At present, outsourcing the data to the cloud service provider (CSP) has been used greatly reduce the cost by many companies. However, allowing a cloud service provider (CSP), whose main purpose is to make profits, to take the custody of sensitive corporate data will lead to underlying security and privacy issues at the same time. In this case, storing the encrypted data in the cloud can be a way to keep user data confidential against an untrusted CSP. Flexible encryption schemes can provide a fine grain access control for the encrypted data, and also ensure legitimate user to decrypt the corresponding data. This paper proposes a cryptographic access control solution, which is based on attributebased encryption (ABE) and identity-based signature (IBS), can keep the data in the cloud confidential against unauthorized parties. Additionally, under the premise of untrusted CSPs, the proposed scheme can ensure the data security of the storage system in the open cloud environment, and can reduce right management complexity. Analysis and experimental results show that the concrete access control scheme can enhance the efficiency for the cloud.

• 出版日期2013
• 单位北京大学