Extended Identity-Revocable CP-ABE
This chapter focuses on how to extend Identity-Based Revocable Ciphertext-Policy Attribute-Based Encryption (CP-ABE) by considering the scalability of Attribute-Based Encryption revocation management solutions such as Attribute-Based Encryption key federation, interoperability, and delegation. To implement extend Identity-Based Revocable CP-ABE, existing Attribute-Based Encryption-based Attribute Based Access Control solutions face challenges to realize important management features of access control such as delegation, federation, interoperability, and revocation, which prevent them from being widely deployed. The performance evaluation demonstrates the solution is secure and efficient to establish a large-scale attribute-based access control framework. In practice, users need to interact with several different organizations that may not trust each other; a user also may own attributes belonged to different subdivisions of an organization.