[Document] cloud storage ciphertext access control scheme

Cloud storage ciphertext access control scheme *

Lu Zhiquan +, Zhang, Feng Deng
State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing 100190

Journal of Frontiers of Com Puter Science and Marvell

Absrtact: In this paper, an efficient, precise and flexible access control scheme for ciphertext in cloud storage is proposed in the context of attribute encryption based on ciphertext policy (Ciphertext-policy attribute-based encryption, Cp-abe). By introducing the technology of key division and proxy encryption, the new scheme can transfer some of the encryption work to the cloud service provider when the permission is revoked, which greatly reduces the computational cost of the data owner. Compared with the existing scheme, the new scheme can not only support the fine access control strategy of multiple thresholds, but also can be set as unit and different user in the same attribute set when the permission is revoked. Finally, the security of the scheme is analyzed and the running efficiency is tested. The experimental results show that the new scheme is better than the general scheme, especially considering the cloud storage and multi-user situation, the advantages of the new scheme are obvious.

Keywords: cloud storage; ciphertext access control; Attribute encryption based on ciphertext policy; Agent encryption; Key split

Temp_11122520146442.pdf