| The security and privacy protection of data in the cloud has always been a concern,and attribute-based encryption access control scheme can protect this data from illegal intrusion.However,the previous schemes still have defects in privacy protection.It can not achieve efficient policy hiding and rich expressiveness on the server side The revoked user can still get useful information from the access policy by using the revoked attribute.Therefore,this paper focuses on the above problems and proposes the following two solutions:1)Server-side supported access control with fully hidden access policyIn this paper,a server-side supported access control with fully hidden access policy is proposed.We use the chameleon hash function to design an attribute randomization scheme,which can randomize the attributes of each entity and generate corresponding intermediate keys.Based on this,a scheme to transform the access policy into garbled bloom filter is proposed.The intermediate key of each randomized attribute is used to calculate its position in the garbled bloom filter,while the corresponding value is inserted through the(k,k)secret sharing scheme.With the help of randomized attributes of data owners,the hidden access policy can be achieved in server side.2)Access control scheme with access policy privacy protection and updateIn this paper,an access control scheme that can protect private information in access policies when user attribute revocation occurs is proposed.We use one-way anonymous key agreement to design the attribute update components,and calculate the corresponding position in cuckoo filter.At the same time,in conjunction with the above update components,while protecting the privacy of the access policy,an access policy update scheme using cuckoo filter is proposed.When the access policy needs to be updated,the data owner and authorized user update their corresponding parts without re-encrypting the ciphertext,which saves computing overhead. |
PDF Full Text Request