3.

    The signature is verified if \( h \) and \( h^{\prime } \) are equal.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Mythili, R., Venkataraman, R. & Sai Raj, T. An attribute-based lightweight cloud data access control using hypergraph structure. J Supercomput 76, 6040–6064 (2020). https://doi.org/10.1007/s11227-019-03119-7

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-019-03119-7

Keywords

Search

Navigation