DET-ABE: A Java API for Data Confidentiality and Fine-Grained Access Control from Attribute Based Encryption

Abstract : Many works in the literature have proposed information security mechanisms relying on Paring Based Cryptography (PBC), for example, Ciphertext Policy Attribute Based Encryption (CP-ABE). However, a public set of software modules that allow integrating that kind of encryption for data security of information systems in an easy and transparent way is still missing. Available APIs like PBC (C-based) or jPBC (Java-based) are focused on low level arithmetic operations and several non trivial issues must still be addressed to integrate a functional PBC/ABE scheme into end-user applications for implementing end-toend encryption. We present a novel and portable Java library (API) to ensure confidentiality and access control of sensitive data accessed only by authorized entities having as credentials a set of attributes. Novel encryption and decryption processes are defined, using the digital envelope technique (DET) under a client-server computing model. The new DET-ABE scheme supports standard security levels (AES encryption) and provides the user with an easy interface for transparent use of next generation cryptography, hiding the complexity associated to PBC (field and group arithmetic, curve selection) and ABE (setup, key management, encryption/decryption details). Running times of main API’s modules at server (ABE setup and key generation) and client (DET-ABE encryption/decryption) side are presented and discussed. From these results, it is concluded that the proposed API is easy to use and viable for providing confidentiality and access control mechanisms over data in end-user applications.
Type de document :
Communication dans un congrès
Raja Naeem Akram; Sushil Jajodia. 9th Workshop on Information Security Theory and Practice (WISTP), Aug 2015, Heraklion, Crete, Greece. Springer, Lecture Notes in Computer Science, LNCS-9311, pp.104-119, 2015, Information Security Theory and Practice. 〈10.1007/978-3-319-24018-3_7〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01442556
Contributeur : Hal Ifip <>
Soumis le : vendredi 20 janvier 2017 - 16:48:09
Dernière modification le : vendredi 20 janvier 2017 - 16:52:44
Document(s) archivé(s) le : vendredi 21 avril 2017 - 16:09:01

Fichier

978-3-319-24018-3_7_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Miguel Morales-Sandoval, Arturo Diaz-Perez. DET-ABE: A Java API for Data Confidentiality and Fine-Grained Access Control from Attribute Based Encryption. Raja Naeem Akram; Sushil Jajodia. 9th Workshop on Information Security Theory and Practice (WISTP), Aug 2015, Heraklion, Crete, Greece. Springer, Lecture Notes in Computer Science, LNCS-9311, pp.104-119, 2015, Information Security Theory and Practice. 〈10.1007/978-3-319-24018-3_7〉. 〈hal-01442556〉

Partager

Métriques

Consultations de la notice

127

Téléchargements de fichiers

105