| With the rapid development of cloud computing,more and more people store their data in the cloud.Considering the security and privacy issues of data storage in the cloud,data encryption is crucial.However,the availability of encrypted data becomes a problem for users.Searchable encryption is an important technology to realize ciphertext retrieval on the cloud.However,current searchable encryption schemes are mostly limited to data exclusive scenarios and cannot meet the needs of multi-user data sharing in the cloud environment.Therefore,from the perspective of multi-user searchable data sharing requirements,this paper conducts in-depth research on existing schemes,considers different users' data search scenarios,and designs searchable encryption schemes that are more in line with the cloud computing environment and has a practical significance for data sharing scenarios.The specific research content is as follows:1.Aiming at the problem of access control,key management,and inefficiency in the existing multi-user searchable encryption scheme,taking into account the user's autonomous authorization scenario requirements,this paper constructs an efficient user-authorized data sharing searchable encryption scheme.The scheme uses the cloud server as a user manager to manage the key of the system user.Data users generate trapdoors through their own private keys,eliminating the need to search for key shares,reducing the potential risk of key leakage and enabling a search token to complete searches in all documents.The scheme combines identity-based broadcast encryption technology and user identity authorization lists to achieve dual access control for user-independent authorization.The data owner only needs to encrypt the shared document once and the size of the ciphertext is fixed,and it is not necessary to distribute the decryption key online,thereby realizing the high efficiency of data sharing.Users save a pair of private keys to complete system file sharing and access,simplifying the user's key management.Through analysis,the security of the scheme is proved.At the same time,the efficiency and performance of the scheme are analyzed and compared.It shows that the scheme is suitable for multi-user searchable autonomous authorized data sharing scenarios.2.For the user's dynamic management in the multi-user searchable encryption scheme,combined with the scene requirements for fine-grained user access,this paper analyzes the security risks caused by user revocation.Based on the previous scheme,the paper proposes a fine-grained authorization-revocable data sharing searchable encryption scheme.The scheme implements the fine-grained function of revoking user access rights,and the data sharer can autonomously decide to revoke the user's access to a specific document without affecting the user's search for other authorized documents.The dual revocation mechanism was implemented by updating the authorization list and ciphertext to ensure the confidentiality of the data.At the same time,unrevoked users do not need to update keys.The cancellation process is outsourced to the cloud server,reducing the local overhead of the data owner.Through comparison with existing schemes,it is shown that our scheme effectively solves the problem of dynamic revocation of user access rights. |
PDF Full Text Request