Research On Hierarchical Data Access Control Scheme Based On Multi-Authorities In Cloud Environment

With the rapid development of cloud computing technology and the advent of the mobile Internet era,more and more enterprises and individuals are storing data in the cloud environment and sharing data.Because the cloud service provider is not completely trusted and the cloud server is vulnerable to attacks,users usually need to encrypt data and develop access control policies to ensure the security and availability of data.How to design a secure,efficient and flexible access control scheme in the cloud environment has become a hot topic in academia and industry.The existing access control schemes in the cloud environment do not consider that the access structure of multiple data files has hierarchical relationship,and each file needs to be encrypted separately to achieve access control requirements,resulting in large computing and storage costs;In addition,most access control schemes only have one authorized institution,which requires high security and reliability of authorized institutions.It is difficult to cope with the growing amount of data and the decreasing fault tolerance rate in the cloud environment.In order to solve the above problems,this thesis proposes a hierarchical data access control scheme based on multi authorized institutions in cloud environment based on attribute based encryption technology and blockchain technology.In this scheme,a hierarchical attribute base encryption algorithm is designed.For multiple data files with hierarchical access structure,the data owner only needs to formulate an access control strategy and conduct one encryption operation,which can make the visitor decrypt part of the files when meeting some access conditions,and get all the files when meeting all access conditions.This feature greatly reduces the encryption and decryption time of the algorithm.At the same time,a key management method based on blockchain is designed,which can make all authorized institutions distribute the private key honestly and in parallel,and improve the efficiency of authorized institutions.Security analysis shows that the scheme can effectively protect data confidentiality,resist collusion attack,achieve fine-grained data access control and safely complete private key distribution.Performance evaluation shows that this scheme has significant advantages over the existing schemes in terms of private key generation,encryption and decryption time,private key and ciphertext storage overhead.