| In recent years,the development trend of cloud computing is attracting more and more attention,and the number of users is increasing.It is considered as the third revolution after the microcomputer.Cloud Computing: the "network" as the center,through the link the hardware and software resources in different geographical locations and shielding the heterogeneity of the underlying resources.Cloud computing has brought cloud security issues with the same time of rapid growth.At present,cloud security has become the bottleneck of cloud computing in the cloud environment.One of the most critical cloud security problems is access control problem.At present,the most effective technical methods to the traditional access control technology and the expansion of the password technology,to further solve the new needs of cloud security.Some scholars put forward the attribute encryption mechanism(CP-ABE)based on ciphertext policy.The algorithm has the characteristics of flexibility,high efficiency,dynamic,privacy and so on.However,in the process of CP-ABE application to the actual project,the existing attribute encryption scheme has a distance from the actual change in access policy flexibility and efficiency.In this paper,we focus on the research of access control mechanism based on attribute encryption:(1)Ciphertext strategy of access control scheme based on attributes while provides the dual authentication mechanism,to a certain extent,make sure the safety of the cloud data server,but when the cloud server outage or fallen,will cause the key leak,will cause the collusion attack of illegal users.In this paper,on the basis of basing on trusted third party,by introducing more authority center,private key by each authority distribution properties,effectively prevent the illegal user collusion attack,thus to further enhance the security of the cloud data,and effectively solves the problems such as the user key management and distribution,the load is too large.(2)In order to solve the problem of high cost of dynamic change of attribute based ciphertext policy in cloud environment,this paper introduces the concept of fusion attributes,and proposes a policy based access control scheme.The scheme uses the existing access control scheme based on the properties of the ciphertext,by ordinary tree access structure into SAS access structure tree;then SAS tree access structure,attributes and high frequency together.In this paper,the number of terminal nodes in the access tree is effectively reduced,thus effectively reducing the burden of updating the data owner.(3)Through theoretical analysis and the related experiment shows that the number of attributes is an important time performance indicators measure the ciphertext is encrypted,and proves that the above scheme is put forward,on the one hand,can effectively reduce the computational cost of strategy property changes when the user,on the other hand,effectivelyprotect the security of data in cloud environment and fine-grained access control,and reduce the load of the data owner... |
PDF Full Text Request