Owner Specified Excessive Access Control for Attribute Based Encryption

Fawad Khan, Hui Li, Liangxuan Zhang

Research output: Contribution to journalArticlepeer-review

15 Citations (Scopus)
6 Downloads (Pure)


Attribute-based encryption (ABE) has emerged as a promising solution for access control to diverse set of users in cloud computing systems. Policy can just specify whether (or not) any specific user should be given access to data, but it lacks to provide data owner the privilege to specify (how much) fraction, or (which) specific chunk from that data to be accessed or decrypted. In this paper, we address this issue, and propose a scheme that will give data owner excessive access control, so that he can specify specific chunk out of total data to be accessed by user depending on his attributes. In our scheme, a data owner can encrypt data over attributes specified in a policy, but even if user's attributes satisfy the policy; he can decrypt data (partially or fully) fractionally based on his attributes specified by owner. The owner can also prioritize user's access based on his designation, or hierarchal role in a specific organization. We also address to resolve the issue of attributes repetition, due to which the cost of computations in encryption by owner and ciphertext size is reduced. Furthermore, we achieve it with a single ciphertext over policy for entire data, and proof our scheme to be secure in the generic group and random oracle model. Theoretical comparisons of computations with existing constructions, and performance of the scheme evaluated in the Charm simulator is reasonable enough to be adopted in practice.
Original languageEnglish
Pages (from-to)8967 - 8976
Number of pages10
JournalIEEE Access
Early online date29 Nov 2016
Publication statusPublished - 2016
Externally publishedYes

Bibliographical note

2016 IEEE. Translations and content mining are permitted for academic research only. Personal use is also permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information


10.13039/501100001809-National Natural Science Foundation of China (Grant Number: U1401251 and 61272457)


  • Attribute
  • partial
  • full
  • encryption
  • decryption
  • symmetric key
  • chunk
  • excessive access
  • repetition
  • fractional


Dive into the research topics of 'Owner Specified Excessive Access Control for Attribute Based Encryption'. Together they form a unique fingerprint.

Cite this