Efficiently Attribute-Based Access Control for Mobile Cloud Storage System

Similar with other outsourced services, cloud storage faces the serious issue of user data security. To keep data confidential against unauthorized cloud servers and users, Attribute-Based Encryption (ABE) for access control is widely adopted. However, ABE-based access control schemes are being criticized for their high computation overhead, such as in key generation, decryption and revocation. Considering the mobile cloud storage environment where these computation tasks are executed by mobile devices or sensors, this drawback appears more serious. In this paper, we propose an efficient and secure attribute-based access control scheme for mobile cloud storage. Specifically, we construct the first Key-Policy ABE (KP-ABE) scheme with outsourced key generation and decryption, and propose an efficient revocation method for it. Moreover, we prove the proposed scheme is immune to the collusion attack and secure in the standard model. Extensive experiment demonstrates that the efficient key generation, decryption, and revocation are achieved with the help of the cloud servers.