Research On Ciphertext Policy Attribute-based Access Control In Blockchain Environment

With the rapid growth of big data,the issue of data privacy protection has attracted increasing attention.Access control is an important way to protect data privacy,but the traditional centralized access control model based on third-party organizations such as cloud services may be dishonest,which poses challenges to data integrity,confidentiality and effective access control.Blockchain is decentralized and immutable,and the introduction of this technology can effectively improve data access control.This thesis studies the attribute based access control scheme,introduces blockchain technology,comprehensively considers data integrity and confidentiality protection,and improves the ciphertext policy attribute encryption scheme to improve access control performance.The main research work is as follows.(1)Aiming at the functional deficiencies of the existing CP-ABE schemes,a low-cost CP-ABE scheme is proposed.The scheme is constructed with LSSS linear secret sharing technology and supports policy updating.At the same time,the property repeatability,policy hiding and anti-collusion characteristics are realized.In addition,the version number is introduced to control policy update,which solves the problems of untimely policy update,asymmetry and semi-trust of third-party institutions.At the same time,an efficient policy update scheme is designed to improve the encryption speed during policy update.In order to solve the high cost,single point of failure and data integrity problems that may exist in the cloud environment,IPFS system is adopted in this scheme to replace the traditional cloud environment.Through experimental analysis,it is proved that this scheme not only has the properties of strategy hiding and anti-collusion,but also has less computation when updating the strategy compared with the traditional scheme.(2)In order to effectively record and trace the information of data access control process,an access control-oriented blockchain smart contract is designed.Based on the analysis of the security and performance problems in the design process of intelligent contract,this thesis designs and implements a scheme combining static access control and dynamic access control,and increases the process of access time limit judgment,evil judgment and attribute initial judgment,which improves the security of the system.At the same time,the introduction of blockchain makes all access operations traceable.(3)Based on the above two aspects of research work,design and develop a fine-grained access control system based on blockchain and attribute encryption.The system encrypts data through CP-ABE scheme constructed by LSSS,and records and traces information through Ethereum.The feasibility of this system is proved by comparing and analyzing the system running status,system interaction and the realization of related functions.