Light weight and fine-grained access mechanism for secure access to outsourced data*

Mosarrat Jahan, Suranga Seneviratne, Partha Sarathi Roy, Kouichi Sakurai, Aruna Seneviratne, Sanjay Jha

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

In this paper, we explore the problem of providing selective read/write access to the outsourced data for clients using mobile devices in an environment that supports users from multiple domains and where attributes are generated by multiple authorities. We consider Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it can provide access control on encrypted outsourced data. One limitation of CP-ABE is that the users can modify the access policy specified by the data owner if write operations are introduced in the scheme. We propose a protocol for providing different levels of access to outsourced data that permits the authorized users to perform write operation without altering the access policy specified by the data owner. Our scheme provides fine-grained read/write access to the users, accompanied with a light weight signature scheme and computationally inexpensive user revocation mechanism suitable for resource-constrained mobile devices. We provide a theoretical analysis of the security of the proposed protocol and the experimental results measured from a real-world testbed.

Original languageEnglish
JournalConcurrency Computation
DOIs
Publication statusAccepted/In press - Jan 1 2018

Fingerprint

Mobile devices
Cryptography
Network protocols
Testbeds
Access control
Attribute
Mobile Devices
Encryption
Revocation
Signature Scheme
Access Control
Testbed
Theoretical Analysis
Resources
Policy
Experimental Results

All Science Journal Classification (ASJC) codes

  • Software
  • Theoretical Computer Science
  • Computer Science Applications
  • Computer Networks and Communications
  • Computational Theory and Mathematics

Cite this

Light weight and fine-grained access mechanism for secure access to outsourced data*. / Jahan, Mosarrat; Seneviratne, Suranga; Roy, Partha Sarathi; Sakurai, Kouichi; Seneviratne, Aruna; Jha, Sanjay.

In: Concurrency Computation, 01.01.2018.

Research output: Contribution to journalArticle

Jahan, Mosarrat ; Seneviratne, Suranga ; Roy, Partha Sarathi ; Sakurai, Kouichi ; Seneviratne, Aruna ; Jha, Sanjay. / Light weight and fine-grained access mechanism for secure access to outsourced data*. In: Concurrency Computation. 2018.
@article{1b9401faf3b44611b4cf518be4380b19,
title = "Light weight and fine-grained access mechanism for secure access to outsourced data*",
abstract = "In this paper, we explore the problem of providing selective read/write access to the outsourced data for clients using mobile devices in an environment that supports users from multiple domains and where attributes are generated by multiple authorities. We consider Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it can provide access control on encrypted outsourced data. One limitation of CP-ABE is that the users can modify the access policy specified by the data owner if write operations are introduced in the scheme. We propose a protocol for providing different levels of access to outsourced data that permits the authorized users to perform write operation without altering the access policy specified by the data owner. Our scheme provides fine-grained read/write access to the users, accompanied with a light weight signature scheme and computationally inexpensive user revocation mechanism suitable for resource-constrained mobile devices. We provide a theoretical analysis of the security of the proposed protocol and the experimental results measured from a real-world testbed.",
author = "Mosarrat Jahan and Suranga Seneviratne and Roy, {Partha Sarathi} and Kouichi Sakurai and Aruna Seneviratne and Sanjay Jha",
year = "2018",
month = "1",
day = "1",
doi = "10.1002/cpe.4736",
language = "English",
journal = "Concurrency Computation Practice and Experience",
issn = "1532-0626",
publisher = "John Wiley and Sons Ltd",

}

TY - JOUR

T1 - Light weight and fine-grained access mechanism for secure access to outsourced data*

AU - Jahan, Mosarrat

AU - Seneviratne, Suranga

AU - Roy, Partha Sarathi

AU - Sakurai, Kouichi

AU - Seneviratne, Aruna

AU - Jha, Sanjay

PY - 2018/1/1

Y1 - 2018/1/1

N2 - In this paper, we explore the problem of providing selective read/write access to the outsourced data for clients using mobile devices in an environment that supports users from multiple domains and where attributes are generated by multiple authorities. We consider Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it can provide access control on encrypted outsourced data. One limitation of CP-ABE is that the users can modify the access policy specified by the data owner if write operations are introduced in the scheme. We propose a protocol for providing different levels of access to outsourced data that permits the authorized users to perform write operation without altering the access policy specified by the data owner. Our scheme provides fine-grained read/write access to the users, accompanied with a light weight signature scheme and computationally inexpensive user revocation mechanism suitable for resource-constrained mobile devices. We provide a theoretical analysis of the security of the proposed protocol and the experimental results measured from a real-world testbed.

AB - In this paper, we explore the problem of providing selective read/write access to the outsourced data for clients using mobile devices in an environment that supports users from multiple domains and where attributes are generated by multiple authorities. We consider Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it can provide access control on encrypted outsourced data. One limitation of CP-ABE is that the users can modify the access policy specified by the data owner if write operations are introduced in the scheme. We propose a protocol for providing different levels of access to outsourced data that permits the authorized users to perform write operation without altering the access policy specified by the data owner. Our scheme provides fine-grained read/write access to the users, accompanied with a light weight signature scheme and computationally inexpensive user revocation mechanism suitable for resource-constrained mobile devices. We provide a theoretical analysis of the security of the proposed protocol and the experimental results measured from a real-world testbed.

UR - http://www.scopus.com/inward/record.url?scp=85052368223&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85052368223&partnerID=8YFLogxK

U2 - 10.1002/cpe.4736

DO - 10.1002/cpe.4736

M3 - Article

JO - Concurrency Computation Practice and Experience

JF - Concurrency Computation Practice and Experience

SN - 1532-0626

ER -