DET-ABE: A Java API for Data Confidentiality and Fine-Grained Access Control from Attribute Based Encryption - Information Security Theory and Practice
Conference Papers Year : 2015

DET-ABE: A Java API for Data Confidentiality and Fine-Grained Access Control from Attribute Based Encryption

Abstract

Many works in the literature have proposed information security mechanisms relying on Paring Based Cryptography (PBC), for example, Ciphertext Policy Attribute Based Encryption (CP-ABE). However, a public set of software modules that allow integrating that kind of encryption for data security of information systems in an easy and transparent way is still missing. Available APIs like PBC (C-based) or jPBC (Java-based) are focused on low level arithmetic operations and several non trivial issues must still be addressed to integrate a functional PBC/ABE scheme into end-user applications for implementing end-toend encryption. We present a novel and portable Java library (API) to ensure confidentiality and access control of sensitive data accessed only by authorized entities having as credentials a set of attributes. Novel encryption and decryption processes are defined, using the digital envelope technique (DET) under a client-server computing model. The new DET-ABE scheme supports standard security levels (AES encryption) and provides the user with an easy interface for transparent use of next generation cryptography, hiding the complexity associated to PBC (field and group arithmetic, curve selection) and ABE (setup, key management, encryption/decryption details). Running times of main API’s modules at server (ABE setup and key generation) and client (DET-ABE encryption/decryption) side are presented and discussed. From these results, it is concluded that the proposed API is easy to use and viable for providing confidentiality and access control mechanisms over data in end-user applications.
Fichier principal
Vignette du fichier
978-3-319-24018-3_7_Chapter.pdf (1.07 Mo) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-01442556 , version 1 (20-01-2017)

Licence

Identifiers

Cite

Miguel Morales-Sandoval, Arturo Diaz-Perez. DET-ABE: A Java API for Data Confidentiality and Fine-Grained Access Control from Attribute Based Encryption. 9th Workshop on Information Security Theory and Practice (WISTP), Aug 2015, Heraklion, Crete, Greece. pp.104-119, ⟨10.1007/978-3-319-24018-3_7⟩. ⟨hal-01442556⟩
176 View
485 Download

Altmetric

Share

More