• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

Fine-Grained and Traceable Key Delegation for Ciphertext-Policy Attribute-Based Encryption

Vol. 15, No. 9, September 30, 2021
10.3837/tiis.2021.09.011, Download Paper (Free):

Abstract

Permission delegation is an important research issue in access control. It allows a user to delegate some of his permissions to others to reduce his workload, or enables others to complete some tasks on his behalf when he is unavailable to do so. As an ideal solution for controlling read access on outsourced data objects on the cloud, Ciphertext-Policy Attribute-Based Encryption (CP-ABE) has attracted much attention. Some existing CP-ABE schemes handle the read permission delegation through the delegation of the user's private key to others. Still, these schemes lack the further consideration of granularity and traceability of the permission delegation. To this end, this article proposes a flexible and fine-grained CP-ABE key delegation approach that supports white-box traceability. In this approach, the key delegator first examines the relations between the data objects, read permission thereof that he intends to delegate, and the attributes associated with the access policies of these data objects. Then he chooses a minimal attribute set from his attributes according to the principle of least privilege. He constructs the delegation key with the minimal attribute set. Thus, we can achieve the shortest delegation key and minimize the time of key delegation under the premise of guaranteeing the delegator’s access control requirement. The Key Generation Center (KGC) then embeds the delegatee's identity into the key to trace the route of the delegation key. Our approach prevents the delegatee from combining his existing key with the new delegation key to access unauthorized data objects. Theoretical analysis and test results show that our approach helps the KGC transfer some of its burdensome key generation tasks to regular users (delegators) to accommodate more users.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
J. Du and N. HelIl, "Fine-Grained and Traceable Key Delegation for Ciphertext-Policy Attribute-Based Encryption," KSII Transactions on Internet and Information Systems, vol. 15, no. 9, pp. 3274-3297, 2021. DOI: 10.3837/tiis.2021.09.011.

[ACM Style]
Jiajie Du and Nurmamat HelIl. 2021. Fine-Grained and Traceable Key Delegation for Ciphertext-Policy Attribute-Based Encryption. KSII Transactions on Internet and Information Systems, 15, 9, (2021), 3274-3297. DOI: 10.3837/tiis.2021.09.011.

[BibTeX Style]
@article{tiis:24934, title="Fine-Grained and Traceable Key Delegation for Ciphertext-Policy Attribute-Based Encryption", author="Jiajie Du and Nurmamat HelIl and ", journal="KSII Transactions on Internet and Information Systems", DOI={10.3837/tiis.2021.09.011}, volume={15}, number={9}, year="2021", month={September}, pages={3274-3297}}