The Community for Technology Leaders
RSS Icon
Issue No.02 - July-December (2013 vol.1)
pp: 172-186
Piotr K. Tysowski , University of Waterloo, Waterloo
M. Anwarul Hasan , University of Waterloo, Waterloo
Outsourcing data to the cloud are beneficial for reasons of economy, scalability, and accessibility, but significant technical challenges remain. Sensitive data stored in the cloud must be protected from being read in the clear by a cloud provider that is honest-but-curious. Additionally, cloud-based data are increasingly being accessed by resource-constrained mobile devices for which the processing and communication cost must be minimized. Novel modifications to attribute-based encryption are proposed to allow authorized users access to cloud data based on the satisfaction of required attributes such that the higher computational load from cryptographic operations is assigned to the cloud provider and the total communication cost is lowered for the mobile user. Furthermore, data re-encryption may be optionally performed by the cloud provider to reduce the expense of user revocation in a mobile user environment while preserving the privacy of user data stored in the cloud. The proposed protocol has been realized on commercially popular mobile and cloud platforms to demonstrate real-world benchmarks that show the efficacy of the scheme. A simulation calibrated with the benchmark results shows the scalability potential of the scheme in the context of a realistic workload in a mobile cloud computing system.
Mobile communication, Encryption, Computational modeling, Outsourcing, Computer security, Scalability, Cloud computing,scalability, Distributed computing, mobile computing, security, cryptography
Piotr K. Tysowski, M. Anwarul Hasan, "Hybrid Attribute- and Re-Encryption-Based Key Management for Secure and Scalable Mobile Applications in Clouds", IEEE Transactions on Cloud Computing, vol.1, no. 2, pp. 172-186, July-December 2013, doi:10.1109/TCC.2013.11
[1] P.K. Tysowski and M.A. Hasan, "Hybrid Attribute-Based Encryption and Re-Encryption for Scalable Mobile Applications in Clouds," Technical Report 13, Centre for Applied Cryptographic Research (CACR), Univ. of Waterloo, 2013.
[2] R.L. Rivest, A. Shamir, and L. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystems," Comm. ACM, vol. 26, no. 1, pp. 96-99, Jan. 1983.
[3] N. Balasubramanian, A. Balasubramanian, and A. Venkataramani, "Energy Consumption in Mobile Phones: A Measurement Study and Implications for Network Applications," Proc. Ninth ACM SIGCOMM Conf. Internet Measurement Conf. (IMC '09), pp. 280-293, 2009.
[4] J. Bethencourt, A. Sahai, and B. Waters, "Ciphertext-Policy Attribute-Based Encryption," Proc. IEEE Symp. Security and Privacy (SP '07), pp. 321-334, 2007.
[5] A. Tassanaviboon and G. Gong, "OAuth and ABE Based Authorization in Semi-Trusted Cloud Computing: Aauth," Proc. Second Int'l Workshop Data Intensive Computing in the Clouds (DataCloud-SC '11), pp. 41-50, 2011.
[6] X. Liang, R. Lu, and X. Lin, "Ciphertext Policy Attribute Based Encryption with Efficient Revocation," Technical Report BBCR, Univ. of Waterloo, 2011.
[7] J. Hur and D.K. Noh, "Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems," IEEE Trans. Parallel and Distributed Systems, vol. 22, no. 7, pp. 1214-1221, July 2011.
[8] G. Zhao, C. Rong, J. Li, F. Zhang, and Y. Tang, "Trusted Data Sharing over Untrusted Cloud Storage Providers," Proc. IEEE Second Int'l Conf. Cloud Computing Technology and Science (CLOUDCOM '10), pp. 97-103, 2010.
[9] P.K. Tysowski and M.A. Hasan, "Towards Secure Communication for Highly Scalable Mobile Applications in Cloud Computing Systems," Technical Report 33, Centre for Applied Cryptographic Research (CACR), Univ. of Waterloo, 2011.
[10] G. Ateniese, K. Fu, M. Green, and S. Hohenberger, "Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage," ACM Trans. Information and System Security, vol. 9, pp. 1-30, Feb. 2006.
[11] S. Jahid, P. Mittal, and N. Borisov, "EASiER: Encryption-Based Access Control in Social Networks with Efficient Revocation," Proc. Sixth ACM Symp. Information, Computer and Comm. Security (ASIACCS '11), pp. 411-415, 2011.
[12] Q. Liu, G. Wang, and J. Wu, "Clock-Based Proxy Re-Encryption Scheme in Unreliable Clouds," Proc. 41st Int'l Conf. Parallel Processing Workshops (ICPPW), pp. 304-305, Sept. 2012.
[13] J.-M. Do, Y.-J. Song, and N. Park, "Attribute Based Proxy Re-Encryption for Data Confidentiality in Cloud Computing Environments," Proc. First ACIS/JNU Int'l Conf. Computers, Networks, Systems and Industrial Eng. (CNSI), pp. 248-251, May 2011.
[14] S. Yu, C. Wang, K. Ren, and W. Lou, "Attribute Based Data Sharing with Attribute Revocation," Proc. Fifth ACM Symp. Information, Computer and Comm. Security (ASIACCS '10), pp. 261-270, 2010.
[15] Y. Ming, L. Fan, H. Jing-Li, and W. Zhao-Li, "An Efficient Attribute Based Encryption Scheme with Revocation for Outsourced Data Sharing Control," Proc. First Int'l Conf. Instrumentation, Measurement, Computer, Comm. and Control, pp. 516-520, 2011.
[16] S. Yu, C. Wang, K. Ren, and W. Lou, "Achieving Secure, Scalable, and Fine-Grained Data Access Control in Cloud Computing," Proc. IEEE INFOCOM '10, pp. 534-542, 2010.
[17] K. Yang and X. Jia, "Attributed-Based Access Control for Multi-Authority Systems in Cloud Storage," Proc. IEEE 32nd Int'l Conf. Distributed Computing Systems (ICDCS), pp. 536-545, 2012.
[18] K. Yang, X. Jia, K. Ren, and B. Zhang, "DAC-MACS: Effective Data Access Control for Multi-Authority Cloud Storage Systems," Proc. IEEE INFOCOM, pp. 2895-2903, 2013.
[19] J. Wang, "Java Realization for Ciphertext-Policy Attribute-Based Encryption," http://github.comwakemecn, 2012.
[20] A.D. Caro and V. Iovino, "jPBC: Java Pairing Based Cryptography," Proc. IEEE Symp. Computers and Comm. (ISCC), 2011.
[21] A.D. Caro, "Java Pairing-Based Cryptography Library," /, 2012.
[22] B. Lynn, "PBC (Pairing-Based Cryptography) Library," http://crypto.stanford.edupbc/, 2012.
[23] G. Wang, Q. Liu, and J. Wu, "Hierarchical Attribute-Based Encryption for Fine-Grained Access Control in Cloud Storage Services," Proc. 17th ACM Conf. Computer and Comm. Security (CCS '10), pp. 735-737, 2010.
4 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool