Research On Data Security Based On Attributes In Cloud Storage

With the rapid innovation of the Internet technology,in order to solve the increasing amount of information on the Internet,scholars propose that a new Internet service is cloud computing,namely cloud computing.On the basis of cloud computing,cloud storage service is put forward.Cloud storage service can not only achieve massive and efficient data storage and provide users with a service of ondemand storage,but also ensure that users can read and share resources anytime and anywhere.However,cloud storage service provider is not trusted.When users lose physical control of data,they are worried about the security and efficient access of data.Therefore,how to ensure data integrity,data confidentiality and privacy security in cloud storage system has become an urgent problem.On the one hand,in the existing audit schemes for data integrity,some schemes are based on the public key infrastructure and processes of certificate management are quite complex.To solve the above problems,scholars propose identity-based cryptography.However,the above schemes only are suitable for static data,and obviously not applicable to real scenarios.On the other hand,in the access control of ciphertext data,when the data is encrypted,the access structure may involve the privacy issues.For the existing schemes with privacy protection function,they only utilize a single authority,which will cause the computation burden of the private key generated by the authority.Therefore,how to ensure the privacy security and flexibly control access is the focus of our research.In view of the above shortcomings,the following solutions are proposed:(1)We propose the fuzzy identity-based dynamic data integrity auditing scheme.We adopt fuzzy identity-based signature technology,which avoids the issuing and destroying of certificates and simplifies the key management.In addition,the scheme combines structures of the merkle hash tree and index logic table to realize the dynamic operation(i.e.,modification,insertion,deletion).Finally,the security of this paper is analyzed,and the efficiency of this dynamic structure is proved by experiments.(2)We propose an online/offline multi-authority attribute-based encryption scheme with hidden policy.We use the attribute-based encryption technology to realize the secure access control of cloud data.However,users have different attribute categories,so we introduce multiple attribute authorities to ease the computation pressure of the single authority.Embedding access structure in ciphertext may disclose the privacy information,therefore,an encryption scheme with the function of hiding policy is constructed to ensure the secure access to the ciphertext data and the privacy security.Finally,we prove the security of the scheme under the standard model,and illustrate the advantages of this paper in function and performance,respectively.