Design And Implementation Of Security Enhanced Cloud Storage Access Control System Based On Attributes

With the rapid development of the technology of the Internet cloud computing,to data storage and sharing for applications and services on behalf of is in the stage of rapid development,due to the service network and the increasingly open and fast,more and more users use cloud storage,network cloud services as data storage and backup tool.In the open network environment,network storage service that third-party service mode exists many security problems,data owners are unable to access the data security control,and present a lot of network storage service take is stored in plain text,and in the physical and logical design,centralized storage node and the central decisionmaking body in the existing technology environment also bear to be concentrated attack possible,for data security and user privacy caused great threat,so need to through some access control measures to ensure that the users of cloud storage of data security and privacy.In this thesis,we design and implement a security enhanced cloud storage access control system which is suitable for cloud storage.The XACML framework and attribute based encryption mechanism together,for the access control in the process of subject abstract attributes set and by the user formulation access control strategy,by the system according to the strategy analysis results of user data of attribute based encryption to protect,encryption will access policies slightly into the access control decision trees into the encryption process,cloud storage for the user to provide a safe,flexible,fine-grained,extensible access control functions.Security analysis and performance test of the system are carried out by the experimental environment.Finally,to verify the scalability and general purpose of the original system,through analyzing the existing problems of the existing micro-blog services,micro-blog public platform access control management prototype system is designed and implemented.Will in the original system of strategy formulation and implementation subsystem expansion for Sina Weibo third party access control applications,microblogging public platform for users to provide a safe,flexible,efficient access control system,the experimental environment.