The Research On The Access Control Technology Based On Multi-Authority ABE In Cloud Storage

With the rapid development and popularization of cloud computing and cloud storage,its security performance has attracted much attention.In particular,therefore,how to ensure the security of data information in the cloud storage environment and achieve fine-grained,flexible access policies are key issues that need to be resolved in the field of cloud security.In order to solve these problems,this paper takes the data sharing system under the multi-agent coexistence environment in cloud storage as the research object,adopts the attribute-based encryption(ABE,Attribute-based Encryption)method,and studies the multi-agent data encryption and rights management methods.The distributed multi-agent attribute encryption scheme(DMA,Decentralized Multi-Authority ABE)and user authority revocation methods enable secure data encryption and sharing and efficient revoke of permissions in cloud storage.The content of this research mainly includes the following aspects:Firstly,the research background and research status of attribute-based encryption are briefly introduced.The multi-subject attribute-based encryption scheme and attribute revocation mechanism are studied and analyzed in depth.It compares and summarizes the performance,advantages,and disadvantages of existing solutions.Secondly,a new cryptographic access control scheme DMA based on multi-authorized organization ABE is proposed for the security threats of single-authorized organization and central authority(CA)in attribute-based encryption.By establishing a decentralized authorization structure,each part of the key component is generated by the attribute authority(AA)and the data owner(DO,Data Owner),eliminating the security risks introduced by the CA and preventing users and authorizations.Joint attacks between agencies.Using the bilinear decision Diffie-Hellman(DBDH)hypothesis and experimental verification,the safety and effectiveness of the scheme are verified from the theoretical analysis and the implementation perspective.Thirdly,an efficient property revocation and user revocation scheme is proposed for the rights management of the DMA scheme.The scheme can implement fine-grained access control and authority revocation.Under the premise of guaranteeing data security,most of the simple operations are transferred to the CSP side by introducing proxy re-encrypt ion,which greatly reduces the computational cost of the data owner and minimizes the participation and workload of AA in privilege revoked.Finally,it is experimentally verified that the proposed method has higher efficiency in attribute revocation and user revocation compared with similar algorithms.At the same time,this solution can achieve data confidentiality,resist joint attacks,and provide forward and backward security.