Agent-based revocable multi-authorization center access control method and cloud storage system

Abstract

The invention belongs to the technical field of wireless communication networks, and discloses an agent-based revocable multi-authorization center access control method and a cloud storage system. Themethod comprises the steps that system initialization is conducted, wherein initialization of a global authentication center CA and other authorization centers AA and initialization of a cloud serverare included; the authorization centers AA allocate attribute sets to users and generate keys needed for decryption for the users; a data owner encrypts a file; the users send file access requests toa cloud service provider, wherein the process comprises outsourcing decryption of the cloud service provider and final decryption of the users; and some users or some attributes in the system are revoked. The method has the advantages of being high in system efficiency, supporting dynamic user permission management and the like and can be used for ensuring the privacy data security of the users in the data information system, reducing the computing overhead of the users and dynamically managing the permissions of the users in the system.

Description

technical field [0001] The invention belongs to the technical field of wireless communication networks, and in particular relates to an agent-based revocable multi-authorization center access control method and a cloud storage system. Background technique [0002] At present, the existing technologies commonly used in the industry are as follows: In recent years, the research and construction of data information systems are in full swing. Data information systems can manage resources by integrating multiple information and communication technologies, realize urban intelligent management and operation, and promote harmonious and sustainable urban development, thereby improving the quality of life of urban residents. Cloud computing is the growth, usage and delivery model of Internet-based related services, usually involving the provision of dynamically scalable and often virtualized resources over the Internet. Cloud computing can provide a safe and reliable data storage an...

AI Technical Summary

Problems solved by technology

In addition, the access control technology based on attribute encryption will also bring a huge management burden, especially the problem of revocation has always been difficult

[0004] (1) In the attribute-based encryption system, the computational overhead of the encryption and decryption stages is large, which makes the computational burden of the data user too heavy, which seriously affects its practicability

[0005] (2) None of the existing technologies are suitable for the outsourcing environment, and the efficiency is low in practice

[0006] (3) The existing revocation technology cannot realize instant attribute revocation, and the key update stage may become the bottleneck of the system, or rely on a trusted server, which seriously reduces the efficiency and flexibility of the system

[0009] (2) The usual method of attribute revocation is to update the key and re-encrypt the ciphertext. This method is difficult to realize the dynamic management of attributes, which is another important reason why the attribute decryption technology is currently difficult to be practically applied.

Images