Although current online social networks (OSNs) schemes propose to encrypt data before sharing, the enforcement of access policies over encrypted data has become a challenging task, and the OSNs currently do not provide any mechanism to allow users to update access policies. In this paper, we propose a ciphertext sharing scheme in cloud-based OSNs, which allows the users to outsource encrypted data to the OSNs service provider for sharing. In order to meet the authorization requirement, we present a multiparty access control model based on ciphertext-policy attribute-based proxy re-encryption, which enables the access control of encrypted data associated with multiple users. On the basis of ciphertext-policy attribute-based encryption, the owners can customize the access policy of their own data. Based on proxy re-encryption, the disseminators such as friends and group members can further customize the access policy of the owners'data upon existing access policy. Besides, we achieve immediate user revocation based on secret sharing without issuing new attribute secret keys to unrevoked users. The security and performance analysis show that our proposed scheme is secure, efficient and practical.

• 出版日期2015
• 单位北京邮电大学