The Attribute-role-based Access Control Research On Smart Grid Cloud Storage

Whether considering the development demand of environmental protection, energy conservation, sustainable development, economic, or considering the development of the Smart Grid itself, it is an inevitable trend in the future that the traditional power grid will turn into the Smart Grid. With the application of intelligent schedule, intelligent power transmission, intelligent power distribution, etc., the distributed, massive, complex data grows explosively, which put forward higher requirement for data processing and storage. Since Cloud Computing has advantages of huge data processing amount, flexible scalability, high reliability and higher equipment utilization, it not only can solve the massive data processing and storage problems of Smart Grid, but also can guarantee the safe and reliable operation, system protection, data disaster recovery and so on in Smart Grid, which will greatly promote the development process of Smart Grid.The power system is a multivariate heterogeneous information system which exchanges data frequently and complexly. After migrating to the cloud platform, the power system has to face much more user sources; without physical isolation limit of access data, data security threats would increase greatly. How to ensure business systems accessing data in security; how to ensure that only legitimate authorized users have access to the relevant data; how to protect the confidentiality and integrity of datas; these access control problems should be solved in Smart Grid. Smart Grid cloud storage access control model is the premise element of building a security intelligent cloud. Only the systemic perfect access control model can provide security storage and reasonable access of Smart Grid’s data on cloud platform, can ensure the safety normal data exchange between the various business systems, and can protect the confidentiality and integrity of Smart Grid sensitive data and confidential data, hence ensuring the safe operation of whole Smart Grid.To solve security issues of Smart Grid cloud storage, the access control model should consider the characteristics of Smart Grid and cloud storage, and should be able to effectively control the fine-grained access of distributed complex environments and limit the different level data read and write behavior in cloud storage, thus finally achieving the goal of safeguarding Smart Grid data storage security. Considering data storage characteristics and security requirements of Smart Grid, an attribute-role-based access control scheme for Smart Grid cloud storage is proposed in this thesis. This thesis establishes privilege roles and assigning attributes set to the roles. On the basis of CP-ABE encryption scheme, this thesis makes an improvement on decrypting authority ciphertext by using role attributes instead of using user attributes, which separates users and permissions logically, thus guaranteeing that the user can not obtain operating authority before being granted the privilege role. Operating authority is encrypted by the access structure, the privilege role only meeting access control policies can decrypt the ciphertext. Besides, on the basis of the original CP-ABE encryption scheme, this scheme makes an improvement on AES parallel encryption, which enhances the efficiency of data encryption greatly, thus making system real-time higher.