The Research On The Access Control Technology Based On Multi-Authority ABE

Data security is becoming the major bottleneck of cloud storage,access control is a main solution to the security of cloud,attribute-based Encryption(Attribute-based Encryption,ABE)mechanism is considered to be one of the most promising method to implement access control in the cloud storage system.Many users and multiple authorities coexist and users can join or leave cloud service randomly,so the efficiency and security of user access control and revocation is very important to Cloud security.In the environment of cloud storage,the shared files are usually shared with hierarchical structure according to the different attributes,the files are divided into several grades and located in different access level.There may be a large number of same attributes in different access level,if the different file is encrypted under its own access structure respectively,then the key components corresponding to the same attributes appear in different access strategy should be calculated multiple times,which takes up a lot of storage space and also increases the computational cost.In this paper,we mainly focus on multi-authority attribute-based access control method encryption and revocation and the application in hierarchical files.The main research contents are summarized as follows:1.In order to improve the security and efficiency of data access control under multi-authority environment,in this paper,we propose a multi-authority and Revocable Access Control in Clouds(MARACC),which is an efficient data access control scheme for multi-authority in cloud storage systems.In MARACC,in order to eliminate the security risk introduced by central authority and collusion attack,different attributes authorities and DO generate the attribute-based secret key components respectively.Furthermore,it enables user and attribute revocation respectively,which achieves fine-grained access control.Finally,the security proof is given by using the Decisional Bilinear Diffie-Hellman(DBDH)assumption.The analysis and simulation results show that the scheme we propose is secure and efficient.2.In order to save the cipheretext storage and time cost of encryption and decryption,we proposed a variant of MA-ABE to share the hierarchical files in cloud computing.By integrating different structures into one structure,the files are encrypted with one access structure,the common attributes and the bilinear pairing operation of each common nodes used in multiple access sub-trees of the files should be computed only once instead of many times since each common attribute is appeared in the integrated access structure one time,which leading to the improvement of encryption and decryption efficiency.3.A system for Multi-authority ABE is designed and developed.It verifies and validates the effectives of the proposed method in the thesis.