Research On Description Of Access Control Elements Based On Proxy Re-encryption Under Hybrid Cloud

As one of the primary forms of cloud computing in recent years,the hybrid cloud has the advantages of strong data interaction and resource automation.It is convenient to deal with different kinds of computing targets and data requirements by the deployment of private cloud and public cloud.However,hybrid cloud computing also faces new security problems while providing convenient services for Internet users,such as secure management,privacy protection,and access control,etc.Due to the complicated composition and deployment characteristics of the hybrid cloud,the data is generally calculated in the form of ciphertext.Researches on access control technology need to focus on ciphertext and multi-factors.Facing the characteristics of fast change and substantial resource expansion in the hybrid cloud environment,how to design the corresponding factor description strategy for ciphertext access control,and ensure the security of user data while taking into account the advantages of hybrid cloud is of great importance.Moreover,data will be migrated in different cloud serves for user requirements or system backup,and it is also a challenge that is describing access control factors dynamically to achieve the dynamic adjust of access control policies.Therefore,given the above problems,this paper studies description strategies for access control factors in the hybrid cloud.The specific work is as follows:(1)Aiming at the description of complicated factors in ciphertext access control,this paper proposes a proxy re-encryption scheme that supports the extensible description of access control factors under the hybrid cloud.First,we introduce proxy re-encryption(PRE)into hybrid cloud computing to deploy private cloud servers and public cloud servers and establish a system model based on PRE access control in the hybrid cloud.Secondly,we design a proxy re-encryption algorithm containing complicated multi-factors and an XML based scalable description strategy,and weights are assigned to multiple factors to optimize the flexibility and extensibility further.Finally,we execute the security and performance analysis of the scheme by simulation experiments.(2)Based on the above research,this paper proposes proxy re-encryption schemes that support the dynamic descriptions of access control factors in the hybrid cloud.Firstly,we design a complete system model for the application scenario of data migration according to user requirements and divides the dynamic lifecycle for data in our model.The lifecycle management center adjusts the access control strategy and feedbacks the result parameters for dynamic description.Secondly,we design the description structure and the process protocol algorithm for dynamically adjusting the access control policy with the lifecycle as the core.Finally,we execute the security and performance analysis of the scheme by simulation experiments.Through the experimental results,it is not difficult to find that the schemes proposed in this paper optimize the description mechanism of access control factors,and makes the multifactor access control oriented proxy re-encryption scheme more suitable for the hybrid cloud environment.Besides,they reduce the computational overhead caused by property updates and enhance the flexibility of the dynamic description.