Data Sharing on Untrusted Storage with Attribute-Based Encryption

Yu, Shucheng

13 July 2010

"Storing data on untrusted storage makes secure data sharing a challenge issue. On one hand, data access policies should be enforced on these storage servers; on the other hand, confidentiality of sensitive data should be well protected against them. Cryptographic methods are usually applied to address this issue -- only encrypted data are stored on storage servers while retaining secret key(s) to the data owner herself; user access is granted by issuing the corresponding data decryption keys. The main challenges for cryptographic methods include simultaneously achieving system scalability and fine-grained data access control, efficient key/user management, user accountability and etc. To address these challenge issues, this dissertation studies and enhances a novel public-key cryptography -- attribute-based encryption (ABE), and applies it for fine-grained data access control on untrusted storage. The first part of this dissertation discusses the necessity of applying ABE to secure data sharing on untrusted storage and addresses several security issues for ABE. More specifically, we propose three enhancement schemes for ABE: In the first enhancement scheme, we focus on how to revoke users in ABE with the help of untrusted servers. In this work, we enable the data owner to delegate most computation-intensive tasks pertained to user revocation to untrusted servers without disclosing data content to them. In the second enhancement scheme, we address key abuse attacks in ABE, in which authorized but malicious users abuse their access privileges by sharing their decryption keys with unauthorized users. Our proposed scheme makes it possible for the data owner to efficiently disclose the original key owner's identity merely by checking the input and output of a suspicious user's decryption device. Our third enhancement schemes study the issue of privacy preservation in ABE. Specifically, our proposed schemes hide the data owner's access policy not only to the untrusted servers but also to all the users. The second part presents our ABE-based secure data sharing solutions for two specific applications -- Cloud Computing and Wireless Sensor Networks (WSNs). In Cloud Computing cloud servers are usually operated by third-party providers, which are almost certain to be outside the trust domain of cloud users. To secure data storage and sharing for cloud users, our proposed scheme lets the data owner (also a cloud user) generate her own ABE keys for data encryption and take the full control on key distribution/revocation. The main challenge in this work is to make the computation load affordable to the data owner and data consumers (both are cloud users). We address this challenge by uniquely combining various computation delegation techniques with ABE and allow both the data owner and data consumers to securely mitigate most computation-intensive tasks to cloud servers which are envisaged to have unlimited resources. In WSNs, wireless sensor nodes are often unattendedly deployed in the field and vulnerable to strong attacks such as memory breach. For securing storage and sharing of data on distributed storage sensor nodes while retaining data confidentiality, sensor nodes encrypt their collected data using ABE public keys and store encrypted data on storage nodes. Authorized users are given corresponding decryption keys to read data. The main challenge in this case is that sensor nodes are extremely resource-constrained and can just afford limited computation/communication load. Taking this into account we divide the lifetime of sensor nodes into phases and distribute the computation tasks into each phase. We also revised the original ABE scheme to make the overhead pertained to user revocation minimal for sensor nodes. Feasibility of the scheme is demonstrated by experiments on real sensor platforms. "

Secure Data Sharing

Access Control

Untrusted Storage

Cloud Computing

Attribute-Based Encryption

Achieving secure and efficient access control of personal health records in a storage cloud

Binbusayyis, Adel

January 2017

A personal health record (PHR) contains health data about a patient, which is maintained by the patient. Patients may share their PHR data with a wide range of users such as healthcare providers and researchers through the use of a third party such as a cloud service provider. To protect the confidentiality of the data and to facilitate access by authorized users, patients use Attribute-Based Encryption (ABE) to encrypt the data before uploading it onto the cloud servers. With ABE, an access policy is defined based on users' attributes such as a doctor in a particular hospital, or a researcher in a particular university, and the encrypted data can only be decrypted if and only if a user's attributes comply with the access policy attached to a data object. Our critical analysis of the related work in the literature shows that existing ABE based access control frameworks used for sharing PHRs in a storage cloud can be enhanced in terms of scalability and security. With regard to scalability, most existing ABE based access control frameworks rely on the use of a single attribute authority to manage all users, making the attribute authority into a potential bottleneck regarding performance and security. With regard to security, the existing ABE based access control frameworks assume that all users have the same level of trust (i.e. they are equally trustworthy) and all PHR data files have the same sensitivity level, which means that the same protection level is provided. However, in our analysis of the problem context, we have observed that this assumption may not always be valid. Some data, such as patients' personal details and certain diseases, is more sensitive than other data, such as anonymised data. Access to more sensitive data should be governed by more stringent access control measures. This thesis presents our work in rectifying the two limitations highlighted above. In doing so, we have made two novel contributions. The first is the design and evaluation of a Hierarchical Attribute-Based Encryption (HABE) framework for sharing PHRs in a storage cloud. The HABE framework can spread the key management overheads imposed on a single attribute authority tasked with the management of all the users into multiple attribute authorities. This is achieved by (1) classifying users into different groups (called domains) such as healthcare, education, etc., (2) making use of multiple attribute authorities in each domain, (3) structuring the multiple attribute authorities in each domain in a hierarchical manner, and (4) allowing each attribute authority to be responsible for managing particular users in a specific domain, e.g. a hospital or a university. The HABE framework has been analyzed and evaluated in term of security and performance. The security analysis demonstrates that the HABE framework is resistant to a host of security attacks including user collusions. The performance has been analyzed in terms of computational and communication overheads and the results show that the HABE framework is more efficient and scalable than the most relevant comparable work. The second novel contribution is the design and evaluation of a Trust-Aware HABE (Trust+HABE) framework, which is an extension of the HABE framework. This framework is also intended for sharing PHRs in a storage cloud. The Trust+HABE framework is designed to enhance security in terms of protecting access to sensitive PHR data while keeping the overhead costs as low as possible. The idea used here is that we classify PHR data into different groups, each with a distinctive sensitivity level. A user requesting data from a particular group (with a given sensitivity level) must demonstrate that his/her trust level is not lower than the data sensitivity level (i.e. trust value vs data sensitivity verification). A user's trust level is derived based on a number of trust-affecting factors, such as his/her behaviour history and the authentication token type used to identify him/herself etc. For accessing data at the highest sensitivity level, users are required to get special permissions from the data owners (i.e. the patients who own the data), in addition to trust value vs data sensitivity verification. In this way, the framework not only adapts its protection level (in imposing access control) in response to the data sensitivity levels, but also provides patients with more fine-grained access control to their PHR data. The Trust+HABE framework is also analysed and evaluated in term of security and performance. The performance results from the Trust+HABE framework are compared against the HABE framework. The comparison shows that the additional computational, communication, and access delay costs introduced as the result of using the trust-aware approach to access control in this context are not significant compared with computational, communication, and access delay costs of the HABE framework.

004

Applying Attribute-Based Encryption in Two-Way Radio Talk Groups: A Feasibility Study

Gough, Michael Andreas

01 May 2018

In two-way radio systems, talk groups are used to organize communication. Some situations may call for creating a temporary talk group, but there are no straightforward ways to do this. Making a new talk group requires programming radios off-line. Temporary groups can be created, but this requires inputting radio IDs which is tedious on a radio's limited controls. By describing group members using attributes, ciphertext-policy attribute-based encryption (CP-ABE) can be used to quickly create sub-groups of a talk group. This scheme requires fewer button presses and messages sent in the new talk group are kept secret. CP-ABE can be used on deployed hardware, but performance varies with the type of embedded processor and the number of attributes used. Because radio communication is time-critical, care must be taken not to introduce too much audio delay. By using benchmark programs on a variety of single-board computers, we explore the limits of using CP-ABE on a two-way radio.

encryption

two-way radio communication

attribute-based encryption

embedded hardware

talk groups

Electrical and Computer Engineering

Secure Schemes for Semi-Trusted Environment

Tassanaviboon, Anuchart

January 2011

In recent years, two distributed system technologies have emerged: Peer-to-Peer (P2P) and cloud computing. For the former, the computers at the edge of networks share their resources, i.e., computing power, data, and network bandwidth, and obtain resources from other peers in the same community. Although this technology enables efficiency, scalability, and availability at low cost of ownership and maintenance, peers defined as ``like each other'' are not wholly controlled by one another or by the same authority. In addition, resources and functionality in P2P systems depend on peer contribution, i.e., storing, computing, routing, etc. These specific aspects raise security concerns and attacks that many researchers try to address. Most solutions proposed by researchers rely on public-key certificates from an external Certificate Authority (CA) or a centralized Public Key Infrastructure (PKI). However, both CA and PKI are contradictory to fully decentralized P2P systems that are self-organizing and infrastructureless. To avoid this contradiction, this thesis concerns the provisioning of public-key certificates in P2P communities, which is a crucial foundation for securing P2P functionalities and applications. We create a framework, named the Self-Organizing and Self-Healing CA group (SOHCG), that can provide certificates without a centralized Trusted Third Party (TTP). In our framework, a CA group is initialized in a Content Addressable Network (CAN) by trusted bootstrap nodes and then grows to a mature state by itself. Based on our group management policies and predefined parameters, the membership in a CA group is dynamic and has a uniform distribution over the P2P community; the size of a CA group is kept to a level that balances performance and acceptable security. The muticast group over an underlying CA group is constructed to reduce communication and computation overhead from collaboration among CA members. To maintain the quality of the CA group, the honest majority of members is maintained by a Byzantine agreement algorithm, and all shares are refreshed gradually and continuously. Our CA framework has been designed to meet all design goals, being self-organizing, self-healing, scalable, resilient, and efficient. A security analysis shows that the framework enables key registration and certificate issue with resistance to external attacks, i.e., node impersonation, man-in-the-middle (MITM), Sybil, and a specific form of DoS, as well as internal attacks, i.e., CA functionality interference and CA group subversion. Cloud computing is the most recent evolution of distributed systems that enable shared resources like P2P systems. Unlike P2P systems, cloud entities are asymmetric in roles like client-server models, i.e., end-users collaborate with Cloud Service Providers (CSPs) through Web interfaces or Web portals. Cloud computing is a combination of technologies, e.g., SOA services, virtualization, grid computing, clustering, P2P overlay networks, management automation, and the Internet, etc. With these technologies, cloud computing can deliver services with specific properties: on-demand self-service, broad network access, resource pooling, rapid elasticity, measured services. However, theses core technologies have their own intrinsic vulnerabilities, so they induce specific attacks to cloud computing. Furthermore, since public clouds are a form of outsourcing, the security of users' resources must rely on CSPs' administration. This situation raises two crucial security concerns for users: locking data into a single CSP and losing control of resources. Providing inter-operations between Application Service Providers (ASPs) and untrusted cloud storage is a countermeasure that can protect users from lock-in with a vendor and losing control of their data. To meet the above challenge, this thesis proposed a new authorization scheme, named OAuth and ABE based authorization (AAuth), that is built on the OAuth standard and leverages Ciphertext-Policy Attribute Based Encryption (CP-ABE) and ElGamal-like masks to construct ABE-based tokens. The ABE-tokens can facilitate a user-centric approach, end-to-end encryption and end-to-end authorization in semi-trusted clouds. With these facilities, owners can take control of their data resting in semi-untrusted clouds and safely use services from unknown ASPs. To this end, our scheme divides the attribute universe into two disjointed sets: confined attributes defined by owners to limit the lifetime and scope of tokens and descriptive attributes defined by authority(s) to certify the characteristic of ASPs. Security analysis shows that AAuth maintains the same security level as the original CP-ABE scheme and protects users from exposing their credentials to ASP, as OAuth does. Moreover, AAuth can resist both external and internal attacks, including untrusted cloud storage. Since most cryptographic functions are delegated from owners to CSPs, AAuth gains computing power from clouds. In our extensive simulation, AAuth's greater overhead was balanced by greater security than OAuth's. Furthermore, our scheme works seamlessly with storage providers by retaining the providers' APIs in the usual way.

Security

Cloud Computing

Access Control

Authorization

OAuth

Attribute Based Encryption

Electrical and Computer Engineering

Attribute-Based Proxy Re-Encryption

Chen, Chun-Hung

30 August 2012

Cloud computing has been developed rapidly in recent years, and offers novel concepts and innovations in computer use. One application of cloud computing is that people can designate a proxy to help them to execute a number of tasks in certain situations instead of undertaking all tasks themselves. With this application, people can benefit from the proxy; however, some information is revealed to the proxy, such as their activities, and private data. That is, the proxy is aware of the actions of people through delegation processes, and proxy re-encryption which is a cryptographic primitive has been proposed to solve this problem. In the proxy re-encryption system, when a user (e.g., Alice) wants to send a ciphertext that is encrypted by her secret key and stored in the cloud to another user (e.g., Bob), she can designate a proxy to transform the ciphertext into a different ciphertext that can be decrypted by Bob¡¦s private key. Based on attribute-based encryption and proxy re-encryption, we propose attribute-based proxy re-encryption with bilinear pairing. Furthermore, in the proposed scheme, third paries cannot decrypt the ciphertext if they do no have matching attributes, regardless of being helped by proxy. Finally, we offer security proofs to demonstrate that the proposed scheme satisfies the essential requirements of attribute-based encryption schemes and proxy re-encryption schemes.

Proxy Re-Encryption

Attribute-based encryption

Bilinear pairing

Cryptographic primitive

Cloud computing

Secure Schemes for Semi-Trusted Environment

Tassanaviboon, Anuchart

January 2011

In recent years, two distributed system technologies have emerged: Peer-to-Peer (P2P) and cloud computing. For the former, the computers at the edge of networks share their resources, i.e., computing power, data, and network bandwidth, and obtain resources from other peers in the same community. Although this technology enables efficiency, scalability, and availability at low cost of ownership and maintenance, peers defined as ``like each other'' are not wholly controlled by one another or by the same authority. In addition, resources and functionality in P2P systems depend on peer contribution, i.e., storing, computing, routing, etc. These specific aspects raise security concerns and attacks that many researchers try to address. Most solutions proposed by researchers rely on public-key certificates from an external Certificate Authority (CA) or a centralized Public Key Infrastructure (PKI). However, both CA and PKI are contradictory to fully decentralized P2P systems that are self-organizing and infrastructureless. To avoid this contradiction, this thesis concerns the provisioning of public-key certificates in P2P communities, which is a crucial foundation for securing P2P functionalities and applications. We create a framework, named the Self-Organizing and Self-Healing CA group (SOHCG), that can provide certificates without a centralized Trusted Third Party (TTP). In our framework, a CA group is initialized in a Content Addressable Network (CAN) by trusted bootstrap nodes and then grows to a mature state by itself. Based on our group management policies and predefined parameters, the membership in a CA group is dynamic and has a uniform distribution over the P2P community; the size of a CA group is kept to a level that balances performance and acceptable security. The muticast group over an underlying CA group is constructed to reduce communication and computation overhead from collaboration among CA members. To maintain the quality of the CA group, the honest majority of members is maintained by a Byzantine agreement algorithm, and all shares are refreshed gradually and continuously. Our CA framework has been designed to meet all design goals, being self-organizing, self-healing, scalable, resilient, and efficient. A security analysis shows that the framework enables key registration and certificate issue with resistance to external attacks, i.e., node impersonation, man-in-the-middle (MITM), Sybil, and a specific form of DoS, as well as internal attacks, i.e., CA functionality interference and CA group subversion. Cloud computing is the most recent evolution of distributed systems that enable shared resources like P2P systems. Unlike P2P systems, cloud entities are asymmetric in roles like client-server models, i.e., end-users collaborate with Cloud Service Providers (CSPs) through Web interfaces or Web portals. Cloud computing is a combination of technologies, e.g., SOA services, virtualization, grid computing, clustering, P2P overlay networks, management automation, and the Internet, etc. With these technologies, cloud computing can deliver services with specific properties: on-demand self-service, broad network access, resource pooling, rapid elasticity, measured services. However, theses core technologies have their own intrinsic vulnerabilities, so they induce specific attacks to cloud computing. Furthermore, since public clouds are a form of outsourcing, the security of users' resources must rely on CSPs' administration. This situation raises two crucial security concerns for users: locking data into a single CSP and losing control of resources. Providing inter-operations between Application Service Providers (ASPs) and untrusted cloud storage is a countermeasure that can protect users from lock-in with a vendor and losing control of their data. To meet the above challenge, this thesis proposed a new authorization scheme, named OAuth and ABE based authorization (AAuth), that is built on the OAuth standard and leverages Ciphertext-Policy Attribute Based Encryption (CP-ABE) and ElGamal-like masks to construct ABE-based tokens. The ABE-tokens can facilitate a user-centric approach, end-to-end encryption and end-to-end authorization in semi-trusted clouds. With these facilities, owners can take control of their data resting in semi-untrusted clouds and safely use services from unknown ASPs. To this end, our scheme divides the attribute universe into two disjointed sets: confined attributes defined by owners to limit the lifetime and scope of tokens and descriptive attributes defined by authority(s) to certify the characteristic of ASPs. Security analysis shows that AAuth maintains the same security level as the original CP-ABE scheme and protects users from exposing their credentials to ASP, as OAuth does. Moreover, AAuth can resist both external and internal attacks, including untrusted cloud storage. Since most cryptographic functions are delegated from owners to CSPs, AAuth gains computing power from clouds. In our extensive simulation, AAuth's greater overhead was balanced by greater security than OAuth's. Furthermore, our scheme works seamlessly with storage providers by retaining the providers' APIs in the usual way.

Security

Cloud Computing

Access Control

Authorization

OAuth

Attribute Based Encryption

Electrical and Computer Engineering

An Ontology-Based Approach to Attribute Management in ABAC Environment

January 2014

abstract: Attribute Based Access Control (ABAC) mechanisms have been attracting a lot of interest from the research community in recent times. This is especially because of the flexibility and extensibility it provides by using attributes assigned to subjects as the basis for access control. ABAC enables an administrator of a server to enforce access policies on the data, services and other such resources fairly easily. It also accommodates new policies and changes to existing policies gracefully, thereby making it a potentially good mechanism for implementing access control in large systems, particularly in today's age of Cloud Computing. However management of the attributes in ABAC environment is an area that has been little touched upon. Having a mechanism to allow multiple ABAC based systems to share data and resources can go a long way in making ABAC scalable. At the same time each system should be able to specify their own attribute sets independently. In the research presented in this document a new mechanism is proposed that would enable users to share resources and data in a cloud environment using ABAC techniques in a distributed manner. The focus is mainly on decentralizing the access policy specifications for the shared data so that each data owner can specify the access policy independent of others. The concept of ontologies and semantic web is introduced in the ABAC paradigm that would help in giving a scalable structure to the attributes and also allow systems having different sets of attributes to communicate and share resources. / Dissertation/Thesis / M.S. Computer Science 2014

Computer science

Attribute Based Access Control

Attribute Based Encryption

Cloud Computing

Ontology

Security

Attribute Based Encryption of Electronic Health Records : Comparative study of existing algorithms

Seethamraju, Arun Tej

January 2017

Cloud Computing today, is an evolving technology which features large Data Storage and ready-to-access from any device. The Healthcare Industry stores large Databases of patient’s records, considering the advantages of Cloud Computing it is looking forward to moving on from the traditional, proprietary Database Management Model into an Open Source Cloud DBMS Model. To complete this transition, it is of primary importance to provide Privacy and Security for Electronic Medical Record / Electronic Health Record. There are several kinds of research being done on how to mitigate these privacy issues using algorithms like Attribute Based Encryption and Identity-Based Encryption. In this study, we compare the performance of these two attribute based encryption methods. This thesis compares the performance of the state-of-the-art Attribute Based Encryption Schemas for Electronic Medical Record / Electronic Health Record Systems. Performance evaluation is conducted in local and cloud environments. A Literature Review has been performed to identify the existing Cloud-based Electronic Health Record Systems which uses the attribute based encryption as a mechanism to mitigate the privacy issues and realization in Cloud. Two algorithms have been selected by performing snowballing from the IEEE Research Articles. Experimentation was performed on the two algorithms in a local machine and on Amazon Web Services Cloud Platform to compare the performance. Verification of performance in each stage of the execution of the algorithms, in both local machine and Cloud environment, was done.

Attribute Based Encryption

Electronic Health Records

Cloud Computing

Privacy

Computer Sciences

Datavetenskap (datalogi)

Attribute-Based Encryption in Systems with Resource Constrained Devices in an Information Centric Networking Context

Borgh, Joakim

January 2016

An extensive analysis of attribute-based encryption (ABE) in systems with resource constrained devices is performed. Two system solutions of how ABE can be performed in such systems are proposed, one where the ABE operations are performed at the resource constrained devices and one where ABE is performed at a powerful server. The system solutions are discussed with three different ABE schemes. Two of the schemes are the traditional key policy ABE (KP-ABE) and ciphertext policy ABE (CP-ABE). The third scheme is using KP-ABE to simulate CP-ABE, in an attempt to benefit from KP-ABE being computationally cheaper than CP-ABE while maintaining the intuitive way of using CP-ABE. ABE is a computationally expensive encryption method which might not be feasible to perform at the resource constrained sensors, depending on the hardware. An implementation of a CP-ABE scheme with a 128 bit security level was written and used to evaluate the feasibility of ABE on a sensor equipped with an ARM Cortex-M3 processor having 32 kB RAM and 256 kB flash. It is possible to perform CP-ABE on the sensor used in this project. The limiting factor of feasibility of ABE on the sensor is the RAM size. In this case policy sizes up to 12 attributes can be performed on the sensor. The results give an idea of the feasibility of encryption with ABE on sensors. In addition to the results several ways of improving performance of ABE on the sensor are discussed.

Attribute-Based Encryption

Internet of Things

Information Centric Networking

Other Computer and Information Science

Annan data- och informationsvetenskap

Uma abordagem escalável para controle de acesso muitos para muitos em redes centradas de informação

Silva, Rafael Hansen da

January 2016

Um dos principais desafios em Redes Centradas em Informação (ICN) é como prover controle de acesso à publicação e recuperação de conteúdos. Apesar das potencialidades, as soluções existentes, geralmente, consideram um único usuário agindo como publicador. Ao lidar com múltiplos publicadores, elas podem levar a uma explosão combinatória de chaves criptográficas. As soluções projetadas visando a múltiplos publicadores, por sua vez, dependem de arquiteturas de redes específicas e/ou de mudanças nessas para operar. Nesta dissertação é proposta uma solução, apoiada em criptografia baseada em atributos, para controle de acesso a conteúdos. Nessa solução, o modelo de segurança é voltado a grupos de compartilhamento seguro, nos quais todos os usuários membros podem publicar e consumir conteúdos. Diferente de trabalhos anteriores, a solução proposta mantém o número de chaves proporcional ao de membros nos grupos e pode ser empregada em qualquer arquitetura ICN de forma gradual. A proposta é avaliada quanto ao custo de operação, à quantidade de chaves necessárias e à eficiência na disseminação de conteúdos. Em comparação às soluções existentes, ela oferece maior flexibilidade no controle de acesso, sem aumentar a complexidade do gerenciamento de chaves e sem causar sobrecustos significativos à rede. / One of the main challenges in Information-Centric Networking (ICN) is providing access control to content publication and retrieval. In spite of the potentialities, existing solutions often consider a single user acting as publisher. When dealing with multiple publishers, they may lead to a combinatorial explosion of cryptographic keys. Those solutions that focus on multiple publishers, on the other hand, rely on specific network architectures and/or changes to operate. In this dissertation, it is proposed a solution, supported by attribute-based encryption, for content access control. In this solution, the security model is focused on secure content distribution groups, in which any member user can publish to and retrieve from. Unlike previous work, the proposed solution keeps the number of cryptographic keys proportional to the number of group members, and may even be adopted gradually in any ICN architecture. The proposed solution is evaluated with respect to the overhead it imposes, number of required keys, and efficiency in the content dissemination. In contrast to existing solutions, it offers higher access control flexibility, without increasing key management process complexity and without causing significant network overhead.

Redes : Computadores

Gerencia : Redes : Computadores

Information-centric networking

Access control

Many-to-many publication and retrival

Attribute-based encryption