Research On Privacy Preserving Mechanism Of Searchable Attribute-based Encryption In Cloud Storage

In the era of cloud computing and big data,cloud storage services as an emerging data management technology develops rapidly and achieves the management and sharing of massive data resources.It not only saves data management costs for users,but also prov ides better redundancy backup and data recovery for users' data management technically.But the separation of users and data in the cloud storage system brings new security threats,and the frequent information leakage has triggered the trust crisis of clo ud storage service.The privacy preserving gradually becomes the core issue in cloud storage research.Research on attribute-based encryption cloud storage system has been relatively mature,but the cloud storage system with single encryption mechanism is unable to meet the users' new demands.More and more experts and scholars begin to propose the cloud storage system with hybrid encryption mechanism to improve system functions and on this basis establish a more robust privacy protection mechanis m.In order to achieve both access control and ciphertext search operations,the searchable encryption technology is introduced into the current attribute-based encryption cloud storage system,which can achieve searchable attribute-based encrypted cloud storage system.However,the current hybrid encryption systems still have the problems of privacy disclosure such as the leak of attribute information,identity information disclosure,and data breaches in the cloud.First of all,this paper takes the typical cloud s torage system as research objects and divides the issue of privacy into three categories: content privacy,identity privacy and attribute privacy.Then we generalize the privacy protection mechanism of attribute-based encryption cloud storage system from a spects of participating entities and revocation mechanism.By analyzing and comparing,we discover the deficiencies in the current privacy preserving mechanism and point out the direction of further research in the future.Secondly,aiming at the problem t hat the ciphertext can't be searched in the CP-ABE cloud storage scheme,the public key encryption with keyword search was introduced in the ciphertext-policy attribute-based encryption scheme of multiple authorities to propose a searchable CP-ABE privacy-preserving scheme.We optimize the system structure of hybrid encryption scheme,which achieves the access control of users' search permissions and improves the privacy protection mechanism protecting the search privacy and attribute privacy of system users.In order to improve the practicability of the system,the direct revocation mechanism is added to the system realizing the revocation of users.Based on the DBDH assumption,we prove the scheme's s ecurity in the random oracle model.Finally,for the sake of promoting cloud storage application into the enterprise,we put forward a cloud storage scheme which is suitable for enterprise internal data sharing.We combined the key-policy attribute-based encryption,the public key encryption with keyword search and fully homomorphic encryption over integers to implement a hybrid encryption cloud storage scheme.The scheme supports the direct revocation of users.The hybrid cloud structure composed by public cloud and private cloud improves the security of the syste m,which not only protects the privacy of attribute information and identity information but also realizes the pre-decryption for users reducing the decryption overhead of users.The analysis shows that our scheme is more secure and practical.