计算机科学
加密
广播加密
云计算
密文
基于属性的加密
计算机安全
数据共享
计算机网络
客户端加密
访问控制
动态加密
公钥密码术
操作系统
病理
替代医学
医学
作者
Hua Deng,Jixin Zhang,Zheng Qin,Qianhong Wu,Hui Yin,Aniello Castiglione
标识
DOI:10.1109/tdsc.2021.3080282
摘要
Cloud storage services allow data owners to outsource their potentially sensitive data (e.g., private genome data) to remote cloud servers in a ciphertext form. To enable data owners to further share the data encrypted in ciphertexts, many proxy re-encryption (PRE) schemes are proposed. However, most schemes only support single-recipient or coarse-grained re-encryption, which may limit the flexibility for data sharing. To address this issue, we propose a Policy-based Broadcast Access Authorization (PBAA) scheme by introducing the well-established identity-based broadcast encryption (IBBE) and key-policy attribute-based encryption into PRE. In our PBAA scheme, a data owner can apply IBBE to encrypt his data to a group of recipients. More importantly, the data owner can generate a delegation key with an access policy, and send this key to the cloud such that it can convert any initial ciphertext satisfying the access policy into a new ciphertext for a new group of recipients. With these features, cloud users can share their remote data in a secure and flexible way. Security analysis and performance evaluation show that the PBAA scheme is secure and efficient, respectively.
科研通智能强力驱动
Strongly Powered by AbleSci AI