Research On Access Control Based On CP-ABE In Cloud Environment

Cloud computing is a very efficient computing model,which has been widely used in the Internet.However,cloud computing has also exposed a lot of security risks.A large number of users will store their information to the cloud server so that they lose the ability to control the information data.Illegal users may obtain data from the cloud server and make unauthorized operations.The access control of the cryptographic mechanism can ensure the confidentiality of the data in the semi-trusted third party cloud server.Attribute-based encryption technology provides fine-grained access control.Data owners can determine the access rights of information,so as to protect the security of data.When CP-ABE access control scheme is used in the cloud environment,the data owner can design their strategies to decide whether the user can access the file information according to whether they have some attributes.The access control scheme based on CP-ABE can effectively protect the privacy of data and security of system.It has very important practical value and research significance in promoting the development of cloud computing.Based on the research of the typical CP-ABE algorithm and the access control in cloud environment,a CP-ABE algorithm which can hide the access policy is proposed,and the correctness and security of the algorithm is verified.The computational complexity of the proposed algorithm is compared with that of the previous algorithms,which shows the superiority of the proposed algorithm.And designing an optimized CP-ABE access control scheme,and simulating the scheme to prove the feasibility of the scheme.The main contents of this paper are as follows:(1)A CP-ABE algorithm which using composite-order bilinear group and hiding access policy is proposed.The access policy is supported by AND gate and Boolean formula with wildcards.The scheme can protect the privacy information of the data owner and the receiver while using the password-based access control method to ensure the data confidentiality.The shortage that the access policy is sent to users with the cipher text,which means that the privacy of the data owner is disclosed,to be overcome.Compared with the previous schemes,this scheme is simple and efficient,reducing the computation,and having good expansibility.(2)According to the typical CP-ABE algorithm under prime-order bilinear group,designing to support two kinds of attribute judgment access trees,and optimizing the decryption algorithm.Compared with typical decryption algorithm,showing that the proposed algorithm has higher efficiency of decryption.Based on this algorithm,a CP-ABE access control scheme is designed,which is suitable for cloud environment and finishes the access control of the information file.