Traitor tracing based on partially-ordered hierarchical encryption

Abstract

Recently, more and more enterprises and individuals have moved their data into the cloud. To meet this practical requirement, this paper addresses how to establishes a bridge between role-based access control (RBAC) and cloud storage in order to fully preserve investment in existing RBAC systems. We present a new scheme for secure migrating the resources from RBAC systems to cloud storage. This scheme takes full advantage of RBAC, which provides a well-designed and easyto-manage approach for accessing cloud resources without user intervention. This scheme, called Partially-ordered Hierarchical Encryption (PHE), which implements the partial-order key hierarchy, similar to role hierarchy in RBAC, in public-key infrastructure. In addition, this construction provides traitor tracing to support efficient digital forensics. The performance analysis shows that our construction has following features: dynamic joining and revoking users, constant-size ciphertexts and decryption keys, and lower overloads for large-scale systems.