| As a new service model,cloud computing attracts more and more people's attention for its high efficiency and low cost.However,a series of privacy data leakage events occurred due to the openness and resource sharing of cloud computing and lots of people are skeptical about the security of sharing data in cloud computing,therefore privacy issues become more important.The work of the privacy protection for sharing data in cloud computing platform is of great significance to the application and popularization of cloud computing,which can guarantee the security of data storage,data sharing and user revocation process in cloud computing and reduce the security risks faced by data sharing in the cloud computing environment.In view of the security problem of sharing data in cloud computing,this paper's approach of privacy protection is introduced as the three follows.1)When the data owner stores the shared data in a cloud,the cloud service provider leaks the shared data for some reason,which causes the attacker obtains all the original shared data without authorization.Therefore,this paper proposes a decentralized storage strategy.According to the trust dispersion strategy,the uploaded raw data is split into dynamic data and static data.The encrypted data is encrypted by different algorithm and stored in different cloud servers so that even if one party leaks,the attacker can not obtain the complete data,which reduces the risk of data leakage.2)In the process of data sharing,the ciphertext of dynamic data changes frequently.In order to meet the requirements of efficiency and security more than static data,a flexible and efficient dynamic data encryption scheme is proposed.The unique global identity is assigned to each user's attribute set,which make each user's attribute set become unique and solve the problem of collusion attack.In order to improve the encryption efficiency of dynamic data,this paper adopts the relatively fixed length ciphertext by the method of aggregating the public key related to the access attribute and unified encryption with the user's private key component.3)As the users of data sharing in cloud computing are dynamically changing,it is important to ensure the backward security of user revocation for data security sharing.Therefore,the real-time ciphertext attribute revocation scheme is proposed.The trusted third party generates a key component with a global identity for the attribute set that satisfies the ciphertext access structure and the user private key by combining the key component.When the revocation occurs,the key component of the revocation of user's attribute is updated and distributed to other users who have the same attributes.At the same time,the corresponding re-encryption key is generated to re-encrypt the ciphertext in cloud,thus the real-time ciphertext attribute is revoked. |
PDF Full Text Request