Download fulltext HTML
Arfriandi, A., Gernowo, R., & Rizal Isnanto, R. (2024). Secure Information in Cloud Storage Using Hierarchical-authority Attribute-Based Encryption (HABE): A Literature Review. KnE Social Sciences, 9(6), 335–345. https://doi.org/10.18502/kss.v9i6.15283

https://doi.org/10.18502/kss.v9i6.15283

statistics

  • 105 Abstract Views
  • 47 PDF Views
  • 0 HTML Views

authors

  • Arief Arfriandi

    Arief Arfriandi

    Doctoral Program of Information System, School of Postgraduate Studies, Universitas Diponegoro, 50275, Central Java, Indonesia
    https://orcid.org/0000-0002-5244-8208
  • Rahmat Gernowo

    Rahmat Gernowo

    Doctoral Program of Information System, School of Postgraduate Studies, Universitas Diponegoro, 50275, Central Java, Indonesia
  • R Rizal Isnanto

    R Rizal Isnanto

    Doctoral Program of Information System, School of Postgraduate Studies, Universitas Diponegoro, 50275, Central Java, Indonesia

Published Date

  • Mar 12, 2024

Secure Information in Cloud Storage Using Hierarchical-authority Attribute-Based Encryption (HABE): A Literature Review

KnE Social Sciences / 6th International Conference on Education and Social Science Research (6th ICESRE) / Pages 335–345

Abstract

Access control using hierarchical-authority attribute-based encryption (HABE) in securing information in cloud storage is one of the security methods that work to maintain information privacy through the management of access rights to encrypted information, thus preventing unauthorized users and systems from accessing stored information without permission. In this paper, we further explore one scheme that is a part of attribute-based encryption (ABE) for the process of securing data or information stored in cloud storage, namely HABE, which is a development of the ciphertext policy attribute-based encryption. Furthermore, this paper summarizes the advantages and weaknesses of HABE in securing information storage in the cloud and the direction of future research or HABE research trends. The method proposed in this paper is to explore the progress of research that has been done, and to classify access structures consisting of monotomic and non-monotomical, multi-authority schemes. Then it will also define functionality as well as performance on the cost of computing to know the advantages and disadvantages of each HABE when applied to the process of storing data or information in cloud storage. In its development, HABE, compared to Cypher Policy Attribute-Based Encryption (CPABE), has different characteristics. HABE provides full delegation and support for services on a larger scale, whereas CPABE, with its access structure, can define messages with better performance. With these results, it is expected that research related to HABE will be more focused on the development of HABE, as it is more appropriate to support the management of information security on a large scale.


Keywords: information security, CPABE, HABE, cloud storage

References
[1] Derbisz J. Methods of encrypting monotonic access structures. Ann UMCS Inform. 2011 Jan 1;11(2). https://doi.org/10.2478/v10065-011-0011-x.

[2] Ostrovsky R, Sahai A, Waters B. Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 14th ACM conference on Computer and communications security. Alexandria Virginia USA: ACM; 2007. p. 195–203.

[3] Rimal BP, Choi E, Lumb I. A Taxonomy and Survey of Cloud Computing Systems. In: 2009 Fifth International Joint Conference on INC, IMS and IDC. Seoul, South Korea: IEEE; 2009. p. 44–51. https://doi.org/10.1109/NCM.2009.218.

[4] Takabi H, Joshi JB, Ahn GJ. Security and Privacy Challenges in Cloud Computing Environments. IEEE Secur Priv. 2010 Nov;8(6):24–31.

[5] Wu J, Ping L, Ge X, Wang Y, Fu J. Cloud Storage as the Infrastructure of Cloud Computing. In: 2010 International Conference on Intelligent Computing and Cognitive Informatics. Kuala Lumpur, Malaysia: IEEE; 2010. p. 380–3.

[6] Khan AR. ACCESS CONTROL IN CLOUD COMPUTING ENVIRONMENT. 2012;7(5).

[7] Kamara S, Lauter K. Cryptographic Cloud Storage. In: Sion R, Curtmola R, Dietrich S, Kiayias A, Miret JM, Sako K, et al., editors. Financial Cryptography and Data Security. Berlin, Heidelberg: Springer Berlin Heidelberg; 2010. pp. 136–49.

[8] P PK. P SK, P.J.A. A. Attribute based encryption in cloud computing: A survey, gap analysis, and future directions. J Netw Comput Appl. 2018 Apr;108:37–52.

[9] Chaudhari N, Saini M, Kumar A, Priya G. A Review on Attribute Based Encryption. In: 2016 8th International Conference on Computational Intelligence and Communication Networks (CICN). Tehri, India: IEEE; 2016. p. 380– 5. https://doi.org/10.1109/CICN.2016.81.

[10] Bethencourt J, Sahai A, Waters B. Ciphertext-Policy Attribute-Based Encryption. In: 2007 IEEE Symposium on Security and Privacy (SP ’07). Berkeley, CA: IEEE; 2007 [cited 2023 Aug 22]. p. 321–34.

[11] Cheung L, Newport C. Provably secure ciphertext policy ABE. In: Proceedings of the 14th ACM conference on Computer and communications security. Alexandria Virginia USA: ACM; 2007. p. 456–65.

[12] Goyal V, Jain A, Pandey O, Sahai A. Bounded Ciphertext Policy Attribute Based Encryption. In: Aceto L, Damgård I, Goldberg LA, Halldórsson MM, Ingólfsdóttir A, Walukiewicz I, editors. Automata, Languages and Programming. Berlin, Heidelberg: Springer Berlin Heidelberg; 2008. pp. 579–91.

[13] Liang X, Cao Z, Lin H, Xing D. Provably secure and efficient bounded ciphertext policy attribute based encryption. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security. Sydney Australia: ACM; 2009. p. 343–52.

[14] Waters B. Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization. In: Catalano D, Fazio N, Gennaro R, Nicolosi A, editors. Public Key Cryptography – PKC 2011. Berlin, Heidelberg: Springer Berlin Heidelberg; 2011. pp. 53–70.

[15] Li J, Huang Q, Chen X, Chow SS, Wong DS, Xie D. Multi-authority ciphertextpolicy attribute-based encryption with accountability. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security. Hong Kong China: ACM; 2011. p. 386–90.

[16] Li J, Wang Q, Wang C, Ren K. Enhancing Attribute-Based Encryption with Attribute Hierarchy. Mob Netw Appl. 2011 Oct;16(5):553–61.

[17] MULTI-AUTHORITY ACCESS CONTROL SYSTEM IN PUBLIC CLOUD STORAGE. Int J Adv Eng. Res Dev. 2017 Nov;4(11).

[18] Nishide T, Yoneyama K, Ohta K. Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures. In: Bellovin SM, Gennaro R, Keromytis A, Yung M, editors. Applied Cryptography and Network Security. Berlin, Heidelberg: Springer Berlin Heidelberg; 2008. pp. 111–29.

[19] Phuong TV, Yang G, Susilo W. Hidden Ciphertext Policy Attribute-Based Encryption Under Standard Assumptions. IEEE Trans Inf Forensics Security. 2016 Jan;11(1):35–45.

[20] Li J, Ren K, Zhu B, Wan Z. Privacy-Aware Attribute-Based Encryption with User Accountability. In: Samarati P, Yung M, Martinelli F, Ardagna CA, editors. Information Security. Berlin, Heidelberg: Springer Berlin Heidelberg; 2009. pp. 347–62.

[21] Lai J, Deng RH, Li Y. Fully Secure Cipertext-Policy Hiding CP-ABE. In: Bao F, Weng J, editors. Information Security Practice and Experience. Berlin, Heidelberg: Springer Berlin Heidelberg; 2011. pp. 24–39.

[22] Jin C, Feng X, Shen Q. Fully Secure Hidden Ciphertext Policy Attribute-Based Encryption with Short Ciphertext Size. In: Proceedings of the 6th International Conference on Communication and Network Security. Singapore Singapore: ACM; 2016. p. 91–8.

[23] Liang X, Cao Z, Lin H, Shao J. Attribute based proxy re-encryption with delegating capabilities. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security. Sydney Australia: ACM; 2009. p. 276– 86.

[24] Luo S, Hu J, Chen Z. Ciphertext Policy Attribute-Based Proxy Reencryption. https://doi.org/10.1007/978-3-642-17650-0_28.

[25] Seo HJ, Kim HW. Attribute-based Proxy Re-encryption with a Constant Number of Pairing Operations. J Inf Commun Converg Eng. 2012 Mar;10(1):53–60.

[26] Li K. Matrix Access structure Policy used in Attribute-Based Proxy Re-encryption.

[27] Liang K, Au MH, Liu JK, Susilo W, Wong DS, Yang G, et al. A secure and efficient Ciphertext-Policy Attribute-Based Proxy Re-Encryption for cloud data sharing. Future Gener Comput Syst. 2015 Nov;52:95–108.

[28] Li J, Wang Q, Wang C, Ren K. Enhancing Attribute-Based Encryption with Attribute Hierarchy. https://doi.org/10.1109/CHINACOM.2009.5339938.

[29] Wang S, Zhou J, Liu JK, Yu J, Chen J, Xie W. An Efficient File Hierarchy Attribute- Based Encryption Scheme in Cloud Computing. IEEE Trans Inf Forensics Security. 2016 Jun;11(6):1265–77.

[30] Wan Z, Liu J, Deng RH. HASBE: A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing. IEEE Trans Inf Forensics Security. 2012 Apr;7(2):743–54.

[31] Deng H, Wu Q, Qin B, Domingo-Ferrer J, Zhang L, Liu J, et al. Ciphertextpolicy hierarchical attribute-based encryption with short ciphertexts. Inf Sci. 2014 Aug;275:370–84.

[32] Xiao M, Wang M, Liu X, Sun J. Efficient distributed access control for big data in clouds. In: 2015 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). Hong Kong, Hong Kong: IEEE; 2015. p. 202–7.