Date Added: Sep 2012
A fundamental approach for secure data sharing in a cloud environment is to let the data owner encrypt data before outsouring. To simultaneously achieve fine-grained access control on encrypted data and scalable user revocation, existing work combines Attribute-Based Encryption (ABE) and Proxy Re-Encryption (PRE) to delegate the Cloud Service Provider (CSP) to execute re-encryption. However, the data owner should be online in order to send the PRE keys to the CSP in a timely fashion, to prevent the revoked user from accessing the future data. The delay of issuing the PRE keys may cause potential security risks. In this paper, the authors propose a Time-based Proxy Re-Encryption (TimePRE) scheme to allow a user's access right to expire automatically after a predetermined period of time.