Due to huge volume of big data, cloud is a better choice to store big data. Since the cloud is not trustworthy, privacy and access control is a big concern. Ciphertext policy attribute-based encryption (CP-ABE) is a promising technique to enable both privacy and access control in the cloud. However, directly applying CP-ABE scheme for big data in the cloud is a challenging task because of revocation. Existing CP-ABE with revocation schemes are lacking in efficiency. In this paper, we propose an efficient revocable CP-ABE (R-CP-ABE) scheme for big data access control in cloud using proxy-based updates in which the proxy server performs the ciphertext and secret key updates instead of data owner and data user respectively during revocation. This outsourced updates during revocation reduces the communication and computation overhead of data owner and data users. In security analysis, we prove that our R-CP-ABE scheme is secure against chosen plain-text and user collusion attacks. In addition, we also show that our scheme achieves forward and backward secrecy. The performance analysis demonstrates that our method is efficient when comparing with existing schemes.
Read full abstract