Research Of Attribute-based Encryption Schemes Based On Shared Sub-policy In Cloud Computing

With the rapid development of information technology,cloud computing has attracted extensive attention from academia and industry because of its advantages of providing users with available,convenient,and on-demand network services.The data sharing in cloud computing provides many convenient conditions for users to store and access data.More and more users utilize cloud storage platform to share their data.Therefore,cloud data sharing has a huge application and commercial prospect.Although cloud computing has brought great convenience to our lives,the data uploaded by users to the cloud is managed by cloud service providers,resulting in the separation of ownership and management of data.Driven by the interests,hackers,malicious users,and even cloud service providers themselves may try their best to obtain user data which have tremendous value.Therefore,how to provide efficient data sharing services while protecting the data in the cloud storage platform is the most one of the challenges.Attribute-based encryption(ABE)is a promising encryption technology that successfully solves the above challenge.Compared with traditional public key cryptography and identity-based encryption,ABE describes the user or ciphertext through attributes.First,the encryptor does not need to know the user's public key or identity information when encrypting the data:secondly,ABE can support fine-grained,flexible access control while providing confidentiality and integrity of data.This paper systematically analyzes the research status of ABE in cloud computing.Under the premise of ensuring user data security,this paper studies how to improve the efficiency of the schemes and enhance the applicability of the schemes and other issues.Then several safe and efficient ABE schemes for various complex application scenarios in the cloud environment are proposed.Specifically,the main work and innovation of this paper are as follows:(1)The ciphertext policy attribute-based encryption scheme based on shared sub-policy is proposed for the application scenario in which the access control policies corresponding to multiple files shared by the data owner have a shared sub-policy.This scheme is different from other ABE schemes where the node polynomial is constructed from the root node of the access control tree.This scheme starts with the root node of the shared sub-policy.By combining different access control trees,unified attribute-based encryption can be realized.Repeated encryption steps are avoided,it is reducing overall encryption time.Simulation experiments show that compared with the existing scheme,this scheme reduces the encryption calculation overhead and improves the encryption efficiency.(2)A multi-level privilege attribute-based access control scheme based on shared sub-policy is proposed for the application scenario that the data owner has the requirement of multi-level access control for multiple encrypted files.The scheme realizes the multi-level file joint encryption of the same data owner,and also supports the unified encryption and decryption of the same-level files of different data owners,thereby reducing the total encryption time and the average decryption time of the user.Simulation experiments show that the scheme reduces the encryption and decryption calculation overhead compared with the existing scheme.So the scheme improves the overall efficiency of the access control.(3)For the application scenario where the attribute of the user and the file needs to have the attribute weight,a weighted ABE scheme based on shared sub-policy is proposed.The scheme assigns weights according to the importance of each attribute in the system,reflecting the importance of the attributes.At the same time,the scheme combines the encryption processes of different data owners with the shared weighted access sub-policy,so that reducing the total encryption time of the data owner.Simulation experiments show that the proposed scheme effectively improves the overall encryption efficiency of the system compared with the existing scheme.(4)A multi-authoritative attribute set encryption scheme based on shared sub-policy is proposed for the application scenarios that needs to support multi-authority and attribute set encryption.The program supports multiple authorities,and a central attribute authority manages attributes of data owners and users in the system along with other domain authorities.At the same time,unified attribute encryption is implemented,and attribute set encryption is used to apply to complex application scenarios in cloud computing.Analysis shows that the scheme has better encryption efficiency.