Ciphertext-Policy Attribute-Based Encryption

9 years 1 months ago
Ciphertext-Policy Attribute-Based Encryption
In several distributed systems a user should only be able to access data if a user posses a certain set of credentials or attributes. Currently, the only method for enforcing such policies is to employ a trusted server to store the data and mediate access control. However, if any server storing the data is compromised, then the confidentiality of the data will be compromised. In this paper we present a system for realizing complex access control on encrypted data that we call Ciphertext-Policy Attribute-Based Encryption. By using our techniques encrypted data can be kept confidential even if the storage server is untrusted; moreover, our methods are secure against collusion attacks. Previous Attribute-Based Encryption systems used attributes to describe the encrypted data and built policies into user’s keys; while in our system attributes are used to describe a user’s credentials, and a party encrypting data determines a policy for who can decrypt. Thus, our methods are conceptu...
John Bethencourt, Amit Sahai, Brent Waters
Added 04 Jun 2010
Updated 04 Jun 2010
Type Conference
Year 2007
Where SP
Authors John Bethencourt, Amit Sahai, Brent Waters
Comments (0)