| Recently,the development of cloud computing has been very rapid,and the number of users has doubled.Cloud computing is considered to be the third revolution after the microcomputer and the Internet.With the widespread use of cloud computing,the ensuing cloud security issues constrain its development.At present,there are the following security problems in cloud services: cloud service providers are not completely trusted,and they may access user data because of interest;privacy protection issues for users in the cloud platform and system vulnerabilities of cloud platforms lead to leakage of confidential data of users.The security problem of cloud computing seriously affects its development.How to solve the cloud security problem has become a research hotspot in the scientific community.At present,access control technology is an effective means to solve cloud security problems.The attribute-based encryption(ABE)scheme extended by the base attribute access control is widely used in the cloud environment.In the CP-ABE scheme,legitimate users in the system are given certain attributes when registering,and the data belongs to the owner.An access policy is formulated based on system attributes and can only be decrypted if the user attribute satisfies the access policy.Applying the CP-ABE solution to the cloud environment effectively protects the confidentiality and security of the data.However,the traditional CP-ABE solution has many problems,among which the single authorization center leads to low cloud environment load rate,low fault tolerance and system bottleneck problem;the dynamic nature of the cloud environment causes user attributes to change frequently,resulting in user attribute revocation.The problem;and its heavy computational overhead,the CP-ABE solution cannot be directly applied to resource-constrained devices,which restricts the application scenario of CP-ABE.Based on the traditional CP-ABE algorithm,this paper studies the two directions of outsourced CP-ABE and verifiable multi-authorization CP-ABE.The main research contents include:(1)The heavy computational overhead for the standard ABE mechanism and the inability to meet the data owner's need to dynamically and efficiently modify user access rights.A fully outsourced CP-ABE scheme is proposed to support attribute revocation.The algorithm steps with heavy computational complexity in the CP-ABE algorithm are completed by the third-party cloud server,and the key generation center(KGC)and the user's computational overhead are reduced,and a key ciphertext update method is provided to achieve Fine-grained revocation of user attributes.(2)For the multi-authorization ABE scheme,the user's final key is integrated through the private key generated by each authority.When the user attribute satisfies the access structure but cannot be successfully decrypted,it is necessary to verify the private key and verify the correctness of the intermediate ciphertext.A verifiable multi-authorization CPABE scheme is proposed.The verification algorithm is used to verify the user's private key and ciphertext,and it is necessary to re-generate the secret key and verify the correctness of the outsourcing calculation when the legitimate user cannot successfully decrypt. |
PDF Full Text Request