Research On Application Of Attribute-Based Cryptography In Cloud Computing Environment

Aiming at the requirement of computing resource intensification and professionalization, the IT industry proposed the concept of cloud computing. Cloud computing is a computing model of dynamically searching virtual resources and providing them to user as service through Internet, which is based on virtualization, parallel and distributed computing, utility computing, and service-oriented architecture. With the development and popularization of the cloud computing, data security issues in this model attracts the attention gradually. Users have to outsource their data to the cloud, where is beyond their control. Besides, cloud service providers are not fully trustable. This service model put forward new requirement of data protection. Cryptography is a powerful tool for data protecting. However, owing to the complication of key management and one-to-one work mode, the traditional cryptography can not adapt to the needs of the cloud computing environment. Attribute-Based Encryption is an advanced cryptography, which is an ideal method to guarantee the security of data under cloud. This paper research on the application of Attribute-Based Encryption in cloud, which include the following aspects:1. Utilizing Identity-Based Cryptography, this paper designs an bidirectional identity authentication scheme between user and cloud service provider. Authentication between user and the cloud is a basic premise of legal access to cloud service. Because of the huge number of users and services in the cloud, the authentication mechanism must be efficient. Meanwhile, because of the openness, authentication mechanism needs to have the ability of protecting the cloud service provider from DoS attack. This paper proposes an efficient identity-based signcryption scheme. Based on the signcryption schme, this paper proposes a secure authentication mechanism with scheme against DoS attack.2. VoD is a typical application in the cloud. Based on Key-Policy Attribute-Based Encryption, this paper proposes an efficient access control scheme for VoD application. Without reliability on the trustability of the server, this scheme could guarantee that VoD service is available only to the authorized users, while unavailable to the unauthorized users and cloud service providers. This scheme also could cope with user registration, revoking and updating efficiently. Full logical access policy is also supported, which facilitates the description of access control policy. Both the theoretical analysis and the experimental results show that our proposal is efficient for VoD application under cloud environment.3. Utilizing Ciphertext-Policy Attribute-Based Encryption, this paper designs a secure data sharing mechanism for social network. The social network is also a typical application in cloud. Due to the large number of user's sensitive information in this application, it is necessary to attach importance to data security and privacy protection. In our scheme, data owners have to encrypt the data before uploading, which could prevent the social network service providers and cloud service providers from leaking the data. Besides, when encrypting the data, data owner could specify the access policy. The mechanism designed in this paper supports arbitrary attribute value, which facilitates the description of user attribute, reduces the number of public parameters in the system, improves the efficiency of system management. Moreover, this scheme also supports dynamic membership. Theoretical analysis shows that our scheme could guarantee the safety of sharing data in social network effectively.