Document Type: Original Article
Faculty of Computer Engineering, University of Isfahan, Isfahan, Iran
Security and privacy are very important challenges for outsourced private data over cloud storages. By taking Attribute-Based Encryption (ABE) for Access Control (AC) purpose we use fine-grained AC over cloud storage. In this paper, we extend previous Ciphertext Policy ABE (CP-ABE) schemes especially for mobile and resource-constrained devices in a cloud computing environment in two aspects, a novel authentication mechanism and a new revocation approach. To wide-spread adoptions of ABE for a resource-constrained device, a very light-weight authentication mechanism is required to authentication ciphertext before starting cost expensive ABE techniques to thwart Denial-of-Service (DoS) attacks which are used to power depletion and network downing purposes by attackers. We introduce and address the problem to more robustness of whole networks when DoS attacks are present. Moreover, we propose an efficient revocation mechanism which is a very important challenge in the context. Finally with a discussion on different aspects of the proposal and extensive experimental results we show its profitability.