Data Access Control in Cloud Computing: Flexible and Receiver Extendable

Publication Name

IEEE Transactions on Services Computing


Broadcast encryption provides a promising technique of data access control for specified users in cloud computing. A data uploader can generate a ciphertext for a set of chosen users such that only the intended users are able to learn the data content. However, with the rapidly increasing of collaboration between users, it is desired to extend the receiver set to grant the decryption right for more users. The existing broadcast encryption systems cannot be capable for this scenario. In this paper, we first take this problem into consideration and give a solution. We take the merits of identity-based cryptosystem and propose a notion of EIBBE: a flexible data access control with receiver extendable for cloud computing based on broadcast encryption. It allows the authorized receiver to extend the receiver set S stated in the ciphertext by adding a new receiver set $S'$ without re-encryption. Both the users in S and $S'$ can obtain the data successfully. The maximum number of extended receivers is determined by the data uploader. We then give a concrete construction of EIBBE and provide a rigorous security analysis of our proposed scheme. Finally, we demonstrate the scheme's efficiency and feasibility.

Open Access Status

This publication is not available as open access



Link to publisher version (DOI)