Resarch On Cloud Storage Access Control From Authorization Center

With the rapid development of the cloud computing and big data technology,the Internet field has stepped into a new era.Under the background that industry developing centers on the cloud computing and big data,the cloud storage technology is also developing quietly.While most users' demand for date sharing is higher and higher,data security,privacy security and access efficiency have become a prominent problem that prevent data from sharing.Therefore,handling the problem of existing data security,privacy security,access efficiency and open accountability demands designing a access control scheme that is suitable for large-scale network systems urgently.Nowadays,most multi-authority attribute-based encryption access control schemes let certificate authority participate in sharing and managing private keys.However,it is hard to find a certificate authority(CA)that is reliable for all users and the security of system will break down if the certificate authority is broken through,which means that this pattern has serious hidden trouble about safety.In large-scale network system,the operating load of CA will be higher and higher and CA may have a risk of breaking down as the number of users and attribute authority(AA)is increasing,influencing the operating efficiency of the system and preventing the system from performing well.What' s more,in attribute-based encryption(ABE)system a attribute collection may be owned by more than one user,which means that a couple of users can use one same private key to decrypt.But the safety problem that people dare to benefit from sharing their private keys illegally still survive.In order to handle the problems like access efficiency and abusing private keys of multi-authority attribute-based encryption access control scheme for cloud storage,this paper make the following analyzes:(1)For solving the problem on security and validity of multi-authority attribute-based encryption access control scheme for cloud storage,we propose a multi-authority attribute-based encryption without central authority for access control scheme,in which multiple attribute authority jointly distribute the users' keys by using the distributed key generation protocol.This scheme can support flexible access control policy through linear secret sharing scheme.Furthermore,by introducing proxyre-encryption and decryption outsourcing technology,the majority of computing tasks is entrusted to the cloud server to perform,realizing on-demand attribute revocation and effective reduction of computational overhead for users.(2)To deal with abusing private keys in ABE system and single CA' s security,we put forward the traceably verifiable multi-authority attribute-based encryption scheme that combines signature and linear secret sharing scheme by making users sign on private keys.The new scheme can track the identity of the original owner who lets out the private key,and the mode of multi-central-authority can make the new scheme more suitable for the large-scale networks and solve the security of the single certificate authority.