Cancellation-supported outsourcing verifiable multi-authorization center access control method, and cloud server

Abstract

The invention belongs to the technical field characterized by a protocol, and discloses a cancellation-supported outsourcing verifiable multi-authorization center access control method, and a cloud server. The method comprises the following steps: system initialization, including the initialization of a global authentication center and other authorization centers; allocating an attribute set for auser by the authorization centers, and generating a secret key needed by decryption for the user; encrypting a file by a data owner, wherein the encryption process comprises outsourcing encryption, the verification of an outsourcing result and the final encryption of the data owner; issuing a file access request to a cloud service provider by the user, wherein the process includes cloud service provider outsourcing decryption, the verification of the outsourcing result, and the final decryption of the user; and cancelling some users or some attributes in a system. The cancellation-supported outsourcing verifiable multi-authorization center access control method provided by the invention has the advantages of being high in system access efficiency, low in computation overhead, capable of supporting dynamic user authority management and the like, and can be used for guaranteeing the privacy data safety of the user in cloud storage, reducing the computation overhead of the user and dynamically managing the authority of the user in the system.

Description

technical field [0001] The invention belongs to the technical field characterized by protocols, and in particular relates to an access control method and a cloud server that support revoking outsourcing verifiable multi-authorization centers. Background technique [0002] At present, the existing technologies commonly used in the industry are as follows: With the continuous development of information technology, people's life has been greatly improved. Among them, the rapid development of cloud computing has attracted widespread attention. Cloud computing is an entity with huge computing and storage capabilities. It is the product of the combination of network storage, virtualization, load balancing, distributed computing, parallel computing, utility computing and other traditional computing technologies and network technology development. Its power is that it can dynamically distribute computing resources to users through the network. At the same time, users can also sto...

AI Technical Summary

Problems solved by technology

In addition, the access control technology based on attribute encryption will also bring a huge management burden, especially the problem of revocation has always been difficult

In addition, if permissions are revoked frequently, the computational burden will be heavy, and the dynamic nature of attributes increases the overhead and difficulty of key updates.

Most existing technologies are not efficient enough to support flexible revocation of users and attributes in cloud storage systems. Therefore, it is necessary to propose an access control method that supports revocation outsourcing and verifiable multiple authorization centers

[0003] In summary, the problems in the prior art are: The existing technologies are not efficient enough, and do not support flexible revocation of users and attributes in the cloud storage system; the calculation complexity is high, the overhead is large, and revocation is difficult

[0004] The difficulty and significance of solving the above technical problems: Access control technology based on attribute encryption will also bring a huge management burden, especially the problem of revocation has always been difficult

In addition, if permissions are revoked frequently, the computational burden will be heavy, and the dynamic nature of attributes increases the overhead and difficulty of key updates.

Images