MPDS-RCA: Multi-level privacy-preserving data sharing for resisting collusion attacks based on an integration of CP-ABE and LDP

Abstract In the ciphertext-policy attribute-based encryption (CP-ABE), once malicious users have gained access to the sharing data, they are able to obtain real private data, leading to serious privacy leakage issues. Thus, if the data user does not access the original private data, but instead accesses the perturbed data, while guaranteeing certain statistical characteristics, this would greatly improve the privacy of the CP-ABE technology as well as enhance its security. Motivated by this, an integration of basic CP-ABE and local differential privacy (LDP) based on randomized response for achieving multi-level privacy-preserving data sharing (MPDS), which has a relatively lower complexity and higher data utility, is constructed to provide double privacy protection for data owners at the source. To prevent different trusted data users from colluding and gaining more privacy beyond their trust levels, a random perturbation strategy is elaborately designed for resisting collusion attacks (RCA) while guaranteeing that the output of RCA perturbation strategy is the same as that of the original perturbation, which has been proved from the theoretical level. Finally, the proposed MPDS-RCA scheme is simulated and verified on both synthetic and real data sets, which indicates that the proposed scheme outperforms the existing MPPDS scheme in terms of the average error rate, the KL-divergence and the JS-divergence while reducing the computational cost by approximately 50%.