Attribute-based solution with time restriction delegate for flexible and scalable access control in cloud storage

Abstract

The development of cloud computing has brought a lot of advantages, such as reducing the hardware cost and a more convenient storage solution. Because of the convenient and cheap storage solution, a large number of users put their valuable data onto the cloud. There have been more and more outsourcing data security and privacy issues. Several schemes using attribute-based encryption (ABE) have been proposed in cloud computing outsourcing data access control, However, most of them have stubborn in complex access control policy. To implement scalable, flexible and fine-grained access control in cloud storage, this paper proposes an attribute-based solution with time restriction delegate by extending the Ciphertext-policy attribute-based encryption (CP-ABE). This scheme not only realizes the scalability and fine-grained access control, but also gives a solution for the data delegate. Our delegate mechanism can let the users entrusted the data which in their visit range to others, and the ability to set a time limit. Finally, we prove the security of our scheme based on the security of the Ciphertext-policy attribute-based encryption (CP-ABE) by Bethencourt et al. and analyze its performance and computational complexity. Experiments for our scheme are implemented and the result shows that it is both efficient and flexible in dealing with access control for outsourced data in cloud computing.