| The continuous development of Internet information technology has made an increasing number of users choose to store their own data information on the elastic compute service,which can not merely lower the local storage costs and computing costs,but can conveniently use various kinds of high-quality cloud serving as well.However,with regard to data owners,uploading data information to the cloud means losing control of the data.Untrusted cloud service providers may reveal data for the sake of some benefits.The security of data information in the cloud can not be guaranteed.As a result,data security issue in the cloud has become a key factor which restricts the self-development of cloud computing.The encryption mechanism based on attribute can realize "one-to-many" data sharing,in addition,can furnish fine grit access control,which is appropriate for protecting data confidentiality and security under the environment of cloud computing.In attribute encryption,the secret key and ciphertext are combined with attribute set and access strategy.Only when the attribute set meets the access strategy can the ciphertext be successfully deciphered.However,in practical applications,the conditions that malicious users reveal the decryption private key and authorized agencies illegally forge the private key exist,which severely threaten the security of data in the cloud.As a result,the behavior of key leakage is needed to carry out tracing and confirmation of responsibility.Furthermore,because of the existence of user authority alteration and other factors,in a real scenario,the revocation function of user access rights is indispensable as well.As a consequence,it has practical significance to study attribute encryption schemes with traitor tracing and user revocation.Based on the above-mentioned issues,in allusion to the data access control needs under the environment of cloud storage,this article designs attribute encryption algorithm with different performance advantages by taking advantage of attribute encryption mechanism,and carries out exploration and practice of the respects of user tracking and authority revocation under the practical application scenarios.The specific jobs in this article are as follows: 1.An attribute encryption scheme is designed to support user tracking,user revocation and organization accountability.The scheme carries out management of the users who apply for the secret key by using the identity identification table.By means of the insertion of identifier in the private key,the identity tracking of malicious users is achieved.At the same time,the random value preserved by users in secret is embedded into the users' private key.The authorized agency is unable to obtain this random value,it is hard to forge out the system users' decryption private key,so as to achieve the organization's accountability.The method of revocation list adopted by the scheme has realized the real-time revocation of user access rights.In addition,the re-encryption algorithm is designed which is used for ciphertext update after the revocation.Under the standard model,it is proved that this scheme is selected to be plain text safe and traceable.By means of the comparative analysis with relevant schemes,it is proved that this scheme can carry out tracing and confirmation of responsibility towards users and agencies,with certain advantages in terms of function and efficiency.2.An attribute encryption scheme is designed to support traitor tracing,outsourcing decryption and associating user revocation.The scheme carries out identity management of users in the system by using the identity directory structure.When a user applies for a secret key,the system will select the only identifier and embed it into the key module,so as to realize the tracking function of user identity.The system achieves the revocation function for single users and associating users by making use of revocation list and identity directory technology.The re-encryption algorithm is designed to accomplish the update with regard to the ciphertext based on the premise of no need to update the user's private key.In terms of performance optimization,outsourcing decryption technology is adopted to hand over portion of the calculating work at the time of decryption to a third-party organization to undertake,which has vastly decreased the user's local computing costs.Under the standard model,it is proved that this scheme is selected to be plain text safe and traceable.By means of the comparative analysis with relevant schemes,it is discovered that both the storage costs and computing costs of this scheme are effectively decreased under this circumstance of guaranteeing the functionality advantages,with preferable practical application reference value. |
PDF Full Text Request