Research Of Access Control Mechanisms Based On Ciphertext Policy Attribute-based Encryption In Cloud Storage

The conception of storage as a service gradually penetrated deep into the hunmanmind, cloud storage that is regarded as development and extension of cloud computinghas develop drapidly. Cloud storage, which is the fire-new storage sevice mode,integrates storage resources on a large scale effectively and provides the user with thestorage in the form of sevice. Cloud storage realizes rational data storage and efficientdata management, reduces the burdens of the user for data storage and management,andlowers the user’s cost at the same time.With the sevice and research of cloud storage going deep gradually, theapplications such as govenment department and enterprise data outsourcing sevicebecome the important component part of cloud storage application. But in the sevice ofcloud storage, data storage lies in the third party, and the user accesses data through thenetwork, confidentiality data storage becomes bottleneck that restricts the developmentof cloud storage. At present, the security of cloud storage has become one of the crucialproblem of cloud storage. How to solve the security threat of user data in thetransmission and storage becomes the important issuse that cloud storage has to face.The thesis studies cloud storage and its security problem and intrduces the solutionto current scurity problem of cloud storage. The thesis combines practical applicationenvironment such as data outsourcing sevice to construct experimental system of cloudstorage, and to briefly summarize cloud storage sevice model of current dataoutsourcing. The main work of thesis is to put forward the solution to the securityproblem of data that is exposed in the transmission and storage according to data featureof data outsourcing and to improve the generality and security of existing cloud storagescheme.The thesis designs and realizes cloud storage access control system based onciphertext policy attribute-based encryption. The scheme fully combines therequirement of the govenment department and enterprise data outsourcing sevice withthe characteristics of cloud storage, and analyses the concrete frame of the model,exsisting security problems and solution. This scheme adopts static encryption method.Data adopts symmetrical encryption. The data key adopts ciphertext policyattribute-based encryption. The scheme stores the data ciphertext in the sevice center ofcloud storage, realizes the user’s access control to data by controlling user decryptioncaptability, and at the same time brings in hierarchical access control to improve theenfficiency of data encryption. The scheme combines proxy re-encryption, whichdelegates most of re-encryption work to cloud storage servers at the time of the datarevocation, reduces the user’s burden, and makes the comprihensive analysis to key problem such as storage, distrbution, revocation, destroy, and comes up with rationalsolution. Through the design, realization and experiment of the systemic model, theresult demonstrates that this system can protect tansmission and storage of user sensitivedata well on the cloud storage platform of e-government and e-commerce, increase theefficiency greatly at the same time, and reduce the user’s burden of managing andstoring data on the platform of cloud storage.