Server-Aided Fine-Grained Access Control Mechanism with Robust Revocation in Cloud Computing

As an innovative technique for cloud storage services, attribute based encryption (ABE) enables fine-grained access control over encrypted data in many cloud computing applications. However, there exist two main drawbacks that restrict the development of ABE. One is that most of the existing user revocation mechanisms cannot achieve high efficiency, immediacy and robustness simultaneously. Another is that the decryption of ABE contains expensive pairing operations which often grow with the complexity of access policy. In this work, we propose a practical server-aided revocable fine-grained access control mechanism with the help of cloud's storage, computing and management capabilities, which not only achieves efficient fine-grained attribute based access control, but also actualizes immediate and robust user revocation. Moreover, most of the complicated operations in decryption are outsourced to the public cloud server, leaving one exponentiation for the users. At last, we implement our proposed mechanism with \mathsf{Charm} Charm framework. The benchmark results demonstrate the high efficiency and practicality of our proposed mechanism.