| With the rise of cloud computing and big data technologies,new technologies such as edge computing,data mining,and cloud storage provide users with cloud services for data sharing computing.However,the data sharer loses the physical access control over the data after uploading the data,so the security and privacy issues during data sharing have become a serious challenge to be solved at present.Research shows that probably data leaks are caused by wrong database operations,which means complex pieces of accessed data and rough granularity of access control.It also means a lack of unified supervision and auditing.Therefore,the formation of unified access authority authentication,real-time observation of user authorization,and dynamic access behavior is an urgent problem that needs to be solved.Blockchain technology is a decentralized,trusted storage,data traceable,consistent consensus distributed ledger,which can provide distributed data sharing and authorized supervision services for cloud data sharing.Among them,for the distributed attribute key generation and dynamic access control based on attribute encryption,the smart contract technology of blockchain has the characteristics of automatic programming,intelligent calculation,observability,and verifiability.It offers new ideas for blockchain access control.However,with the customization requirements in data sharing and transparent storage in blockchain,the existing solutions still need further research,such as the challenges of data privacy and computational complexity of the existing solutions.This paper designs corresponding solutions for problems in authorization privacy security in the distributed access control environment and the underlying privacy protection of blockchain.The main innovations of this paper are as follows:1.we have proposed A blockchain privacy protection model that supports targeted authorized users,the STAU-BPP model.We use secure,credible blockchain technology and access control technology based on ciphertext strategy,aiming at the low reliability of centralized third-party authorization in access control systems under the distributed cloud computing network.The STAU-BPP model helps supervise user behavior and the complex authorization environment,which flexibly supports user authorization and sharing requirements in any security domain satisfies regulatory requirements.At the same time,because the number of attributes merged can decrease when constructing the scheme,the scheme reduces the access control cost of a fine-grained and complex authorization environment.2.A blockchain privacy protection algorithm based on multi-signature and confidential computation is proposed,called MASCC.We use address obfuscation,multi-signature technology,and homomorphic cryptographic primitives to protect user privacy of the blockchain.The algorithm research supports the balance hiding mechanism based on Pedersen commitment,builds confidential computing based on smart contracts,uses the noninteractive zero-knowledge proof(NIZK)scheme to verify the correctness of the balance to ensure data can be constructed correctly.The dual function of the blockchain prevents computing nodes from stealing user data,thereby realizing the confidentiality and trusted sharing of data in an open and transparent blockchain scenario.At the same time,this scheme chooses to sign multiple transactions to ensure the anonymity and unlinkability of the blockchain.Since smart contracts are automated and programmable tools,this solution can efficiently,safely,and reliably verify the correctness of encryption results,and use cloud computing outsourcing to accelerate system encryption and decryption,improving the efficiency of system encryption and decryption.3.A blockchain security data management system that supports directional authorization is proposed.Firstly,we carry out the overall design of the system.We described a multi-level architecture from four perspectives of physical architecture,logical architecture,technology selection,and database table design.And,we design an underlying blockchain network,privacy protection module,and upper-layer application program.Our system implements a blockchain network interface,user registration and identity authentication functions,IPFS node management and file uploading functions,data uploading and encryption functions that support privacy protection,data authorization functions that support privacy protection,and access control supervision and control that support privacy protection and traceability.Results show that the system can make directional authorization and has good operating efficiency.At the same time,the MASCC algorithm can effectively protect user privacy and transaction security and realize user ciphertext calculation and secure data sharing on the chain. |
