Abstract
By leveraging and modifying ciphertext-policy attribute based encryption (CP-ABE) and OAuth, we propose a new authorization scheme, called fuzzy authorization , to facilitate an application registered with one cloud party to access data residing in another cloud party. The new proposed scheme enables the fuzziness of authorization to enhance the scalability and flexibility of file sharing by taking advantage of the one-to-one correspondence between linear secret-sharing scheme (LSSS) and generalized Reed Solomon (GRS) code. Furthermore, by conducting attribute distance checking and distance adjustment, operations like sending attribute sets and satisfying an access tree are eliminated. In addition, the automatic revocation is realized with update of $TimeSlot$ attribute when data owner modifies the data. The security of the fuzzy authorization is proved under the d-BDHE assumption. In order to measure and estimate the performance of our scheme, we have implemented the protocol flow of fuzzy authorization with OMNET $++$ $4.2.2$ and realized the cryptographic part with pairing-based cryptography (PBC) library. Experimental results show that fuzzy authorization can achieve fuzziness of authorization among heterogeneous clouds with security and efficiency.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
