摘要:The existing digital rights management (DRM) schemes in cloud computing introduce a heavy computation overhead on the content provider for key distribution. In this paper, we propose an attribute-based DRM scheme in cloud computing by combining the techniques of ciphertext-policy attribute-based encryption (CP-ABE) and proxy re-encryption (PRE). We first divide the content encryption key into two parts, content master key and assistant key. Then we enforce access policies based on attributes to distribute the content master key securely. Thus the users who satisfy the access policy can recover the content master key, and then obtain assistant key from the key server and decrypt the content. Furthermore, we achieve efficient attribute and user revocation by allowing the attribute authority to delegate the key server to refuse to issue the assistant key for the revoked users. The security and performance analyses indicate that the proposed scheme is secure, efficient, and privacy-preserving.
关键词:digital rights management;attribute-based encryption;proxy re-encryption;fine-grained access control;cloud computing
