| Cloud Computing is a new computing paradigm that has received widespread attention andsupport from both IT industry and academia. The benefits of cloud computing, including reducedcosts and capital expenditures, promote the development of relevant theories and technologies. Aspromising as it is, cloud computing is also facing many challenges especially data security andprivacy protection.First, this thesis compares and analyzes critical techonologies of cloud computing security andaccess control methods in cloud storage, thus summarizes the key points and nodi of the subject.Then the thesis proposes two schemes to achieve practicable access control of encrypted data inuntrusted environment. The first scheme is an attribute-based access control scheme withconstant-size ciphertext and hierarchical authorities. The scheme is efficient because of theconstant-size ciphertext and computation cost in encryption and decryption algorithms. Furthermorethe hierarchical authorization structure which reduces the burden and risk in the case of one singleauthority makes it scalable. The thesis also proves that the scheme is of CCA2security under thedecisional q-Bilinear Diffie-Hellman Exponent assumption and lastly analyzes its performance. Thesecond scheme proposes a distributed authorizatioin structure which avoids the securityvulnerability caused by central authority. It expands and optimizes a constant-size ciphertesxtCP-ABE algorithm to adapt to the distributed authorization structure. In addition, the improvedscheme enhances the efficiency of system further with effective permission update. At last, thethesis implements two simulation systems and the performance of the systems demonstrates theadvantages of both schemes. |
PDF Full Text Request