PDF(270 KB)
Access control scheme with tracing for outsourced databases
Xiaoming WANG, Guoxiang YAO
PDF(270 KB)
PDF(270 KB)
Access control scheme with tracing for outsourced databases
To manage dynamic access control and deter pirate attacks on outsourced databases, a dynamic access control scheme with tracing is proposed. In our scheme, we introduce the traitor tracing idea into outsource databases, and employ a polynomial function and filter function as the basic means of constructing encryption and decryption procedures to reduce computation, communication, and storage overheads. Compared to previous access control schemes for outsourced databases, our scheme can not only protect sensitive data from leaking and perform scalable encryption at the server side without shipping the outsourced data back to the data owner when group membership is changed, but also provide trace-and-revoke features.When malicious users clone and sell their decryption keys for profit, our scheme can trace the decryption keys to the malicious users and revoke them. Furthermore, our scheme avoids massive message exchanges for establishing the decryption key between the data owner and the user. Compared to previously proposed publickey traitor tracing schemes, our scheme can simultaneously achieve full collusion resistance, full recoverability, full revocation, and black-box traceability. The proof of security and analysis of performance show that our scheme is secure and efficient.
outsourced databases / access control / malicious user tracing / adding and revoking users
| [1] |
Hacigümüus H, Iyer B, Mehrotra S, Li C. Executing SQL over encrypted data in the database-service-provider model. In: Proceedings of the ACM SIGMOD’2002. 2002, 216-227
|
| [2] |
Agrawal R, Kierman J, Srikant R, Xu Y. Order preserving encryption for numeric data. In: Proceedings of ACM SIGMOD 2004. 2004, 563-574
CrossRef
Google scholar
|
| [3] |
Damiani E, Di Vimercati S D C, Foresti S, Jajodia S, Paraboschi S, Samarati P. Metadata management in outsourced encrypted databases. In: Proceedings of the 2nd VLDB Workshop on Secure Data Management. Norway, 2005, 16-32
|
| [4] |
Brinkman R, Doumen J, Jonker W. Using secret sharing for searching in encrypted data. In: Proceedings of the Secure Data Management Workshop. 2004, 18-27
CrossRef
Google scholar
|
| [5] |
Paraboschi S, Samarati P. Modeling and assessing inference exposure in encrypted databases. ACM Transactions on Information and System Security, 2005, 8(1): 119-152
CrossRef
Google scholar
|
| [6] |
Lanovenko A, Guo H. Dynamic group key management in outsourced databases. In: Proceedings of the World Congress on Engineering and Computer Science. 2007, 22-28
|
| [7] |
Di Vimercati S D C, Foresti S, Jajodia S, Paraboschi S, Samarati P. Over-encryption: management of access control evolution on outsourced data. In: Proceedings of the 33rd International Conference on Very Large Data Bases. 2007, 123-134
|
| [8] |
Liu S, Li W, Wang L Y. Towards efficient over-encryption in outsourced databases using secret sharing. New Technologies, Mobilety and Security, Morocco, 2008, 1-5
|
| [9] |
Weng J, Chen M R, Chen K F, Deng R H. Cryptanalysis of a hierarchical identity-based encryption scheme. IEICE Transaction, 2010, 94-A(4): 854-856
CrossRef
Google scholar
|
| [10] |
Wang W, Li Z W, Owens R, Bhargava B. Secure and efficient access to outsourced data. In: Proceedings of the 2009 ACM Workshop on Cloud Computing Security, 2009, 55-56
CrossRef
Google scholar
|
| [11] |
Dai J, Zhou Q. A PKI-based mechanism for secure and efficient access to outsourced data. Networking and Digital Society, 2010, 640-643
|
| [12] |
Watanabe Y, Hanaoka G, Imai H. Efficient asymmetric public-key traitor tracing without trusted agents. In: Proceedings of CT-RSA 2001. Berlin: Springer-Verlag, 2001, 392-407
|
| [13] |
McGregor J P, Yin Y L, Ruby B. A traitor tracing scheme based on RSA for fast decryption. In: Proceedings of ACNS 2005. Berlin: Springer-Verlag, 2005, 56-75
|
| [14] |
Tatsuyuki M, Hideki I. A public-key black-box traitor tracing scheme with sublinear ciphertext size against self-defensive pirates. In: Proceedings of ASIACRYPT 2004. 2004, 260-275
|
| [15] |
Tzeng W G, Tzeng Z J. A public-key traitor tracing scheme with revocation using dynamic share. Designs, Codes and Cryptography, 2005, 35(1): 47-61
CrossRef
Google scholar
|
| [16] |
Dodis Y, Fazio N, Kiayias A, Yung M. Scalable public-key tracing and revoking. Distributed Computing, 2005, 17(4): 323-347
CrossRef
Google scholar
|
| [17] |
Wang Q L, Yang B, Han Z, Geng X H. Collusion-free public-key traitor tracing scheme. Journal on Communications, 2006, 27(12): 6-9
|
| [18] |
Boneh D, Sahai A, Waters B. Fully collusion resistant traitor tracing with short ciphertexts and private keys. In: Proceedings of the 13th ACM Conf on Computer and Communications Security. 2006, 211-220
|
| [19] |
Wang Q L, Han Z, Yang B. A traitor tracing scheme based on bilinear map. Journal of Computer Research and Developmen, 2009, 46(3): 384-389
|
| [20] |
Boneh D, Waters B. A full collusion resistant broadcast, trace, and revoke system. In: Proceedings of EUROCRYPT 2006. Berlin: Springer- Verlag, 2006, 573-592
|
/
| 〈 |
|
〉 |
AI Summary
