| Due to the development of Internet of Things technology and mobile computing technology,more and more data is generated from various sources(smart phones,sensors,social networks,etc.).For these data,traditional computer systems cannot be stored and processed on a large scale.Because of its flexible and flexible computing resources,cloud computing is naturally suitable for storing and processing big data.Through cloud computing,users can post their own information data(such as photos,audio,video,etc.)online,and share this information with other users through the cloud server.After the user uploads the data information to the cloud server,the cloud data has exceeded the user's expected level of control.More importantly,cloud servers are not fully trusted by users,which makes access control more challenging.Attribute-based big data access control plays an important role in protecting private data and preventing sensitive information from leaking.However,in the face of the current PB-level data volume and complex and variable attribute environment,the access control model cannot guarantee that the access policy is not leaked.In response to this problem,this paper proposes an attribute encryption scheme based on policy update.The innovations are as follows:(1)Policy update: The random number sequence is used to exchange the row elements and the column elements of the policy matrix respectively to ensure that the policy attribute matrix of the user is different each time,which reduces the probability of the access policy leakage,thereby effectively protecting the user's privacy.(2)The single-authorization center work in the traditional CP-ABE solution is transformed into multiple authorization centers,and since the authorization center is completely trusted,there is no need to worry about the authorization center being attacked or damaged.(3)Attribute filter: The encryption stage builds the attribute Bloom filter,which binds the attributes involved in the access policy and their corresponding line numbers to the access matrix;when the data visitor decrypts the data,it should first run the ABF query subroutine.Check if the attributes they have are in the access matrix and then decrypt the ciphertext based on the decrypted mapping function.(4)In addition,the strategy update algorithm proposed in this paper is deployed on the cloud server,which does not require data visitors to have redundant data overhead,which saves time and avoids excessive communication overhead.Finally,through the comparison of theoretical analysis and simulation experiments,it is concluded that the proposed scheme can meet the needs of protecting user privacy in big data environment. |
PDF Full Text Request