Attribute-based encryption is drawing more attention with its inherent attractive properties which are potential to be widely used in the newly developing cloud computing. However, one of the main obstacles for its ap...Attribute-based encryption is drawing more attention with its inherent attractive properties which are potential to be widely used in the newly developing cloud computing. However, one of the main obstacles for its application is how to revoke the attributes of the users, though some ABE schemes have realized revocation, they mostly focused on the user revocation that revokes the user's whole attributes, or attribute revocation under the indirect revocation model such that all the users' private keys will be affected by the revocation. In this paper, we define the model of CP-ABE supporting the attribute revocation under the direct revocation model, in which the revocation list is embed in the ciphertext and none of the users' private keys will be affected by the revocation process. Then we propose a generic construction, and prove its security with the decision q-BDHE assumption.展开更多
The advent of the digital age has consistently provided impetus for facilitating global trade,as evidenced by the numerous customs clearance documents and participants involved in the international trade process,inclu...The advent of the digital age has consistently provided impetus for facilitating global trade,as evidenced by the numerous customs clearance documents and participants involved in the international trade process,including enterprises,agents,and government departments.However,the urgent issue that requires immediate attention is how to achieve secure and efficient cross-border data sharing among these government departments and enterprises in complex trade processes.In addressing this need,this paper proposes a data exchange architecture employing Multi-Authority Attribute-Based Encryption(MA-ABE)in combination with blockchain technology.This scheme supports proxy decryption,attribute revocation,and policy update,while allowing each participating entity to manage their keys autonomously,ensuring system security and enhancing trust among participants.In order to enhance system decentralization,a mechanism has been designed in the architecture where multiple institutions interact with smart contracts and jointly participate in the generation of public parameters.Integration with the multi-party process execution engine Caterpillar has been shown to boost the transparency of cross-border information flow and cooperation between different organizations.The scheme ensures the auditability of data access control information and the visualization of on-chain data sharing.The MA-ABE scheme is statically secure under the q-Decisional Parallel Bilinear Diffie-Hellman Exponent(q-DPBDHE2)assumption in the random oracle model,and can resist ciphertext rollback attacks to achieve true backward and forward security.Theoretical analysis and experimental results demonstrate the appropriateness of the scheme for cross-border data collaboration between different institutions.展开更多
The rapid development of personal health records(PHR)systems enables an individual to collect,create,store and share his PHR to authorized entities.Health care systems within the smart city environment require a patie...The rapid development of personal health records(PHR)systems enables an individual to collect,create,store and share his PHR to authorized entities.Health care systems within the smart city environment require a patient to share his PRH data with a multitude of institutions’repositories located in the cloud.The cloud computing paradigm cannot meet such a massive transformative healthcare systems due to drawbacks including network latency,scalability and bandwidth.Fog computing relieves the load of conventional cloud computing by availing intermediate fog nodes between the end users and the remote servers.Assuming a massive demand of PHR data within a ubiquitous smart city,we propose a secure and fog assisted framework for PHR systems to address security,access control and privacy concerns.Built under a fog-based architecture,the proposed framework makes use of efficient key exchange protocol coupled with ciphertext attribute based encryption(CP-ABE)to guarantee confidentiality and fine-grained access control within the system respectively.We also make use of digital signature combined with CP-ABE to ensure the system authentication and users privacy.We provide the analysis of the proposed framework in terms of security and performance.展开更多
文摘Attribute-based encryption is drawing more attention with its inherent attractive properties which are potential to be widely used in the newly developing cloud computing. However, one of the main obstacles for its application is how to revoke the attributes of the users, though some ABE schemes have realized revocation, they mostly focused on the user revocation that revokes the user's whole attributes, or attribute revocation under the indirect revocation model such that all the users' private keys will be affected by the revocation. In this paper, we define the model of CP-ABE supporting the attribute revocation under the direct revocation model, in which the revocation list is embed in the ciphertext and none of the users' private keys will be affected by the revocation process. Then we propose a generic construction, and prove its security with the decision q-BDHE assumption.
基金supported by Hainan Provincial Natural Science Foundation of China Nos.622RC617,624RC485Open Foundation of State Key Laboratory of Networking and Switching Technology(Beijing University of Posts and Telecommunications)(SKLNST-2023-1-07).
文摘The advent of the digital age has consistently provided impetus for facilitating global trade,as evidenced by the numerous customs clearance documents and participants involved in the international trade process,including enterprises,agents,and government departments.However,the urgent issue that requires immediate attention is how to achieve secure and efficient cross-border data sharing among these government departments and enterprises in complex trade processes.In addressing this need,this paper proposes a data exchange architecture employing Multi-Authority Attribute-Based Encryption(MA-ABE)in combination with blockchain technology.This scheme supports proxy decryption,attribute revocation,and policy update,while allowing each participating entity to manage their keys autonomously,ensuring system security and enhancing trust among participants.In order to enhance system decentralization,a mechanism has been designed in the architecture where multiple institutions interact with smart contracts and jointly participate in the generation of public parameters.Integration with the multi-party process execution engine Caterpillar has been shown to boost the transparency of cross-border information flow and cooperation between different organizations.The scheme ensures the auditability of data access control information and the visualization of on-chain data sharing.The MA-ABE scheme is statically secure under the q-Decisional Parallel Bilinear Diffie-Hellman Exponent(q-DPBDHE2)assumption in the random oracle model,and can resist ciphertext rollback attacks to achieve true backward and forward security.Theoretical analysis and experimental results demonstrate the appropriateness of the scheme for cross-border data collaboration between different institutions.
基金the Deanship of Scientific Research at King Saud University for funding this work through Vice Deanship of Scientific Research Chairs:Chair of Pervasive and Mobile Computing.
文摘The rapid development of personal health records(PHR)systems enables an individual to collect,create,store and share his PHR to authorized entities.Health care systems within the smart city environment require a patient to share his PRH data with a multitude of institutions’repositories located in the cloud.The cloud computing paradigm cannot meet such a massive transformative healthcare systems due to drawbacks including network latency,scalability and bandwidth.Fog computing relieves the load of conventional cloud computing by availing intermediate fog nodes between the end users and the remote servers.Assuming a massive demand of PHR data within a ubiquitous smart city,we propose a secure and fog assisted framework for PHR systems to address security,access control and privacy concerns.Built under a fog-based architecture,the proposed framework makes use of efficient key exchange protocol coupled with ciphertext attribute based encryption(CP-ABE)to guarantee confidentiality and fine-grained access control within the system respectively.We also make use of digital signature combined with CP-ABE to ensure the system authentication and users privacy.We provide the analysis of the proposed framework in terms of security and performance.
