Skip to Main Content
Cipher text-Policy Attribute Based Encryption (CP-ABE) is a promising cryptographic primitive for fine-grained access control of shared data. However, when CP-ABE is used to control outsourced data sharing, it confronts two obstacles. Firstly, the data owner must trust the attributes authority, secondly, the issue of attribute revocation of CP-ABE schemes, which suffers from such problems as different granularities of revocation, poor scalability and high computational complexity, is cumbersome. In this paper, we propose a new CP-ABE scheme that the data owners can fully control their outsourced shared data. We also resolve the issue of revocation including the entire user access privilege and just partial access right of the user, i.e., a subset of his/her attributes. Our proposed solution can achieve minimal overload by integrating CP-ABE with the access control of system. In addition, the data owners and the attributes authority can delegate most of laborious tasks to revocation proxy severs with the technique of proxy re-encryption. Finally, we present the quantitative test and analysis on the performance of our proposed scheme.