Attribute-based Outsourcing Access Control Scheme And System In Cloud Computing

Nowadays,application-driven cryptography technology is the mainstream research direction in academia and industry.With the rapid development of information technology,cloud computing has become an important direction for the future information technology.As a basic service of cloud computing,cloud storage can provide approximately infinite storage capacity and computing power.At the same time,mass data needs more and more storage space.And the security of the data stored in the cloud has become the core issue of users.To ensure data security and flexible access control,we require further research the security requirements of cloud storage.So,access control in cloud storage is an important research direction.In this paper,we firstly study the attribute-base encryption scheme(ABE),and provide the efficiency improvement of the ABE scheme.In the application of cloud computing,the mechanism of offline/online and outsourcing computing is provided.At the same time,the flexible and efficient CP-ABE scheme is constructed.Then,the scheme is realized and the access control system in cloud storage is built based on the algorithm in order to verify the correctness and efficiency of the scheme.Finally,the access control system was developed,tested and deployed on the cloud storage platform of the Guangdong Provincial TCM Hospital.And its commercial application value was realized.The specific work has the following aspects:1)In view of the fact that the CP-ABE scheme is inefficient in practical applications,especially in the key generation and data encryption.In this paper,based on the classic CP-ABE scheme proposed by BSW,the key generation and data encryption phase using the offline/online mechanism,and the system resources in the free time period are rationally utilized.It can effectively avoid the wrong operation for the key management center.At the same time,the online / offline mechanism also greatly reduces the computational pressure of data owner in the phase of data encryption.In this paper,the performance comparison and analysis of the classic scheme are also carried out.The results show that the scheme has obvious advantages in key generation and data encryption.2)In this paper,the outsourcing decryption mechanism is introduced.And the flexible and efficient fast CP-ABE scheme is constructed based on the offline/online mechanism used in key generation and data encryption.The scheme realizes the purpose of fast decryption and improves the efficiency of the system.It is particularly suitable for the mobile terminal users with limited computing resources.At the same time,the scheme has been proved and analyzed from two aspects of security and efficiency,and verified by experimental simulation.Compared with the data decryption of the classical CP-ABE,the results show that the efficiency of the end-user in the decryption process is greatly improved.3)In this paper,based on the flexible and efficient fast CP – ABE scheme,combined with the characteristics and deployment environment of the cloud storage platform in Guangdong Province TCM Hospital,the scheme model and system architecture are provided to design the cloud storage access control system.And the proposed access control system is both correct and feasible.4)Under the Windows platform,the cloud storage access control system is developed and implemented by using the Java language.At the same time,the system was deployed to the cloud storage platform of the Guangdong Province TCM Hospital.The system has passed the test and on-line operation,which reflects the commercialization value of the scheme.