Skip to main content
SpringerLink
Log in

Verifiable computation with access control in cloud computing

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

With the tremendous growth of cloud computing, verifiable computation has been firstly formalized by Gennaro et al. and then studied widely to provide integrity guarantees in the outsourced computation. However, existing verifiable computation protocols either work in the secret key setting or in the public key setting, namely, work either for single client or for all clients, which rules out some practical applications with access control policies. In this paper, we introduce and formalize the notion of verifiable computation with access control (AC-VC), in which only the computationally weak clients with necessary access control permissions can be allowed by a trusted source to apply the outsourced computation of a function to a server. We present a formal security definition and a proved secure black-box construction for AC-VC. This construction is built based on any verifiable computation in the secret key model and ciphertext-policy attribute-based encryption (CP-ABE). The access control policies that our AC-VC can realize depend on that realized in the based CP-ABE.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Applebaum B, Ishai Y, Kushilevitz E (2010) From secrecy to soundness: efficient verification via secure computation (extended abstract). In: ICALP 2010. LNCS, vol 6198. Springer, Berlin, pp 152–163

    Google Scholar 

  2. Arora S, Safra S (1998) Probabilistic checking of proofs: a new characterization. J ACM 45:70–122

    Article  MATH  MathSciNet  Google Scholar 

  3. Babai L, Fortnow L, Levin LA, Szegedy M (1991) Checking computations in polylogarithmic time. In: STOC 1991. ACM, New York, pp 21–32

    Google Scholar 

  4. Barbosa M, Farshim P. Delegatable homomorphic encryption with applications to secure outsourcing of computation. Cryptology ePrint archive: report 2011/215

  5. Benabbas S, Gennaro R, Vahlis Y (2011) Verifiable delegation of computation over large datasets. In: CRYPTO 2010. LNCS, vol 6841. Springer, Berlin, pp 111–131

    Google Scholar 

  6. Beimel A (1996) Secure schemes for secret sharing and key distribution. PhD thesis, Israel Institute of Technology, Technion, Haifa, Israel

  7. Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: IEEE symposium on security and privacy. IEEE Computer Society, Los Alamitos, pp 321–334

    Google Scholar 

  8. Chase M (2007) Multi-authority attribute based encryption. In: TCC 2007. Springer, Berlin, pp 515–534

    Google Scholar 

  9. Chase M, Chow SS (2009) Improving privacy and security in multi-authority attribute-based encryption. In: CCS 2009. ACM, New York, pp 121–130

    Google Scholar 

  10. Chung KM, Kalai Y, Vadhan S (2010) Improved delegation of computation using fully homomorphic encryption. In: CRYPTO 2010. LNCS, vol 6223. Springer, Berlin, pp 483–501

    Chapter  Google Scholar 

  11. Fiore D, Gennaro R (2012) Publicly verifiable delegation of large polynomials and matrix computations, with applications. In: CCS 2012. ACM, New York, pp 501–512

    Google Scholar 

  12. Gennaro R, Gentry C, Parno B (2010) Non-interactive verifiable computing: outsourcing computation to untrusted workers. In: CRYPTO 2010. LNCS, vol 6223. Springer, Berlin, pp 465–482

    Chapter  Google Scholar 

  13. Gentry C (2009) Fully homomorphic encryption using ideal lattices. In: STOC 2009. ACM, New York, pp 169–178

    Google Scholar 

  14. Goldwasser S, Kalai YT, Rothblum GN (2008) Delegating computation: interactive proofs for muggles. In: STOC 2008. ACM, New York, pp 113–122

    Google Scholar 

  15. Goldwasser S, Lin H, Rubinstein A. Delegation of computation without rejection problem from designated verifier CS-proofs. Cryptology ePrint archive: report 2011/456

  16. Hur J, Noh DK (2011) Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans Parallel Distrib Syst 22(7):1214–1221

    Article  Google Scholar 

  17. Ibraimi L, Asim M, Petkovic M (2009) Secure management of personal health records by applying attribute-based encryption. Technical report, University of Twente

  18. Jahid S, Mittal P, Borisov N (2011) EASiER: encryption-based access control in social networks with efficient revocation. In: ASIACCS 2010. ACM, New York, pp 411–415

    Google Scholar 

  19. Kilian J (1992) A note on efficient zero-knowledge proofs and arguments (extended abstract). In: STOC 1992. ACM, New York, pp 723–732

    Google Scholar 

  20. Kamara S, Raykova M (2011) Secure outsourced computation in a multi-tenant cloud. In: Workshop on cryptography and security in clouds

    Google Scholar 

  21. Lewko A, Okamoto T, Sahai A, Takashima K, Waters B (2010) Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: EUROCRYPT 2011, LNCS, vol 6110. Springer, Berlin, pp 62–91

    Google Scholar 

  22. Lewko AB, Waters B (2011) Decentralizing attribute-based encryption. In: EUROCRYPT 2011. Springer, Berlin, pp 568–588

    Chapter  Google Scholar 

  23. Li M, Yu S, Zheng Y, Ren K, Lou W (2012) Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans Parallel Distrib Syst 24(1):131–143

    Article  Google Scholar 

  24. Müller SM, Katzenbeisser S, Eckert C (2008) Distributed attribute-based encryption. In: ICISC 2008. Springer, Berlin, pp 20–36

    Google Scholar 

  25. Micali S (2000) Computationally sound proofs. SIAM J Comput 30(4):1253–1298

    Article  MATH  MathSciNet  Google Scholar 

  26. Narayan S, Gagné M, Safavi-Naini R (2010) Privacy preserving EHR system using attribute-based infrastructure. In: CCSW 2010. ACM, New York, pp 47–52

    Google Scholar 

  27. Parno B, Raykova M, Vaikuntanathan V (2012) How to delegate and verify in public: verifiable computation from attribute-based encryption. In: TCC 2012, pp 422–439

    Google Scholar 

  28. Papamanthou C, Shi E, Tamassia R. Signatures of correct computation. Cryptology ePrint archive: report 2011/587

  29. Sahai A, Seyalioglu H, Waters B (2012) Dynamic credentials and ciphertext delegation for attribute-based encryption. In: CRYPTO 2012. Springer, Berlin, pp 199–217

    Chapter  Google Scholar 

  30. Wang C, Ren K, Wang J (2011) Secure and practical outsourcing of linear programming in cloud computing. In: INFOCOM 2011. IEEE Computer Society, Los Alamitos, pp 820–828

    Chapter  Google Scholar 

  31. Waters B (2011) Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: PKC 2011. LNCS, vol 6571. Springer, Berlin, pp 53–70

    Google Scholar 

  32. Yao A (1982) Protocols for secure computations. In: FOCS 1982. IEEE Computer Society, Los Alamitos, pp 160–164

    Google Scholar 

  33. Yao A (1986) How to generate and exchange secrets. In: FOCS 1986. IEEE Computer Society, Los Alamitos, pp 162–167

    Google Scholar 

  34. Yu S, Wang C, Ren K, Lou W (2010) Achieving secure, scalable, and fine-grained data access control in cloud computing. In: INFOCOM 2010. IEEE Computer Society, Los Alamitos, pp 534–542

    Google Scholar 

  35. Yu S, Wang C, Ren K, Lou W (2010) Attribute based data sharing with attribute revocation. In: ASIACCS 2010. ACM, New York, pp 261–270

    Google Scholar 

Download references

Acknowledgements

This work was supported by the National Natural Science Foundation of China (Nos. 61202466, U1135004, 61170080), Foundation for Distinguished Young Talents in Higher Education of Guangdong, China (No. 2012LYM_0017), Guangdong Province Universities and Colleges Pearl River Scholar Funded Scheme (2011), High-level Talents Project of Guangdong Institutions of Higher Education (2012), and Fundamental Research Funds for the Central Universities (No. 2012zb0015).

Author information

Authors and Affiliations

  1. School of Computer Science and Engineering, South China University of Technology, Guangzhou, China

    Lingling Xu & Shaohua Tang

Authors
  1. Lingling Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shaohua Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shaohua Tang.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Xu, L., Tang, S. Verifiable computation with access control in cloud computing. J Supercomput 69, 528–546 (2014). https://doi.org/10.1007/s11227-013-1039-z

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-013-1039-z

Keywords

Search

Navigation