Research article

Secure access control using updateable attribute keys


  • Received: 09 April 2022 Revised: 15 July 2022 Accepted: 01 August 2022 Published: 09 August 2022
  • In the era of cloud computing, the technique of access control is vital to protect the confidentiality and integrity of cloud data. From the perspective of servers, they should only allow authenticated clients to gain the access of data. Specifically, the server will share a communication channel with the client by generating a common session key. It is thus regarded as a symmetric key for encrypting data in the current channel. An access control mechanism using attribute-based encryptions is most flexible, since the decryption privilege can be granted to the ones who have sufficient attributes. In the paper, the authors propose a secure access control consisting of the attributed-based mutual authentication and the attribute-based encryption. The most appealing property of our system is that the attribute keys associated with each user is periodically updatable. Moreover, we will also show that our system fulfills the security of fuzzy selective-ID assuming the hardness of Decisional Modified Bilinear Diffie-Hellman (DMBDH) problem.

    Citation: Han-Yu Lin, Tung-Tso Tsai, Hong-Ru Wu, Miao-Si Ku. Secure access control using updateable attribute keys[J]. Mathematical Biosciences and Engineering, 2022, 19(11): 11367-11379. doi: 10.3934/mbe.2022529

    Related Papers:

  • In the era of cloud computing, the technique of access control is vital to protect the confidentiality and integrity of cloud data. From the perspective of servers, they should only allow authenticated clients to gain the access of data. Specifically, the server will share a communication channel with the client by generating a common session key. It is thus regarded as a symmetric key for encrypting data in the current channel. An access control mechanism using attribute-based encryptions is most flexible, since the decryption privilege can be granted to the ones who have sufficient attributes. In the paper, the authors propose a secure access control consisting of the attributed-based mutual authentication and the attribute-based encryption. The most appealing property of our system is that the attribute keys associated with each user is periodically updatable. Moreover, we will also show that our system fulfills the security of fuzzy selective-ID assuming the hardness of Decisional Modified Bilinear Diffie-Hellman (DMBDH) problem.



    加载中


    [1] M. Lim, C2CFTP: direct and indirect file transfer protocols between clients in client-server architecture, IEEE Access, 8 (2020), 102833–102845. https://doi.org/10.1109/ACCESS.2020.2998725 doi: 10.1109/ACCESS.2020.2998725
    [2] H. Nishida, T. Nguyen, Optimal client-server assignment for internet distributed systems, IEEE Trans. Parallel Distrib. Syst., 24 (2013), 565–575. https://doi.org/10.1109/TPDS.2012.169 doi: 10.1109/TPDS.2012.169
    [3] R. Padilha, F. Pedone, Confidentiality in the cloud, IEEE Secur. Privacy, 13 (2015), 57–60. https://doi.org/10.1109/MSP.2015.4 doi: 10.1109/MSP.2015.4
    [4] C. K. D. S. Rodrigues, V. Rocha, Towards blockchain for suitable efficiency and data integrity of iot ecosystem transactions, IEEE Lat. Am. Trans., 19 (2021), 1199–1206. https://doi.org/10.1109/TLA.2021.9461849 doi: 10.1109/TLA.2021.9461849
    [5] J. Seto, Y. Wang, X. Lin, User-habit-oriented authentication model: toward secure, user-friendly authentication for mobile devices, IEEE Trans. Emerging Top. Comput., 3 (2015), 107–118. https://doi.org/10.1109/TETC.2014.2379991 doi: 10.1109/TETC.2014.2379991
    [6] L. Lamport, Password authentication with insecure communication, Commun. ACM, 24 (1981), 770–772. https://doi.org/10.1145/358790.358797 doi: 10.1145/358790.358797
    [7] C. L. Lin, H. M. Sun, T. Hwang, Attacks and solutions on strong-password authentication, IEICE Trans. Commun., E84-B (2001), 2622–2627.
    [8] M. L. Das, A. Saxana, V. P. Gulati, A dynamic ID-based remote user authentication scheme, IEEE Trans. Consum. Electron., 50 (2004), 629–631. https://doi.org/10.1109/TCE.2004.1309441 doi: 10.1109/TCE.2004.1309441
    [9] Y. Y. Wang, J. Y. Liu, F. X. Xiao, J. Dan, A more efficient and secure dynamic ID-based remote user authentication scheme, Comput. Commun., 32 (2009), 583–585. https://doi.org/10.1016/j.comcom.2008.11.008 doi: 10.1016/j.comcom.2008.11.008
    [10] M. K. Khan, S. K. Kim, K. Alghathbar, Cryptanalysis and security enhancement of a more efficient and secure dynamic ID-based remote user authentication scheme, Comput. Commun., 34 (2011), 305–309. https://doi.org/10.1016/j.comcom.2010.02.011 doi: 10.1016/j.comcom.2010.02.011
    [11] K. Liang, W. Susilo, Searchable attribute-based mechanism with efficient data sharing for secure cloud storage, IEEE Trans. Inf. Forensics Secur., 10 (2015), 1981–1992. https://doi.org/10.1109/TIFS.2015.2442215 doi: 10.1109/TIFS.2015.2442215
    [12] L. Zhang, J. Zhang, Y. Mu, Novel leakage-resilient attribute-based encryption from hash proof system, Comput. J., 60 (2017), 541–554. https://doi.org/10.1093/comjnl/bxw070 doi: 10.1093/comjnl/bxw070
    [13] C. Lan, C. Wang, H. Li, L. Liu, Comments on attribute-based data sharing scheme revisited in cloud computing, IEEE Trans. Inf. Forensics Secur., 16 (2021), 2579–2580. https://doi.org/10.1109/TIFS.2021.3058758 doi: 10.1109/TIFS.2021.3058758
    [14] M. Joshi, K. P. Joshi, T. Finin, Delegated authorization framework for EHR services using attribute-based encryption, IEEE Trans. Serv. Comput., 14 (2021), 1612–1623. https://doi.org/10.1109/TSC.2019.2917438 doi: 10.1109/TSC.2019.2917438
    [15] J. Sun, H. Xiong, X. Nie, Y. Zhang, P. Wu, On the security of privacy-preserving attribute-based keyword search in shared multi-owner setting, IEEE Trans. Dependable Secure Comput., 18 (2021), 2518–2519. https://doi.org/10.1109/TDSC.2019.2953744 doi: 10.1109/TDSC.2019.2953744
    [16] Q. Huang, Z. Ma, Y. Yang, X. Niu, J. Fu, Attribute based DRM scheme with dynamic usage control in cloud computing, China Commun., 11 (2014), 50–63. https://doi.org/10.1109/CC.2014.6827568 doi: 10.1109/CC.2014.6827568
    [17] Q. Xu, C. Tan, Z. Fan, W. Zhu, Y. Xiao, F. Cheng, Secure multi-authority data access control scheme in cloud storage system based on attribute-based signcryption, IEEE Access, 6 (2018), 34051–34074. https://doi.org/10.1109/ACCESS.2018.2844829 doi: 10.1109/ACCESS.2018.2844829
    [18] Y. Miao, J. Ma, X. Liu, X. Li, Z. Liu, H. Li, Practical attribute-based multi-keyword search scheme in mobile crowdsourcing, IEEE Internet Things J., 5 (2018), 3008–3018. https://doi.org/10.1109/JIOT.2017.2779124 doi: 10.1109/JIOT.2017.2779124
    [19] S. Zhu, L. Zhan, H. Qiang, D. Fu, W. Sun, Y. Tang, A fuzzy attribute-based authentication scheme on the basis of Lagrange polynomial interpolation, in Proceedings of International Conference on Human Centered Computing (HCC'14), (2014), 685–692. https://doi.org/10.1007/978-3-319-15554-8_57
    [20] J. P. Yun, H. Kim, D. H. Lee, An improved fuzzy attribute-based authentication, in Proceedings of 2015 5th International Conference on IT Convergence and Security (ICITCS'15), (2015), 1–5. https://doi.org/10.1109/ICITCS.2015.7292946
    [21] H. Y. Lin, P. Y. Ting, H. R. Wu, An attribute-based mutual authentication scheme with time-bounded keys, in Proceedings of the 2019 the 3rd International Conference on Telecommunications and Communication Engineering (ICTCE 2019), (2019), 75–79. https://doi.org/10.1145/3369555.3369568
    [22] J. Hao, J. Liu, H. Wang, L. Liu, M. Xian, X. Shen, Efficient attribute-based access control with authorized search in cloud storage, IEEE Access, 7 (2019), 182772–182783. https://doi.org/10.1109/ACCESS.2019.2906726 doi: 10.1109/ACCESS.2019.2906726
    [23] Y. Xie, H. Wen, B. Wu, Y. Jiang, J. Meng, A modified hierarchical attribute-based encryption access control method for mobile cloud computing, IEEE Trans. Cloud Comput., 7 (2019), 383–391. https://doi.org/10.1109/TCC.2015.2513388 doi: 10.1109/TCC.2015.2513388
    [24] S. Roy, A. K. Das, S. Chatterjee, N. Kumar, S. Chattopadhyay, J. J. P. C. Rodrigues, Provably secure fine-grained data access control over multiple cloud servers in mobile cloud computing based healthcare applications, IEEE Trans. Ind. Inf., 15 (2019), 457–468. https://doi.org/10.1109/TⅡ.2018.2824815 doi: 10.1109/TⅡ.2018.2824815
    [25] J. Hong, K. Xue, Y. Xue, W. Chen, D. S. L. Wei, N. Yu, et al., TAFC: time and attribute factors combined access control for time-sensitive data in public cloud, IEEE Trans. Serv. Comput., 13 (2020), 158–171. https://doi.org/10.1109/TSC.2017.2682090 doi: 10.1109/TSC.2017.2682090
    [26] H. Ma, R. Zhang, S. Sun, Z. Song, G. Tan, Server-aided fine-grained access control mechanism with robust revocation in cloud computing, IEEE Trans. Serv. Comput., 15 (2022), 164–173. https://doi.org/10.1109/TSC.2019.2925028 doi: 10.1109/TSC.2019.2925028
    [27] A. Candan, An efficient filtering structure for Lagrange interpolation, IEEE Signal Process Lett., 14 (2007), 17–19. https://doi.org/10.1109/LSP.2006.881528 doi: 10.1109/LSP.2006.881528
    [28] Z. Ergul, I. Bosch, L. Gurel, Two-step lagrange interpolation method for the multilevel fast multipole algorithm, IEEE Antennas Wirel. Propag. Lett., 8 (2009), 69–71. https://doi.org/10.1109/LAWP.2008.2011063 doi: 10.1109/LAWP.2008.2011063
    [29] S. D. Galbraith, K. G. Paterson, N. P. Smart, Pairings for cryptographers, Discrete Appl. Math., 156 (2008), 3113–3121. https://doi.org/10.1016/J.DAM.2007.12.010 doi: 10.1016/J.DAM.2007.12.010
    [30] R. C. Márquez, A. J. C. Sarmiento, S. Sánchez-Solano, Implementing cryptographic pairings on ARM dual-core processors, IEEE Lat. Am. Trans., 18 (2020), 232–240. https://doi.org/10.1109/TLA.2020.9085275 doi: 10.1109/TLA.2020.9085275
    [31] J. S. Balakrishnan, A. Besser, Computing local p-adic height pairings on hyperelliptic curves, Int. Math. Res. Not., 2012 (2012), 2405–2444. https://doi.org/10.1093/imrn/rnr111 doi: 10.1093/imrn/rnr111
  • Reader Comments
  • © 2022 the Author(s), licensee AIMS Press. This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0)
通讯作者: 陈斌, bchen63@163.com
  • 1. 

    沈阳化工大学材料科学与工程学院 沈阳 110142

  1. 本站搜索
  2. 百度学术搜索
  3. 万方数据库搜索
  4. CNKI搜索

Metrics

Article views(1407) PDF downloads(45) Cited by(0)

Article outline

Figures and Tables

Figures(1)  /  Tables(3)

Other Articles By Authors

/

DownLoad:  Full-Size Img  PowerPoint
Return
Return

Catalog