Deakin University
Browse

File(s) under permanent embargo

Achieving simple, secure and efficient hierarchical access control in cloud computing

journal contribution
posted on 2016-07-01, 00:00 authored by S Tang, X Li, X Huang, Yang Xiang, L Xu
Access control is an indispensable security component of cloud computing, and hierarchical access control is of particular interest since in practice one is entitled to different access privileges. This paper presents a hierarchical key assignment scheme based on linear-geometry as the solution of flexible and fine-grained hierarchical access control in cloud computing. In our scheme, the encryption key of each class in the hierarchy is associated with a private vector and a public vector, and the inner product of the private vector of an ancestor class and the public vector of its descendant class can be used to derive the encryption key of that descendant class. The proposed scheme belongs to direct access schemes on hierarchical access control, namely each class at a higher level in the hierarchy can directly derive the encryption key of its descendant class without the need of iterative computation. In addition to this basic hierarchical key derivation, we also give a dynamic key management mechanism to efficiently address potential changes in the hierarchy. Our scheme only needs light computations over finite field and provides strong key indistinguishability under the assumption of pseudorandom functions. Furthermore, the simulation shows that our scheme has an optimized trade-off between computation consumption and storage space.

History

Journal

IEEE transactions on computers

Volume

65

Issue

7

Pagination

2325 - 2331

Publisher

IEEE

Location

Piscataway, N.J.

ISSN

0018-9340

eISSN

1557-9956

Language

eng

Publication classification

C Journal article; C1 Refereed article in a scholarly journal

Copyright notice

2015, IEEE