Research And Implementation Of Secure Data Sharing Based On Attribute Encryption

The explosive data growth in the context of big data has promoted the development of data-outsourced cloud storage services.Although cloud storage has the advantages of easy access,resource sharing and cost reduction,it has caused the separation of data ownership and actual control,and users cannot directly control the outsourced data physically,which increases the risk of user privacy data leakage.Attribute-based Encryption(ABE)technology embeds the attributes of authorized users and the conditions for decrypting into the user’s private key and ciphertext,which can be decrypted only when the user attributes satisfy the decryption conditions.Attribute-based encryption can reduce the user management burden of the encryptor,and has the features of flexible control,strong security,and user privacy protection,which makes it one of the effective methods for secure data sharing schemes in cloud storage,and is also a hot research topic in recent years.Existing attribute-based encryption schemes rely on bilinear pairwise operations,however the encryption and decryption overheads are large and cannot be applied to resource-constrained end devices.To address this problem,this paper proposes a secure and efficient multi-authorization attribute-based encryption scheme that supports LSSS(Linear Secret Sharing Scheme)access structure,which uses elliptic curves instead of bilinear pair operations with smaller computational overhead,and achieves attribute revocation by introducing attribute group keys.Under the standard model,based on the assumption of Diffie-Hellman problem,this scheme has the indistinguishability of selecting plaintext attacks(INDCPA)and can resist conspiracy attacks,and has forward security.The experimental results show that the proposed scheme in this paper has efficient encryption and decryption performance with low communication cost.The application-centric cloud storage model leads to ineffective sharing of users’ personal data among applications,and bring difficulties for users to migrate their identity information and private data among multiple applications.To address the data sharing problem among applications,this paper constructs a data sharing container based on the above-mentioned attribute-based encryption scheme,Semantic Web and blockchain technologies,which provides a common identity in the network using WebID-TLS protocol,organizes and describes data using Linked Data Platform standard and RDF,a resource description framework,and supports complex data query based on SPARQL technology.Applications store and access personal data in the container when authorized by the data sharing container,therefore data sharing is achieved by licensing the data sharing container to multiple applications.The container uses attributebased encryption technology to protect the private data stored in the data sharing container,and the authorization of the container,traceability of malicious operations,and data integrity verification are realized based on blockchain technology.To validate the proposed scheme,the smart contract function test and system workflow test of the data security sharing container are conducted through scenario hypothetical experiments,and the experimental results show that the data sharing container can achieve the established functions.