Skip to main content
placeholder image

Attribute-Based Hierarchical Access Control With Extendable Policy

Journal Article


Abstract


  • Attribute-based encryption scheme is a promising mechanism to realize one-to-many fine-grained access control which strengthens the security in cloud computing. However, massive amounts of data and various data sharing requirements bring great challenges to the complex but isolated and fixed access structures in most of the existing attribute-based encryption schemes. In this paper, we propose an attribute-based hierarchical encryption scheme with extendable policy, called Extendable Hierarchical Ciphertext-Policy Attribute-Based Encryption (EH-CP-ABE), to improve the data sharing efficiency and security simultaneously. The scheme realizes the function of hierarchical encryption, in which, data with hierarchical access control relationships could be encrypted together flexibly to improve the efficiency. The scheme also achieves external and internal extension of the access structure to further encrypt newly added hierarchical data without updating the original ciphertexts or with only a minor update depending on the data sharing requirements, which simplifies the encryption process and greatly reduces the computation overhead. We formally prove the security of the scheme is IND-CCA secure in the random oracle model based on bilinear Diffie-Hellman assumption, and we also implement our scheme to demonstrate its efficiency and practicality.

Publication Date


  • 2022

Citation


  • Xiao, M., Li, H., Huang, Q., Yu, S., & Susilo, W. (2022). Attribute-Based Hierarchical Access Control With Extendable Policy. IEEE Transactions on Information Forensics and Security, 17, 1868-1883. doi:10.1109/TIFS.2022.3173412

Scopus Eid


  • 2-s2.0-85130647606

Start Page


  • 1868

End Page


  • 1883

Volume


  • 17

Abstract


  • Attribute-based encryption scheme is a promising mechanism to realize one-to-many fine-grained access control which strengthens the security in cloud computing. However, massive amounts of data and various data sharing requirements bring great challenges to the complex but isolated and fixed access structures in most of the existing attribute-based encryption schemes. In this paper, we propose an attribute-based hierarchical encryption scheme with extendable policy, called Extendable Hierarchical Ciphertext-Policy Attribute-Based Encryption (EH-CP-ABE), to improve the data sharing efficiency and security simultaneously. The scheme realizes the function of hierarchical encryption, in which, data with hierarchical access control relationships could be encrypted together flexibly to improve the efficiency. The scheme also achieves external and internal extension of the access structure to further encrypt newly added hierarchical data without updating the original ciphertexts or with only a minor update depending on the data sharing requirements, which simplifies the encryption process and greatly reduces the computation overhead. We formally prove the security of the scheme is IND-CCA secure in the random oracle model based on bilinear Diffie-Hellman assumption, and we also implement our scheme to demonstrate its efficiency and practicality.

Publication Date


  • 2022

Citation


  • Xiao, M., Li, H., Huang, Q., Yu, S., & Susilo, W. (2022). Attribute-Based Hierarchical Access Control With Extendable Policy. IEEE Transactions on Information Forensics and Security, 17, 1868-1883. doi:10.1109/TIFS.2022.3173412

Scopus Eid


  • 2-s2.0-85130647606

Start Page


  • 1868

End Page


  • 1883

Volume


  • 17