How to use attribute-based encryption to implement role-based access control in the cloud

Yan Zhu, Di Ma, Chang Jun Hu, Dijiang Huang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

12 Scopus citations

Abstract

This paper addresses how to construct a RBAC-compatible attribute-based encryption (ABE) for secure cloud storage, which provides a user-friendly and easy-to-manage security mechanism without user intervention. Similar to role hierarchy in RBAC, attribute lattice introduced into ABE is used to define a seniority relation among all values of an attribute, whereby a user holding the senior attribute values acquires permissions of their juniors. Based on these notations, we present a new ABE scheme called Attribute-Based Encryption with Attribute Lattice (ABE-AL) that provides an efficient approach to implement comparison operations between attribute values on a poset derived from attribute lattice. By using bilinear groups of composite order, we propose a practical construction of ABE-AL based on forward and backward derivation functions. Compared with prior solutions, our scheme offers a compact policy representation solution, which can significantly reduce the size of privatekeys and ciphertexts. Furthermore, our solution provides a richer expressive power of access policies to facilitate flexible access control for ABE scheme.

Original languageEnglish (US)
Title of host publicationCloud Computing 2013 - Proceedings of the 2013 International Workshop on Security in Cloud Computing
Pages33-40
Number of pages8
DOIs
StatePublished - Jun 7 2013
Event2013 1st International Workshop on Security in Cloud Computing, Cloud Computing 2013 - Hangzhou, China
Duration: May 8 2013May 8 2013

Publication series

NameCloud Computing 2013 - Proceedings of the 2013 International Workshop on Security in Cloud Computing

Conference

Conference2013 1st International Workshop on Security in Cloud Computing, Cloud Computing 2013
CountryChina
CityHangzhou
Period5/8/135/8/13

    Fingerprint

Keywords

  • attribute lattice
  • attribute-based encryption
  • cloud security
  • partial order
  • rbac model

ASJC Scopus subject areas

  • Software

Cite this

Zhu, Y., Ma, D., Hu, C. J., & Huang, D. (2013). How to use attribute-based encryption to implement role-based access control in the cloud. In Cloud Computing 2013 - Proceedings of the 2013 International Workshop on Security in Cloud Computing (pp. 33-40). (Cloud Computing 2013 - Proceedings of the 2013 International Workshop on Security in Cloud Computing). https://doi.org/10.1145/2484402.2484411