期刊名称:International Journal of Security and Its Applications
印刷版ISSN:1738-9976
出版年度:2016
卷号:10
期号:2
页码:217-236
DOI:10.14257/ijsia.2016.10.2.20
出版社:SERSC
摘要:Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a promising cryptographic tool to implement access control for secure cloud storage systems. However, most existing access control schemes based on CP-ABE for the multi-authority cloud storage systems rely on a fully trusted global certificate authority. It is just an ideal assumption while there never exists a fully trusted global certificate authority in reality. In this paper, we construct a system with multiple certificate authorities (CA). The parameters of those CAs could be verified when an authority suspects the messages received from the correlative certificate authority. Besides, we construct a verifiable secret sharing (VSS) scheme to realize the decentralization of the certificate authority in our scheme. The scheme adopts the Pedersen commitment in combination with the properties of bilinear-pairs on elliptic curve and bilinear Diffie- Hellman problem. The analysis shows that our scheme is highly efficient, authentic and provably secure under the security model. Our scheme simultaneously supports efficient attribute revocation.
