Cloud computing is a developing computing paradigm in which resources of the computing infrastructure are provided as services over the network. Hopeful as it is, this paradigm also brings new challenges for data secu...Cloud computing is a developing computing paradigm in which resources of the computing infrastructure are provided as services over the network. Hopeful as it is, this paradigm also brings new challenges for data security and encryption storage when date owner stores sensitive data for sharing with untrusted cloud servers. When it comes to fine-grained data and scalable access control, a huge computation for key distribution and data management is required. In this article, we achieved this goal by exploiting and uniquely combining techniques of ciphertext-policy attribute-based encryption (CP-ABE), linear secret sharing schemes (LSSS), and counter (CTR) mode encryption. The proposed scheme is highly efficient by conducting the revocation on attribute level rather than on user level. The goals of data confidentiality and no collusion attack (even the cloud servers (CS) collude with users), as well as ones of fine-grainedness and scalability, are also achieved in our access structure.展开更多
基金supported by the Beijing Higher Education Young Elite Teacher Project (YETP0448)the Specialized Research Fund for the Doctoral Program of Higher Education (2013114)+3 种基金the Fundamental Research Funds for the Central Universities (2013RC0310)the Digital Right Management Technology Research and Development Project (1681300000119)the National Key Technology Research and Development Program (2012BAH08B02)the Hi-Tech Research and Development Program (2012AA012606)
文摘Cloud computing is a developing computing paradigm in which resources of the computing infrastructure are provided as services over the network. Hopeful as it is, this paradigm also brings new challenges for data security and encryption storage when date owner stores sensitive data for sharing with untrusted cloud servers. When it comes to fine-grained data and scalable access control, a huge computation for key distribution and data management is required. In this article, we achieved this goal by exploiting and uniquely combining techniques of ciphertext-policy attribute-based encryption (CP-ABE), linear secret sharing schemes (LSSS), and counter (CTR) mode encryption. The proposed scheme is highly efficient by conducting the revocation on attribute level rather than on user level. The goals of data confidentiality and no collusion attack (even the cloud servers (CS) collude with users), as well as ones of fine-grainedness and scalability, are also achieved in our access structure.
