Design On Attribute-based Access Control Scheme In Cloud Storage

The development of cloud computing becomes faster and faster,it can provide users a wider range capabilities of data processing and sharing,it integrate different storage resources with storage virtualization.Users can access the cloud via a single user interface of the data resource without revealing the physical details of underlying infrastructure.Users can access the data stored on the cloud server through computer or other connected to the Internet intelligent terminal.Cloud computing is an important achievements during the process that information technology is improved to the direction of convergence dimension standardization and specialization,it is considered to be an important development of the IT industry.With the development of the cloud computing and the wide application of cloud computing services,it also exposed many security issues about data storage,the first problem needs to solve about cloud computing services has two sides,such as the safety of cloud users' data stored on the server and the user identity information not to be leaked.The cloud storage has become a kind of important service mode in the cloud computing,users can join or leave at any time as the factor of cloud storage environment,it can change at any time.Therefore,how to realize the access control to the data in cloud storage environment and have access to revoke properties owned by users conveniently safely and timely have become a main aspect of the present study,it is also the research emphasis in this paper.Because more and more providers of Cloud services in Cloud computing(Cloud Service Provider,CSP),and more and more users wait for a characteristic,the existing scheme already cannot satisfy the requirement of data security user required by the users in the Cloud storage and meet the requirement for data cross domain access cipher strategy,access control methods of Cipher strategy based on the properties of Encryption(Ciphertext-Policy Attribute-based Encryption,CP-ABE)and its efficient property cancellation method has become the research emphasis of cloud security.So the emphasis of this article is researching access control method based on authorization(Attribute authorities,AA)in cloud computing and effective Attribute withdrawing.The main research content of this subject is summarized as follows:1.It puts forward an access control method of multi-authority based on the strategy of ciphertext for the safety problems of cross-domain sharing data and access control problem in the cloud storage environment of multi-authority.It uses multiple authorized institution and the generation of properties of the private key and Central certification body(Central Authority,CA)to be separated to reduce the security risks introduced by CA.Definition of ciphertext access control structure and key components production are completed by the data Owner(the Date the Owner,DO)and AA,so it can prevent the attack between the users.AA and CA and the attack between the users and AA.It also analyzes the security of the scheme with his judge.Bilinear Diffie-Hellman(Decision Bilinear Diffie-Hellman,DBDH)hypothesis theory.2.It puts forward an efficient attribute revocation scheme based on the strategy of ciphertext in cloud storage for the problem that it is difficult to revoke attributes about access control scheme of ciphertext strategy.So it can revoke attributes safely and efficiently.It uses the method of asymmetric encryption to encrypt data,when revoking the user's attributes,authorization creates new attribute group version number keys to a cloud storage server to encrypt cipher again,which reduces the computational cost of data owners.3.Because this scheme does not need to update the user private key,it reduces the computation complexity.Through theoretical analysis and experiments,it shows that it has high safety when revoking users' attribute.It also makes some contribute to the reduction of computing cost and communication overhead.