Blockchain Data Privacy Access Control Based on Searchable Attribute Encryption

Data privacy is important to the security of our society,and enabling authorized users to query this data efficiently is facing more challenge.Recently,blockchain has gained extensive attention with its prominent characteristics as public,distributed,decentration and chronological characteristics.However,the transaction information on the blockchain is open to all nodes,the transaction information update operation is even more transparent.And the leakage of transaction information will cause huge losses to the transaction party.In response to these problems,this paper combines hierarchical attribute encryption with linear secret sharing,and proposes a blockchain data privacy protection control scheme based on searchable attribute encryption,which solves the privacy exposure problem in traditional blockchain transactions.The user’s access control is implemented by the verification nodes,which avoids the security risks of submitting private keys and access structures to the blockchain network.Associating the private key component with the random identity of the user node in the blockchain can solve the collusion problem.In addition,authorized users can quickly search and supervise transaction information through searchable encryption.The improved algorithm ensures the security of keywords.Finally,based on the DBDH hypothesis,the security of the scheme is proved in the random prediction model.

A Blockchain-Based Proxy Re-Encryption Scheme with Conditional Privacy Protection and Auditability

With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosure,tenant privacy disclosure and rental contract disputes frequently occur,and the security,fairness and auditability of the housing leasing transaction cannot be guaranteed.To solve the above problems,a blockchain-based proxy re-encryption scheme with conditional privacy protection and auditability is proposed.The scheme implements fine-grained access control of door lock data based on attribute encryption technology with policy hiding,and uses proxy re-encryption technology to achieve auditable supervision of door lock information transactions.Homomorphic encryption technology and zero-knowledge proof technology are introduced to ensure the confidentiality of housing rent information and the fairness of rent payment.To construct a decentralized housing lease transaction architecture,the scheme realizes the efficient collaboration between the door lock data ciphertext stored under the chain and the key information ciphertext on the chain based on the blockchain and InterPlanetary File System.Finally,the security proof and computing performance analysis of the proposed scheme are carried out.The results show that the scheme can resist the chosen plaintext attack and has low computational cost.

An Attribute-Based Access Control with Efficient and Secure Attribute Revocation for Cloud Data Sharing Service

Nowadays, there is the tendency to outsource data to cloud storage servers for data sharing purposes. In fact, this makes access control for the outsourced data a challenging issue. Ciphertext-policy attribute-based encryption（CP-ABE） is a promising cryptographic solution for this challenge. It gives the data owner（DO） direct control on access policy and enforces the access policy cryptographically. However,the practical application of CP-ABE in the data sharing service also has its own inherent challenge with regard to attribute revocation. To address this challenge, we proposed an attribute-revocable CP-ABE scheme by taking advantages of the over-encryption mechanism and CP-ABE scheme and by considering the semitrusted cloud service provider（CSP） that participates in decryption processes to issue decryption tokens for authorized users. We further presented the security and performance analysis in order to assess the effectiveness of the scheme. As compared with the existing attributerevocable CP-ABE schemes, our attribute-revocable scheme is reasonably efficient and more secure to enable attribute-based access control over the outsourced data in the cloud data sharing service.

Fog-Based Secure Framework for Personal Health Records Systems

The rapid development of personal health records(PHR)systems enables an individual to collect,create,store and share his PHR to authorized entities.Health care systems within the smart city environment require a patient to share his PRH data with a multitude of institutions’repositories located in the cloud.The cloud computing paradigm cannot meet such a massive transformative healthcare systems due to drawbacks including network latency,scalability and bandwidth.Fog computing relieves the load of conventional cloud computing by availing intermediate fog nodes between the end users and the remote servers.Assuming a massive demand of PHR data within a ubiquitous smart city,we propose a secure and fog assisted framework for PHR systems to address security,access control and privacy concerns.Built under a fog-based architecture,the proposed framework makes use of efficient key exchange protocol coupled with ciphertext attribute based encryption(CP-ABE)to guarantee confidentiality and fine-grained access control within the system respectively.We also make use of digital signature combined with CP-ABE to ensure the system authentication and users privacy.We provide the analysis of the proposed framework in terms of security and performance.