Privacy-Preserving Attribute-Based Access Control with Non-Monotonic Access Structure

Abstract

Attribute-Based Encryption (ABE) with non-monotonic access policies provides fine-grained access control for widespread applications like Cloud-assisted HealthIoT systems. In this context, multi-authority ABE with untrusted authorities eliminates the need for a trusted authority, but ensuring user's identity and attributes-set privacy against these authorities remains a significant challenge. This paper proposes a new, efficient multi-authority ABE approach that preserves user's identity privacy and attributes-set privacy, and is secure against collusion attack. Also, the proposed approach provides non-monotonic access policies, which supports positive and negative constraints using NOT operation as well as AND and OR operations. © 2023 IEEE.