Secure Access Control Method Of Fine-grained Cloud Storage Based On Blockchain

Cloud storage services are widely used as they reduce the users’ storage overhead greatly.However,cloud storage service providers cannot be fully trusted.It is worthy of an investigation on how to ensure secure sharing and fine-grained access control of data stored in cloud.Attribute-based encryption mechanisms are able to encrypt cloud storage data and support users to define access policies.However,most attribute-based encryption schemes have to rely on credible certificate authority currently.Single certificate authority suffers from security issues including single point attack,and multiple certificate authority is complicated in construction and needs large interaction overhead.In addition,when attribute revocation occurs,data re-encryption would be adopted to ensure the backward and forward security of data.But it is challenging to ensure the security of re-encryption key escrow and distribution,and to maintain the scheme flexibility while ensuring finegrained access control.In view of the above issues,blockchain technology is combined in the thesis to study secure fine-grained access control methods in cloud storage.Specific research is as follows.1.A blockchain-based fine-grained ciphertext-based attribute-based encryption scheme is proposed for the security of existing certificate authority in cloud storage systems.Considering the blockchain is decentralized,the scheme replaces the original certificate authority with elected blocks,designs a security protocol with blockchain as the certificate authority,and combines attribute-based encryption with other encryption algorithms to solve security problems mentioned above like single-point attacks and to ensure the security of key escrow.Security analysis and proof are also given.The results prove that this scheme could guarantee data confidentiality and integrity and resist collusion attacks.Moreover,compared with the multi-credential schemes,the proposed scheme takes less time in private key generation,encryption and decryption.2.Based on Work 1,a blockchain-based ciphertext-based attribute-based encryption scheme which supports attribute revocation is proposed for users considering the backward and forward security and key escrow.This scheme achieves immediate attribute revocation through blockchain proxy re-encryption.And it solves security problems in re-encryption key granting during attribute revocation by user attribute groups and a linear secret-sharing scheme.The security analysis and proof also show that this scheme can ensure the security of key escrow and distribution as well as the data backward and forward.Meanwhile,by comparing the efficiency of revocation schemes with different attributes,it’s found that the proposed scheme occupies lower communication,storage and computing costs.In conclusion,the blockchain-based fine-grained cloud storage security access control method proposed in the thesis could support immediate attribute revocation and ensure the security of key distribution through exploiting the characteristics of blockchain and introducing attribute group key as well as linear secret-sharing mechanisms.Thus,this method has both theoretical and practical significance.