A Novel Approach Based on Blockchain to Enhance Security with Dynamic Policy Updating

Abstract

The cipher-text policy attribute-based encryption is a promising technique to ensure the security in the third trust parties environment and offers opportunities to their users. However, the policy updating becomes a challenging issue when we use CP-ABE to construct access control schemes. The traditional method consists of presenting a huge work to the data owners, data retrieving, its re-encryption under the new access policy, and the re-sending back to the cloud. These interactions incur a heavy computation burden and a high communication on the data owner. In this paper, we propose a novel approach, in one hand, to enhance the security by using Blockchain technology, and in the other hand to update the access policy dynamically. We use Blockchain to deploy a policy in a manner that preserves security. We use also the cloud to store the data with CP-ABE, and especially, we focus on the delegation of the policy updating method to the cloud. This method can minimize the computation work and avoid the transmission of encrypted data by combining the ciphertext and previous access strategy. Moreover, we also design a policy updating algorithm. In our scheme, the security is occurred by two factors, the first one must satisfy the policy in the CP-ABE. The second one also must satisfy the policy deployed in the Blockchain to have the authorization token generated to access the desired resources.