| As the continuous development of cloud computing technology, cloud data security issueshave become increasingly prominent. Especially the protection of data privacy is among themost concerning problem. Access control in cloud computing is the effective measures to protectthe user’s privacy data, whose core is key management and encryption mechanism.This paper proposed a novel access control model named for a cloud computing environment---mutiple anthority and hierarchical attribute-based encryption(MAH-ABE). This model can notonly provide efficient and flexible access control strategy in a complex and changingenvironment of cloud computiong, but alse can provide privacy data protection. We focus on theprinciple of ABE encryption algorithm and do algorithms improve of the three models ofattributes allocation, multi-authorities authorized and attributes revocation. The main work is asfollows:1. The characteristics of the user’s identity information is expressed as a series of hierarchicalset of attributes.When decrypting, the access control policy can selectively restrict theattributes from the same set or across multiple sets,Which both enhance data security andprivacy, and the continuation of the structural flexibility of access control.2. Hierarchical attributes set are managered by multiple hierarchical authorities in order toreduce risk. Also,it lighten the workload of a single authority and prevent authorities fromcollision attack.3. In order to adapt to the complex characteristics of cloud computering enviroment,dynamicaccess control strategy, the dynamic attribute key distribution mechanism and revocationmechanism is established.4. Based on the CP-ABE encryption algorithm, a specific access control algorithm is achieved.Simulation of part of the algorithm,performance analysis, complexity analysis and proof ofsecurity are also given. |
PDF Full Text Request