Item

UR-CP-ABE: CP-ABE with Flexible Construction Mechanism and Efficient User Revocation Capability for Access Control in the Cloud

Guo, Zhen
Gao, Jiangkai
Liu, Shuainan
Wang, Rong
Feng, Chaosheng
Yu, Keping
Choo, Kim Kwang Raymong
Guizani, Mohsen
Author
Guo, Zhen
Gao, Jiangkai
Liu, Shuainan
Wang, Rong
Feng, Chaosheng
Yu, Keping
Choo, Kim Kwang Raymong
Guizani, Mohsen
Supervisor
Department
Machine Learning
Embargo End Date
Type
Journal article
Date
License
Language
English
Collections
Publications
Show all metadata
Research Projects
Organizational Units
Journal Issue
Abstract
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) schemes with user revocation allow for dynamic updates to users' access rights. However, existing schemes often encounter issues such as low re-encryption efficiency, inflexible access control, and susceptibility to collusion attacks. To address these challenges, we propose UR-CP-ABE, an efficient user revocation scheme built upon a double encryption method. Specifically, UR-CP-ABE stores both valid and revoked users' identity information in a binary tree. This design enables flexible user authority revocation by modifying only the binary tree's relevant secret sub-items. Moreover, the scheme limits the scope of revocation-induced binary tree updates to a single sub-item. This key optimization resolves the critical issue where re-encryption overhead scales linearly with the number of attributes of revoked users. In addition, we eliminate the possibility of attackers constructing secret sub-keys, preventing the collusion attacks. UR-CP-ABE also supports bidirectional revocation, allowing for the revocation and restoration of user rights, which is not available in other related schemes. Our theoretical analysis and experiments demonstrate that UR-CP-ABE has better performance than other schemes, especially in the re-encryption stages. Moreover, UR-CP-ABE has been proved to be secure based on the decisional q-parallel BDHE hardness assumption in the standard model.
Citation
Z. Guo, J. Gao, S. Liu, R. Wang, C. Feng, K. Yu, K.K.R. Choo, M. Guizani, "UR-CP-ABE: CP-ABE with Flexible Construction Mechanism and Efficient User Revocation Capability for Access Control in the Cloud," IEEE Transactions on Dependable and Secure Computing, vol. PP, no. 99, pp. 1-16, 2026, https://doi.org/10.1109/tdsc.2026.3660271.
Source
IEEE Transactions on Dependable and Secure Computing
Conference
Keywords
46 Information and Computing Sciences, 4604 Cybersecurity and Privacy, 4606 Distributed Computing and Systems Software
Subjects
Source
Publisher
IEEE
DOI
10.1109/tdsc.2026.3660271
Additional links
https://ieeexplore.ieee.org/document/11370505
Full-text link