Application Research Based On CP-ABE Cloud Storage Access Control Technology

In recent years,cloud computing has been rapid development,the applications of cloud storage are more extensive.However,at present,there are mainly the following security issues in the cloud service: user identity privacy protection and data security storage issues in the cloud platform,which cause users to worry about cloud service security issues.In addition,cloud service providers often suffer from system vulnerabilities or other issues,which lead to the disclosure of the user's private data.So users are afraid to use cloud storage.Therefore,how to protect the security of user data has become a hot issue for cloud storage researchers.At present,the important research direction of protecting data resources in cloud storage is data access control.Attribute-based access control technology becomes a hot spot to solve cloud storage resource access control.In this thesis,firstly,an access control scheme of constant-size key and ciphertext is given.This scheme is based on the difficulty of traditional RSA algorithm.To minimize the use of bilinear operations,this thesis uses the access structure of the AND gate.The scheme abandons the idea of using the symmetric key to encrypt the plain text by using the Exclusive OR operation.So the scheme realizes the encryption operation and user revocation function of constant-size key and ciphertext.And the encryption and decryption overheads are relatively small,which is suitable for a scenario that a mobile portable device is used to access cloud storage resources.Next,in order to solve the complexity of user and attribute revocation and the instability of a single authorization center,attribute-based access control scheme is improved once again on the basis of the previous innovation point,which realizes the multi-attribute authorization centers with users and attribute revocation.The access control scheme of the authorization center manages the system attributes.Each attribute authorization center does not interfere with each other.The version number is used to control the withdrawal of attributes,and the scheme can be effective to solve the collusion attack.Comparing with other comprehensive access control programs,the overall function of the program have been optimized for lightweight device access control.