Visible to the public Biblio

Filters: Keyword is policy revocation  [Clear All Filters]
2021-05-26
Wah Myint, Phyo Wah, Hlaing, Swe Zin, Htoon, Ei Chaw.  2020.  EAC: Encryption Access Control Scheme for Policy Revocation in Cloud Data. 2020 International Conference on Advanced Information Technologies (ICAIT). :182—187.

Since a lot of information is outsourcing into cloud servers, data confidentiality becomes a higher risk to service providers. To assure data security, Ciphertext Policy Attributes-Based Encryption (CP-ABE) is observed for the cloud environment. Because ciphertexts and secret keys are relying on attributes, the revocation issue becomes a challenge for CP-ABE. This paper proposes an encryption access control (EAC) scheme to fulfill policy revocation which covers both attribute and user revocation. When one of the attributes in an access policy is changed by the data owner, the authorized users should be updated immediately because the revoked users who have gained previous access policy can observe the ciphertext. Especially for data owners, four types of updating policy levels are predefined. By classifying those levels, each secret token key is distinctly generated for each level. Consequently, a new secret key is produced by hashing the secret token key. This paper analyzes the execution times of key generation, encryption, and decryption times between non-revocation and policy revocation cases. Performance analysis for policy revocation is also presented in this paper.

2020-08-17
Myint, Phyo Wah Wah, Hlaing, Swe Zin, Htoon, Ei Chaw.  2019.  Policy-based Revolutionary Ciphertext-policy Attributes-based Encryption. 2019 International Conference on Advanced Information Technologies (ICAIT). :227–232.
Ciphertext-policy Attributes-based Encryption (CP-ABE) is an encouraging cryptographic mechanism. It behaves an access control mechanism for data security. A ciphertext and secret key of user are dependent upon attributes. As a nature of CP-ABE, the data owner defines access policy before encrypting plaintext by his right. Therefore, CP-ABE is suitable in a real environment. In CP-ABE, the revocation issue is demanding since each attribute is shared by many users. A policy-based revolutionary CP-ABE scheme is proposed in this paper. In the proposed scheme, revocation takes place in policy level because a policy consists of threshold attributes and each policy is identified as a unique identity number. Policy revocation means that the data owner updates his policy identity number for ciphertext whenever any attribute is changed in his policy. To be a flexible updating policy control, four types of updating policy levels are identified for the data owner. Authorized user gets a secret key from a trusted authority (TA). TA updates the secret key according to the policy updating level done by the data owner. This paper tests personal health records (PHRs) and analyzes execution times among conventional CP-ABE, other enhanced CP-ABE and the proposed scheme.