Access Privilege Elevation and Revocation in Collusion-Resistant Cloud Access Control

As a consequence of the growth in cloud services adoption, the majority of organisations and data owners now migrate their data to the cloud. This raises many security concerns due to remote untrusted storage and the loss of control over data. Cipher-text policy attribute based encryption (CP-ABE) can achieve cryptographic access control that tackles the majority of these concerns. However, the two key challenges of CP-ABE, which have not been efficiently addressed by the majority of the existing systems, are how to revoke any single shared attribute from any users without affecting others and build a collusion resistance system. In this paper, our proposed system extends the relevant existing techniques to resolve the inherent problems in CP-ABE, which is users' credential management according to access privilege customization. The novelty of our collusion-resistant system is to drive the access privileges in a specific way by updating the access policy as well as user revocation. Our theoretical and experimental findings indicate that our proposed system is more practical and secure compared to the current related systems.