具有细粒度访问控制和低存储空间开销的云存储系统

针对目前公有云存储系统中存在的数据机密性和系统性能问题,提出了一个安全高效的方案,并将其应用于基于密文策略属性基加密(CP-ABE)的具有细粒度访问控制的密码学的云存储系统中。在这个方案中,原始的数据首先会经过一个(k,n)算法分割成小块,然后随机选择其中部分小块进行加密,最后发布到云上,且只保存一份副本。该方案能够提升用户撤销操作的性能和降低存储空间的开销,同时安全性分析也证明了这个系统在计算上是安全的。通过分析对比,实验结果表明:该方案优化了用户撤销,减少了数据拥有者对数据管理的时间,由于只需要保存一份数据副本,因此有效地减少了数据的存储空间。该方案实现了公有云存储中敏感数据的安全共享和高效存储。

Cloud storage system with fine-grained access control and low storage space overhead

Concerning the data's confidentiality when stored in public cloud storage system and the system's performance, a secure and efficient scheme was proposed and applied in the cloud storage system of cryptography with cryptographic fine-grained access control, which was based on Ciphertext-Policy Attribute-Based Encryption (CP-ABE). In the proposed scheme, the original data were firstly divided into a number of slices by the (k,n)algorithm. Then some of slices were randomly chosen to encrypt. At last, the encrypted slices were published to the cloud storage, and only one copy of these slices was stored. The proposed scheme was proved that it could improve the performance of the user's cancel operation and reduce the cost of the storage space. At the same time, the system was also proved to be safe on calculation by the analysis of the security. By contrast, the experimental results show that, the data management time for the data owner is decreased obviously through optimizing the user revocation phase. The data storage cost is also decreased because of only storing one copy of data. The proposed scheme achieves secure sharing and efficient storage of the sensitive data in the public cloud storage.