Research On Attribute Encryption Algorithm For Cloud Storage Access Control

With the rapid development of cloud computing technologies,cloud storage has become a new type of storage model and is commonly used in the fields of enterprises and individuals.However,when the data is stored by the cloud server,the data owner will lose the authority to manage the data,which may cause a malicious or unauthorized user to access or modify the sensitive data in some way.Although access control technology can effectively protect the privacy of users and data,traditional access control methods are difficult to directly apply to cloud computing environments.The research shows that the Attribute-Based Encryption(ABE),as a new novel public-key encryption algorithm,is suitable for the construction of access control schemes in cloud computing environment.The access control scheme based on this algorithm is very expressive and can implement fine-grained access control on data.It is one of the important technologies to deal with data security problems in cloud computing environment.At present,the problems of access control schemes based on attribute encryption mainly focus on the following aspects.Firstly,the calculation of the permission revocation and the large cost of communication.Because of the dynamic changes of the access policy and the revocation of the privileges,the dependency change or attributes will increase the difficulty of the design of the revocation mechanism,and the overall performance of the scheme supporting the revocation is poor.Secondly,the access policies leak privacy issues.Access policies embody the privacy of the data owner.Sometimes the access policy itself may be sensitive information,and it also brings about the leakage of user and data privacy.Thirdly,the key is abused and it is difficult to blame the problem.Because the user key is only related to its own set of attributes,regardless of the determined identity information,the user identity cannot be accurately traced.In addition,private key generation centers may also authorize illegally.Therefore,the difficulty in preventing the misuse of the key lies in the inability to ascertain which user or private key generation center is responsible.In view of the above issues,this article has conducted in-depth research on abebased access control solutions.The main work includes the following parts.(1)First,we propose a more efficient and fine-grained access control scheme.In the encryption process,an attribute user group random key distribution method is constructed,the user revocation is converted into a fine-grained revocation of the attribute level,and the dual encryption is realized in combination with the phase encryption.Since data is stored in the form of ciphertext in the cloud server,the security restrictions on the cloud server can be relaxed,and most of the re-encryption tasks can be performed using its computing power.Compared with other typical schemes in terms of performance,it is proved that this scheme has obvious advantages when the authority is revoked,and the access strategy has more abundant expression capabilities.(2)Second,an outsourced encryption scheme with more efficient hidden access strategy is proposed.In the encryption process,the value of the attribute is generalized.By hiding some of the subset values,the effective ciphertext and the ineffective ciphertext are indistinguishable,thereby achieving the hidden access strategy without excessively increasing the system computation overhead.purpose.In addition,outsourcing the decryption of ciphertext calculations reduces the computational burden on the user side,greatly improves the decryption efficiency,and is more practical and effective in the actual scenario.(3)Finally,based on the previous plan,we propose a signature-authenticated traceable attribute encryption scheme.The innovation of this solution is to meet the requirements of security and traceability of key management in cloud computing environment.The signature authentication protocol guarantees the unforgeability of the identity signature in the user key,and is used to disclose the disclosure of the identity.The identity of the key person performs effective tracking and can verify and judge the responsible party of the key leakage.