Fine-grained access control of files stored in cloud storage with traceable and revocable multi-authority CP-ABE scheme

Cloud computing is gaining increasing popularity among enterprises, universities, government departments, and end-users. Geographically distributed users can collaborate by sharing files through the cloud. Ciphertext-Policy attribute-based (CP-ABE) access control provides an efficient technique to enforce fine-grained access control by the data owner. Single authority CP-ABE schemes create a bottleneck for enterprise applications. Multi authority CP-ABE systems deal with multiple attribute authorities performing the attribute registration or key distribution. Type I pairing is used in designing the existing multi-authority systems. They are vulnerable to some reported known attacks on them. This paper proposes a multi-authority CP-ABE scheme that supports attribute and policy revocation. Type III pairing is used in designing the scheme, which has higher security, faster group operations, and requires less memory to store the elements. The proposed scheme has been implemented using the Charm framework, which uses the PBC library. The OpenStack cloud platform is used for computing and storage services. It has been proved that the proposed scheme is collusion resistant, traceable, and revocable. AVISPA tool has been used to verify that the proposed scheme is secure against a replay attack and man-in-the-middle attack.