China
Africa
Explore chapters and articles related to this topic
Cloud Security
Published in Sunilkumar Manvi, Gopal K. Shyam, Cloud Computing, 2021
Sunilkumar Manvi, Gopal K. Shyam
Attribute-based encryption (ABE): It is a type of public-key encryption in which the secret key of a user and the ciphertext are dependent upon attributes (e.g. the country in which he lives, or the kind of subscription he has). In such a system, the decryption of a ciphertext is possible only if the set of attributes of the user key matches the attributes of the ciphertext. It is further categorized as follows: Ciphertext-policy ABE (CP-ABE): In the CP-ABE, the encryptor controls access strategy. The main idea of CP-ABE is focused on the design of the access structure.Key-policy ABE (KP-ABE): In the KP-ABE, attribute sets are used to describe the encrypted texts and the private keys are associated to specified policy that users will have.
Cloud Enabled Body Area Network
Published in Sanjay Kumar Biswash, Sourav Kanti Addya, Cloud Network Management, 2020
Anupam Pattanayak, Subhasish Dhal
In Cloud-enabled BAN, it is natural that only certain users can access vital PHI data. The traditional public key cryptography severely limits the users who can access the content. In attribute-based encryption (ABE), user can encrypt data for a set of receivers who satisfy certain conditions. Here, a ciphertext and a private key are associated with a set of attributes. The key is allowed to decrypt the ciphertext if and only if these sets overlap beyond a certain threshold [294]. There are variations in this basic ABE scheme that support finer-grained access control. In one such scheme, a set of attributes is attached with the ciphertext , whereas an access structure is associated with a private key. This association is specified by a Boolean function. Decryption is possible only when the set satisfies this Boolean function. Since the key specifies the access structure, this scheme is called key-policy ABE (KP-ABE). Its complementary scheme is ciphertext-policy ABE (CP-ABE). In CP-ABE, the ciphertext specifies an access structure whereas a key is associated with a set of attributes.
Privacy-Preserving Attribute-Based Encryption
Published in Dijiang Huang, Qiuxiang Dong, Yan Zhu, Attribute-Based Encryption and Access Control, 2020
Dijiang Huang, Qiuxiang Dong, Yan Zhu
Attribute-Based Encryption (ABE) was first proposed as a fuzzy version of IBE in [186], where an identity is viewed as a set of descriptive attributes. The private key for an identity w can decrypt the message encrypted by the identity w′ if and only if w and w′ are closer to each other than a pre-defined threshold in terms of set overlap distance metric. In the paper [173], the authors further generalize the threshold-based set overlap distance metric to expressive access policies with AND and OR gates. There are two main variants of ABE proposed so far, namely Key Policy Attribute-Based Encryption (KP-ABE [95]) and Ciphertext Policy Attribute-Based Encryption (CP-ABE [25]). In KP-ABE, each ciphertext is associated with a set of attributes and each user’s private key is embedded with an access policy. Decryption is enabled only if the attributes on the ciphertext satisfy the access policy of the user’s private key. In CP-ABE [25, 56, 127, 168, 94, 184, 240], each user’s private key is associated with a set of attributes, and each ciphertext is encrypted by an access policy. To decrypt the message, the attributes in the user private key need to satisfy the access policy. The key difference between identity and attribute is identities are many-to-one mapped to users while attributes are many-to-many mapped to users. Thus, to simulate a constant size conjunctive header, one needs to encrypt the message using each receiver’s identity and the size of ciphertext is linearly increasing.
Translating Privacy Design Principles Into Human-Centered Software Lifecycle: A Literature Review
Published in International Journal of Human–Computer Interaction, 2023
Marco Saltarella, Giuseppe Desolda, Rosa Lanzilotti, Vita Santa Barletta
The hide strategy asks for the confidentiality of data, meaning that data should be protected and not disclosed to any unauthorized party. Confidentiality is, of course, guaranteed by implementing encryption mechanisms, which is always recommended both for storage and transfer (Mougiakou & Virvou, 2017) (one should also consider the possibility to put the user in control, by exploiting client-side encryption (Mannhardt et al., 2018)). Indeed, it is always recommended to run application layer protocols over Transport Layer Security (TLS) (C. Li & Palanisamy, 2019). Attribute-Based Encryption (ABE) (Coroller et al., 2018), an asymmetric encryption technique that allows encrypting data according to attributes that describe the user, is suggested as a method to easily provide both confidentiality and access control in a scalable way without the need for complex security infrastructures. With ABE, only users with specific attributes can decrypt the encrypted information.
Spider Web-based Dynamic Key for Secured Transmission and Data-Aware Blockchain Encryption for the Internet of Things
Published in IETE Journal of Research, 2023
A. Mohamed Anwar, S. Pavalarajan
Li et al. [25] presented a multi-layer secure IoT using blockchain which splits the network into a multilevel decentralized network and blockchain encryption is applied at each level. In Ref. [26], a block-chain-based model is presented and the model is altered for making it suitable for IoT devices. The performance of this scheme depends on the distributed nature of the blockchain and its security features. In work [27], a data-gathering system for WSN is presented using the blockchain method. This work does not consider data integrity, data security, and data reliability in data transmission. However, encryption schemes are not employed. In blockchain-based methods, the data integrity feature is achieved to a better extent. Nevertheless, data security or privacy is not provided. The content stored in the chain can be accessed by any user presenting in the network. Therefore, a blockchain-based data preserving should be used along with encryption techniques to achieve data security and privacy. Dorri et al. [28] presented the lightweight blockchain-based scheme for IoT. This work reduces data overhead compared to the conventional method. In Ref. [29], a privacy-preserving scheme using a blockchain scheme is presented for IoT-based WSN. Data security is achieved by using the attribute-based encryption (ABE) method. ABE is a simple encryption method that can be used for security and access control. Kumar et al. [3] presented a trust-aware localized routing scheme and a dynamic encryption scheme for WSN.
An efficient attribute-based encryption scheme based on SM9 encryption algorithm for dispatching and control cloud
Published in Connection Science, 2021
Honghan Ji, Hongjie Zhang, Lisong Shao, Debiao He, Min Luo
Therefore, secure unified identity authentication, access control and authorisation management are significant topics in DCC. To find out a solution for the topics above, an effective and secure approach is to encrypt the data before storing into DCC so that only those who are authorised can access them. In detail, the control centre in SGCC distributes work tickets to workers who would operate in DCC as a registration phase. The work ticket contains the worker's unique identity information and attribute information. As Figure 2 shows, a work ticket associates a user's identity with his/her role, where the identity information is used for access control for non-core data and the attribute information is used for access control for core data. In our work, we mainly focus on the access control using attribute-based encryption (ABE).