RRMAC: A Multi-data Owner Access Control Scheme with Robust Revocation for Co-owned Data Sharing
Due to the rising requirement for data sharing, multi-data owner access control schemes have emerged, where a single data file is jointly owned by multiple data owners. Since the shared files contain information from multiple data owners, it is crucial to revoke malicious users to minimize harm when...
Gespeichert in:
| Veröffentlicht in: | IEEE transactions on information forensics and security 2024-12, p.1-1 |
|---|---|
| Hauptverfasser: | , , , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 1 |
|---|---|
| container_issue | |
| container_start_page | 1 |
| container_title | IEEE transactions on information forensics and security |
| container_volume | |
| creator | Li, Bei Zhong, Hong Cui, Jie Gu, Chengjie He, Debiao |
| description | Due to the rising requirement for data sharing, multi-data owner access control schemes have emerged, where a single data file is jointly owned by multiple data owners. Since the shared files contain information from multiple data owners, it is crucial to revoke malicious users to minimize harm when data leakage occurs. However, current multi-data owner solutions typically rely on a single data owner to encrypt and share data and fail to provide robust user revocation. When revocation is managed by a single entity, it may fail to protect the rights of all data owners and can introduce a single point of failure in multi-data owner settings. On the other hand, if revocation requires the participation of all data owners, user access may fail if some owners are offline or compromised. To address these issues, we propose a robust multi-data owner access control scheme with efficient user revocation. We construct a secret resharing protocol based on secret sharing technology and proposed a multi-data owner access control scheme. Only users who obtain a sufficient number of private keys can decrypt the ciphertext. To achieve multi-owner controlled revocation, we use key splitting to divide the user's private key into an authorization key and an update key and embed a period into the update keys. During user revocation, the cloud updates the ciphertext and the data user can decrypt the ciphertext without obtaining the update keys of all data owners. The thorough performance analysis shows that the overhead of the proposed scheme is acceptable. Specifically, the proposed scheme takes approximately 0.5 seconds to encrypt, and with preprocessing, this time is reduced to 0.06 seconds, while decryption requires around 0.15 seconds on the Raspberry Pi. |
| doi_str_mv | 10.1109/TIFS.2024.3515853 |
| format | Article |
| fullrecord | <record><control><sourceid>ieee_RIE</sourceid><recordid>TN_cdi_ieee_primary_10793083</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10793083</ieee_id><sourcerecordid>10793083</sourcerecordid><originalsourceid>FETCH-ieee_primary_107930833</originalsourceid><addsrcrecordid>eNqFjM0OwUAURmdB4vcBJBb3BVozplNl1xRh0Uhae0ZdOlIdmRnE2yOxt_oW55yPkAGjPmN0Otqul7k_puPA54KJSPAGaTMhQi-kjLdIx9oLpUHAwqhN9lmWxskMYkjvlVPeUToJm2eNBuKiQGsh0bUzuoK8KPGK8FSuhEwf7tZBhg9dSKd0DSdtPqanP-UR5t-TvJRG1eceaZ5kZbH_2y4ZLhfbZOUpRNzdjLpK89oxOplyGnH-B78BFj5CUg</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>RRMAC: A Multi-data Owner Access Control Scheme with Robust Revocation for Co-owned Data Sharing</title><source>IEEE Electronic Library (IEL)</source><creator>Li, Bei ; Zhong, Hong ; Cui, Jie ; Gu, Chengjie ; He, Debiao</creator><creatorcontrib>Li, Bei ; Zhong, Hong ; Cui, Jie ; Gu, Chengjie ; He, Debiao</creatorcontrib><description>Due to the rising requirement for data sharing, multi-data owner access control schemes have emerged, where a single data file is jointly owned by multiple data owners. Since the shared files contain information from multiple data owners, it is crucial to revoke malicious users to minimize harm when data leakage occurs. However, current multi-data owner solutions typically rely on a single data owner to encrypt and share data and fail to provide robust user revocation. When revocation is managed by a single entity, it may fail to protect the rights of all data owners and can introduce a single point of failure in multi-data owner settings. On the other hand, if revocation requires the participation of all data owners, user access may fail if some owners are offline or compromised. To address these issues, we propose a robust multi-data owner access control scheme with efficient user revocation. We construct a secret resharing protocol based on secret sharing technology and proposed a multi-data owner access control scheme. Only users who obtain a sufficient number of private keys can decrypt the ciphertext. To achieve multi-owner controlled revocation, we use key splitting to divide the user's private key into an authorization key and an update key and embed a period into the update keys. During user revocation, the cloud updates the ciphertext and the data user can decrypt the ciphertext without obtaining the update keys of all data owners. The thorough performance analysis shows that the overhead of the proposed scheme is acceptable. Specifically, the proposed scheme takes approximately 0.5 seconds to encrypt, and with preprocessing, this time is reduced to 0.06 seconds, while decryption requires around 0.15 seconds on the Raspberry Pi.</description><identifier>ISSN: 1556-6013</identifier><identifier>DOI: 10.1109/TIFS.2024.3515853</identifier><identifier>CODEN: ITIFA6</identifier><language>eng</language><publisher>IEEE</publisher><subject>access control ; attribute-based encryption ; Authorization ; Collaboration ; Computational modeling ; Data privacy ; Encryption ; Information sharing ; Multi-data owner ; Polynomials ; Privacy ; robust user revocation ; Servers ; Social networking (online)</subject><ispartof>IEEE transactions on information forensics and security, 2024-12, p.1-1</ispartof><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><orcidid>0000-0001-7258-3418 ; 0000-0002-2446-7436 ; 0000-0002-0392-9734 ; 0000-0002-9555-4545 ; 0009-0001-6597-168X</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10793083$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,780,784,796,27924,27925,54758</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/10793083$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Li, Bei</creatorcontrib><creatorcontrib>Zhong, Hong</creatorcontrib><creatorcontrib>Cui, Jie</creatorcontrib><creatorcontrib>Gu, Chengjie</creatorcontrib><creatorcontrib>He, Debiao</creatorcontrib><title>RRMAC: A Multi-data Owner Access Control Scheme with Robust Revocation for Co-owned Data Sharing</title><title>IEEE transactions on information forensics and security</title><addtitle>TIFS</addtitle><description>Due to the rising requirement for data sharing, multi-data owner access control schemes have emerged, where a single data file is jointly owned by multiple data owners. Since the shared files contain information from multiple data owners, it is crucial to revoke malicious users to minimize harm when data leakage occurs. However, current multi-data owner solutions typically rely on a single data owner to encrypt and share data and fail to provide robust user revocation. When revocation is managed by a single entity, it may fail to protect the rights of all data owners and can introduce a single point of failure in multi-data owner settings. On the other hand, if revocation requires the participation of all data owners, user access may fail if some owners are offline or compromised. To address these issues, we propose a robust multi-data owner access control scheme with efficient user revocation. We construct a secret resharing protocol based on secret sharing technology and proposed a multi-data owner access control scheme. Only users who obtain a sufficient number of private keys can decrypt the ciphertext. To achieve multi-owner controlled revocation, we use key splitting to divide the user's private key into an authorization key and an update key and embed a period into the update keys. During user revocation, the cloud updates the ciphertext and the data user can decrypt the ciphertext without obtaining the update keys of all data owners. The thorough performance analysis shows that the overhead of the proposed scheme is acceptable. Specifically, the proposed scheme takes approximately 0.5 seconds to encrypt, and with preprocessing, this time is reduced to 0.06 seconds, while decryption requires around 0.15 seconds on the Raspberry Pi.</description><subject>access control</subject><subject>attribute-based encryption</subject><subject>Authorization</subject><subject>Collaboration</subject><subject>Computational modeling</subject><subject>Data privacy</subject><subject>Encryption</subject><subject>Information sharing</subject><subject>Multi-data owner</subject><subject>Polynomials</subject><subject>Privacy</subject><subject>robust user revocation</subject><subject>Servers</subject><subject>Social networking (online)</subject><issn>1556-6013</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNqFjM0OwUAURmdB4vcBJBb3BVozplNl1xRh0Uhae0ZdOlIdmRnE2yOxt_oW55yPkAGjPmN0Otqul7k_puPA54KJSPAGaTMhQi-kjLdIx9oLpUHAwqhN9lmWxskMYkjvlVPeUToJm2eNBuKiQGsh0bUzuoK8KPGK8FSuhEwf7tZBhg9dSKd0DSdtPqanP-UR5t-TvJRG1eceaZ5kZbH_2y4ZLhfbZOUpRNzdjLpK89oxOplyGnH-B78BFj5CUg</recordid><startdate>20241210</startdate><enddate>20241210</enddate><creator>Li, Bei</creator><creator>Zhong, Hong</creator><creator>Cui, Jie</creator><creator>Gu, Chengjie</creator><creator>He, Debiao</creator><general>IEEE</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><orcidid>https://orcid.org/0000-0001-7258-3418</orcidid><orcidid>https://orcid.org/0000-0002-2446-7436</orcidid><orcidid>https://orcid.org/0000-0002-0392-9734</orcidid><orcidid>https://orcid.org/0000-0002-9555-4545</orcidid><orcidid>https://orcid.org/0009-0001-6597-168X</orcidid></search><sort><creationdate>20241210</creationdate><title>RRMAC: A Multi-data Owner Access Control Scheme with Robust Revocation for Co-owned Data Sharing</title><author>Li, Bei ; Zhong, Hong ; Cui, Jie ; Gu, Chengjie ; He, Debiao</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-ieee_primary_107930833</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>access control</topic><topic>attribute-based encryption</topic><topic>Authorization</topic><topic>Collaboration</topic><topic>Computational modeling</topic><topic>Data privacy</topic><topic>Encryption</topic><topic>Information sharing</topic><topic>Multi-data owner</topic><topic>Polynomials</topic><topic>Privacy</topic><topic>robust user revocation</topic><topic>Servers</topic><topic>Social networking (online)</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Li, Bei</creatorcontrib><creatorcontrib>Zhong, Hong</creatorcontrib><creatorcontrib>Cui, Jie</creatorcontrib><creatorcontrib>Gu, Chengjie</creatorcontrib><creatorcontrib>He, Debiao</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><jtitle>IEEE transactions on information forensics and security</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Li, Bei</au><au>Zhong, Hong</au><au>Cui, Jie</au><au>Gu, Chengjie</au><au>He, Debiao</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>RRMAC: A Multi-data Owner Access Control Scheme with Robust Revocation for Co-owned Data Sharing</atitle><jtitle>IEEE transactions on information forensics and security</jtitle><stitle>TIFS</stitle><date>2024-12-10</date><risdate>2024</risdate><spage>1</spage><epage>1</epage><pages>1-1</pages><issn>1556-6013</issn><coden>ITIFA6</coden><abstract>Due to the rising requirement for data sharing, multi-data owner access control schemes have emerged, where a single data file is jointly owned by multiple data owners. Since the shared files contain information from multiple data owners, it is crucial to revoke malicious users to minimize harm when data leakage occurs. However, current multi-data owner solutions typically rely on a single data owner to encrypt and share data and fail to provide robust user revocation. When revocation is managed by a single entity, it may fail to protect the rights of all data owners and can introduce a single point of failure in multi-data owner settings. On the other hand, if revocation requires the participation of all data owners, user access may fail if some owners are offline or compromised. To address these issues, we propose a robust multi-data owner access control scheme with efficient user revocation. We construct a secret resharing protocol based on secret sharing technology and proposed a multi-data owner access control scheme. Only users who obtain a sufficient number of private keys can decrypt the ciphertext. To achieve multi-owner controlled revocation, we use key splitting to divide the user's private key into an authorization key and an update key and embed a period into the update keys. During user revocation, the cloud updates the ciphertext and the data user can decrypt the ciphertext without obtaining the update keys of all data owners. The thorough performance analysis shows that the overhead of the proposed scheme is acceptable. Specifically, the proposed scheme takes approximately 0.5 seconds to encrypt, and with preprocessing, this time is reduced to 0.06 seconds, while decryption requires around 0.15 seconds on the Raspberry Pi.</abstract><pub>IEEE</pub><doi>10.1109/TIFS.2024.3515853</doi><orcidid>https://orcid.org/0000-0001-7258-3418</orcidid><orcidid>https://orcid.org/0000-0002-2446-7436</orcidid><orcidid>https://orcid.org/0000-0002-0392-9734</orcidid><orcidid>https://orcid.org/0000-0002-9555-4545</orcidid><orcidid>https://orcid.org/0009-0001-6597-168X</orcidid></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | ISSN: 1556-6013 |
| ispartof | IEEE transactions on information forensics and security, 2024-12, p.1-1 |
| issn | 1556-6013 |
| language | eng |
| recordid | cdi_ieee_primary_10793083 |
| source | IEEE Electronic Library (IEL) |
| subjects | access control attribute-based encryption Authorization Collaboration Computational modeling Data privacy Encryption Information sharing Multi-data owner Polynomials Privacy robust user revocation Servers Social networking (online) |
| title | RRMAC: A Multi-data Owner Access Control Scheme with Robust Revocation for Co-owned Data Sharing |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-29T13%3A04%3A46IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=RRMAC:%20A%20Multi-data%20Owner%20Access%20Control%20Scheme%20with%20Robust%20Revocation%20for%20Co-owned%20Data%20Sharing&rft.jtitle=IEEE%20transactions%20on%20information%20forensics%20and%20security&rft.au=Li,%20Bei&rft.date=2024-12-10&rft.spage=1&rft.epage=1&rft.pages=1-1&rft.issn=1556-6013&rft.coden=ITIFA6&rft_id=info:doi/10.1109/TIFS.2024.3515853&rft_dat=%3Cieee_RIE%3E10793083%3C/ieee_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=10793083&rfr_iscdi=true |