Research On Blockchain-Based Fine-Grained Access Control Scheme For Cloud Data

The rapid development of cloud computing has made cloud data security one of the most concerned issues.Access control is an effective means to achieve secure sharing of private data by formulating access rules to manage user access rights.However,the traditional centralized access control model using public key encryption has defects such as low access efficiency and poor security,which can no longer meet the needs of current practical applications.To solve this problem,this paper combines Ciphertext-Policy Attribute-Based Encryption(CP-ABE)technology and blockchain technology to study the cloud data access control scheme.CP-ABE can provide fine-grained access authorization for encrypted data and play an important role in data outsourcing and secure retrieval.Blockchain can replace semi-honest third parties to provide more guarantees for fair access to data.The research work of this paper mainly includes the following points:(1)An attribute-based encryption scheme based on blockchain and supporting outsourcing computation is proposed.The scheme uses the improved CP-ABE algorithm to support fine-grained access to cloud data under policy hiding to prevent the leakage of privacy attributes.Proxy encryption and decryption computation are introduced to reduce the user’s computing power consumption.The decryption test is added to verify the correctness of the proxy decryption.In addition,the combination of blockchain technology and IPFS achieves the secure distributed storage and fair authorization of data ciphertext.Security analysis and experimental results show that the scheme can ensure the security of confidential cloud data during access and reduce the cost of encryption and decryption for users.(2)In order to realize the secure search of ciphertext data,a searchable encryption scheme based on blockchain and supporting authority change in cloud environment is proposed.The scheme realizes the single-keyword search of metadata ciphertext in the public blockchain environment,and realizes attribute revocation by updating key parameters.In addition,an audit contract is designed to constrain user access behavior,which realizes the fairness and dynamics of user access authorization.Security analysis shows that the scheme can resist chosen plaintext attack and keyword guessing attack.Theoretical analysis and experimental results show that the scheme has high computing efficiency and storage efficiency.(3)In order to solve the problem of single authorization performance bottleneck and search function limitation in cloud data access,an attribute-based sorting search scheme based on blockchain and supporting multiple authorizations is proposed.The scheme uses a multi-authorization mechanism to reduce the computational burden of the system,and at the same time realizes multi-keyword secure search of ciphertext data on the blockchain.In addition,the introduction of vector space model and TF-IDF weighting technology realizes the ranking of search results and improves the search efficiency and accuracy.Security analysis and simulation results show that the scheme can resist chosen plaintext attack and keyword guessing attack,and has low communication and calculation overhead.