Research On Fine-Grained Access Control In Mobile Cloud

With the rapid development of mobile internet technology,intelligent terminals of different types and functions grow exponentially.Because of their limited battery capacity,relatively insufficient storage space and weak computing capabilities,they always come across some dilemmas.Therefore,the new technology is urgently needed to resolve the current problems.Mobile Cloud Computing inherits the advantages of mobile networks and cloud computing,which can effectively reduce the computing and storage overhead of mobile and intelligent terminals.However,there are many security issues to be handled in mobile cloud computing,and one of the problems is about data security.Safe and reliable access control mechanism is an important approach to ensure data security.In this paper,we study the access control mechanism in mobile cloud environment based on Attribute Based Encryption(ABE).The two objects in ABE,namely,ciphertext and decryption key,and the two processes,encryption and decryption,are the main research content.For different security requirements in mobile cloud environment,three access control schemes are proposed to form a complete set of access control solutions.First,a multi-conditional access control scheme based on ABE is proposed.In a mobile cloud environment,users can frequently operate data anytime and anywhere.In the traditional solution,there is a defect that an access policy is bound once.Aimed at this problem,a multi-conditional attribute encryption scheme based on CP-ABE is proposed to enhance the ability to express the access policy.End-users are allowed to add or remove their own access policies and specify the conditions.Secondly,a traceable access control scheme supporting the key delegation and the ciphertext delegation is proposed.In view of the problem of illegal users in the mobile cloud environment being difficult to trace back,the traceability is added to the original scheme,which effectively traverses the keys that can not be distinguished and reduces the possibility of illegal operation by users.This allows the system to efficiently allocate keys to users and effectively prevent illegal key delegation on the user side.In addition,users can flexibly change access policies to improve system efficiency and increase system flexibility.Finally,a reliable and secure collaborative CP-ABE is proposed.Aiming at the characteristics of the users in the mobile cloud,we make full use of the limited computational power of the mobile terminal to disperse the computational overhead and improve the encryption efficiency on the user side without hiring additional servers.In the encryption process,to achieve the purpose of privacy protection,the crucial access control information is hidden by bloom filter.In addition,it provides a complete verifiable decryption outsourcing method,the encryption and decryption overhead are dispersed and transferred.For each scheme,security analysis and the necessary game proofs are provided,detailing the types of attacks that can be defeated.Through the simulation experiment,this paper clearly demonstrated the performance and efficiency of the three schemes.The next step is to design and develop a complete mobile cloud access control system based on the three scenarios mentioned.