Research On Secure And Efficient Attribute Based Encryption In Cloud Environment

In the era of big data,data contains huge commercial value.In order to reflect the role and value of big data,it is necessary to manage the whole process of data generation,storage,processing and sharing.As an emerging computing mode,cloud computing provides powerful computing and storage capabilities,attracting more and more enterprises and individuals to choose to save data to the cloud.However,the outsourcing storage of user data in cloud environment will lead to the separation of data ownership,management rights and use rights.In the case of the cloud service provider is not completely trusted,it is necessary to enhance the privacy security of user data and take into account the efficiency of data access.Attribute based encryption(ABE),as a one-to-many data encryption technology,can achieve fine-grained access control,which is suitable for cloud environment.The data owner of ciphertext policy attribute based encrypt ion(CP-ABE)directly controls his own data,which can further protect the data security in the cloud.This paper takes distributed CP-ABE as the research object,improves its mobility and practicability by improving access policy and user privacy,and red uces the cost of encryption and decryption calculation by outsourcing.Specifically,the main work and innovations of this paper are summarized as follows:At first,in view of the insufficiency of system security and user privacy protection in cloud environment,this paper proposes an Improved Privacy Distributed CP-ABE(IPD-CPABE)access control under cloud storage system.In the scheme,we consider the attribute hiding of the access structure to avoid that the access structure in the ciphertext is visible to the cloud server and the malicious users synthesize the virtual attribute set to steal data.In addition,through the anonymous key publishing protocol jointly executed by users and attribute authorities,the user's decrypted private key is generated to solve the problem of key escrow.In the protocol,hiding the user's global identity(GID)from the attribute authorities makes the user identity information untraceable and enhances the privacy.Furthermore,in order to improve the security of existing CP-ABE schemes,the cost of computation is usually increased.To solve this problem,we propose an Online/Offline Secure and Efficient Attribute Based Encryption model or to say Enhanced IPD-CPABE(EIPD-CPABE)model,which not only realizes high privacy security,but also makes full use of the cloud server to greatly reduce the computing cost.In this way,the online/offline encryption and decryption mode can reduce the computational complexity of the data owner and the authorized use r at the same time,and ensures that they can operate in resource constrained devices with stronger mobility.Based on the advantages of encryption and decryption,the intractable fine-grained revocation problem has been properly tackled.Finally,the proposed scheme is compared with several existing schemes.The theoretical analysis and simulation results show that our scheme has strong security and efficiency,and is very feasible in the cloud environment.