查看文章

Revocation and renewal of access rights of users are desirable requirements of a practical access control solution. Recently, key-aggregate cryptosystems have attracted significant attention of the research community, due to their elegance and efficiency, as a tool for access control enforcement. However, key-aggregate encryption schemes proposed so far in the literature are suitable only for enforcing static predefined access control policies. This paper proposes a novel key-aggregate encryption scheme that efficiently handles dynamic access control policies. The proposed scheme not only has all key-aggregate characteristics, but can also efficiently revoke/add any data class from/to a given aggregate set. Further, unlike conventional key-aggregate cryptosystems, the proposed scheme can introduce a new data class in the cryptosystem without having to initialize it all over again. The proposed scheme requires …