References of "Abstract book of 2016 IEEE 8th International Conference on Cloud Computing Technology and Science (CloudCom)"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailOn the Insecurity of a Method for Providing Secure and Private Fine-Grained Access to Outsourced Data
Rial, Alfredo UL

in Abstract book of 2016 IEEE 8th International Conference on Cloud Computing Technology and Science (CloudCom) (2016, December)

The protection of sensitive data stored in the cloud is paramount. Among the techniques proposed to provide protection, attribute-based access control, which frequently uses ciphertext-policy attribute ... [more ▼]

The protection of sensitive data stored in the cloud is paramount. Among the techniques proposed to provide protection, attribute-based access control, which frequently uses ciphertext-policy attribute-based encryption (CPABE), has received a lot of attention in the last years. Recently, Jahan et al.~(IEEE 40th Conference on Local Computer Networks, 2015) propose a scheme based on CPABE where users have reading and writing access to the outsourced data. We analyze the scheme by Jahan et al.\ and we show that it has several security vulnerabilities. For instance, the cloud server can get information about encrypted messages by using a stored ciphertext and an update of that ciphertext. As another example, users with writing access are able to decrypt all the messages regardless of their attributes. We discuss the security claims made by Jahan et al.\ and point out the reasons why they do not hold. We also explain that existing schemes can already provide the advantages claimed by Jahan et al. [less ▲]

Detailed reference viewed: 27 (2 UL)