Research On Access Control Model For Cloud Storage

Cloud storage is a new popular network storage technology that has characteristics such as huge storage space, convenient data access and high reliability. In the cloud stor age system, it’s convenient for data providers to store data and data users to access data whenever and anywhere with terminals connected to the cloud storage servers. However , with the wide application of the cloud storage technology, data security issues graduall y become one of the most important problems to be solved. Perfect data access control mechanism design is an important means to ensure data security.Firstly, ABE(Attribute Based Encryption) achieve fine-grained ciphertext access control. This paper research on the application of ABE,KP-ABE (Key-Policy ABE) and CP-ABE (Ciphertext-Policy ABE) in cloud, classify the related work:multi-authority ABE focus on the security improving of key management, shorten authority’s response time; research on mobile cloud access control model focus on the problem of reduce user’s computation cost; proxy re-encryption give a good solution to the problem of user revocation.According to the analysis of above models, present the model of certificate ABE access control scheme, mask the messageto achieve the secure encryption and decryption outsource; Improve access tree, achieve multi privileges control in a single tree, prevent from the access request that beyond the user’s authority; for the big data, present the data partition access control model, in which the data is partitioned into several blocks, each block can be computed and transmitted independently, the model improve system efficiency, shorten users’waiting time. Analysis the security of algorithm in this model, prove that the access control can’t be break through by adversary, so the model provide security protect for cloud storage data. Evaluation on computation cost, storage cost, and experimental results show that the model is highly efficiency.Finally, the cloud storage prototype system based on above access control model is achieved, analysis the system function and security demand in detail, design function of each sub module, introduce the operation process. Achieve the cloud storage system based on ciphertext data, to provide better protect for data confidentiality and users’ privacy information. We also provide highly efficiency for the storage of big data.