Research On Dynamic Access Control Strategy Of Cloud Storage Data Based On Attributes

Cloud storage is regarded as an extension of cloud computing.It can not only meet the dynamic needs of using and getting storage data at any time,but also effectively reduce the resource overhead of local storage of data,making large scale of users choose cloud storage as a superior data storage method.However,the data is managed by cloud,which is regard as a third party.Whether the user identity is safe or not,whether the data is accessed by legitimate users,whether the cloud manages,shares and uses the stored data in accordance with regulations and etc.,which resulting in the reliability of cloud storage access control suffer from users' suspicion.Furthermore,the size of repeated data in cloud is huge,leading to large unnecessary consumption of cloud storage resources.Regarding the issues above,this study aims at the access control strategy of cloud storage data.Specifically,the research contents are shown below:1.An anonymous communication protocol for user-to-cloud based on attributes.Because of there are only a few solutions to anonymize user identities in recent commonly access control policies,which making user identities extremely easy to be disclosed in public.Thus,this thesis designs a secure anonymous protocol based on user and cloud participate by using the characteristics of homomorphic computing.This protocol has the characteristics of resisting quantum computing attacks,thereby effectively improving the security of user identity and broadening the application scenarios of cloud storage.2.A low storage access control strategy based on attributes.When a large scale of data is continuously stored in the cloud,repeated data in the cloud storage has consumed a huge size of additional storage resource,resulting in low utilization of cloud storage.Simultaneously,the common through query-matching access control solutions are hard to meet the current practical application requirement,which is rapidly access authorization for large scale of data.In this respect,when judging the uploaded data is repeated,this chapter via sharing the download right certificate corresponding to the data in the cloud storage,and dynamically adjusting the random vector to realize the safe grant of the user's download right.Compared with the query-matching access strategy,this strategy through directly calculating and verifying the result of inner product to complete the process of proof of ownership,which effectively improves the efficiency of granting access permissions.3.A dynamic permission transfer strategy for cloud storage based on attributes.When an authorized user shares cloud data with other users,if the download right is directly transferred without obfuscating it,the right may be passed on indefinitely,making the user's download right exist the hidden dangers of illegal intrusion.In order to realize the convenience and controllability of the user's download right transfer,this chapter dynamically adjusts the random vector of the download right by merging and updating the user's attributes set according to the attribute category between the authorized user and other users.Under the premise of ensuring security,this thesis realizes the safe transfer of the authority,which effectively reducing the amount of calculation and communication in the processes of obtaining download rights and proof of ownership.The innovations of this article can be described as follows:(1)By using the homomorphic encryption computing feature,designed a secure anonymous interaction protocol for user-to-cloud based on user attributes.(2)On the basis of the anonymous protocol,the inner product predicate scheme is introduced to use calculation instead of query proof of ownership.In a way,it can effectively improves the efficiency of access authorization and the utilization of storage space.(3)Based on the low-storage access strategy,we have designed an access control strategy,which can safely transfer permissions.Compared with mainstream access control methods,our access control strategy focuses on balancing the three relationships between user privacy,access authorization efficiency,and storage performance.Luckily,we have realized the security of user identity privacy and the dynamic nature of download rights allocation,and improved access functions such as authorization efficiency and cloud storage space utilization finally.Thus,our method can assist cloud administrators in the dynamic allocation or transfer of permissions for legal group users,and ensure the controllability of transfer permissions,which can better promote cloud storage technology and cryptographic technology,and has certain practical application value.