TY - GEN
T1 - SM9-based Traceable and Accountable Access Control for Secure Multi-user Cloud Storage
AU - Ren, Ke
AU - Jiang, Peng
AU - Gai, Keke
AU - Zhu, Liehuang
AU - Huang, Jingjing
N1 - Publisher Copyright:
© 2021 IEEE.
PY - 2021
Y1 - 2021
N2 - Access control, as one of flagship security mechanisms for cloud storage, allows authorized users' access right while repels unauthorized behaviors. State-of-the-art cryptographic access control systems are deployed on attribute-based encryption or identity-based encryption. They commonly inherit the key escrow problem, which incurs that pirate's untraceability. Meanwhile, with announcement of cryptographic industry standards, kinds of cryptographic algorithms according with these standards have better industrial applications. In this paper, we design SM9-based Traceable and Accountable Access Control (TA2C) to support pirate traceability and accountability. Built on top of identity-based broadcast encryption and SM9 specification, we present an SM9-based TA 2 C construction, which is provably secure in the indistinguishability and traceability security models. We also implement an SM9-based TA 2 C prototype system that supports 100 users and evaluation results show that it just needs about 1 second for encryption/decryption and tracing operations on a workstation with basic configuration.
AB - Access control, as one of flagship security mechanisms for cloud storage, allows authorized users' access right while repels unauthorized behaviors. State-of-the-art cryptographic access control systems are deployed on attribute-based encryption or identity-based encryption. They commonly inherit the key escrow problem, which incurs that pirate's untraceability. Meanwhile, with announcement of cryptographic industry standards, kinds of cryptographic algorithms according with these standards have better industrial applications. In this paper, we design SM9-based Traceable and Accountable Access Control (TA2C) to support pirate traceability and accountability. Built on top of identity-based broadcast encryption and SM9 specification, we present an SM9-based TA 2 C construction, which is provably secure in the indistinguishability and traceability security models. We also implement an SM9-based TA 2 C prototype system that supports 100 users and evaluation results show that it just needs about 1 second for encryption/decryption and tracing operations on a workstation with basic configuration.
KW - Access Control
KW - Accountability
KW - Cloud Storage
KW - Identity-based Broadcast Encryption
KW - SM9
UR - http://www.scopus.com/inward/record.url?scp=85124015194&partnerID=8YFLogxK
U2 - 10.1109/SmartCloud52277.2021.00010
DO - 10.1109/SmartCloud52277.2021.00010
M3 - Conference contribution
AN - SCOPUS:85124015194
T3 - Proceedings - 2021 IEEE 6th International Conference on Smart Cloud, SmartCloud 2021
SP - 13
EP - 18
BT - Proceedings - 2021 IEEE 6th International Conference on Smart Cloud, SmartCloud 2021
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 6th IEEE International Conference on Smart Cloud, SmartCloud 2021
Y2 - 6 November 2021 through 8 November 2021
ER -