Abstract
In power cloud environment, the existing Ciphertext-Policy Attribute-Based Encryption (CP-ABE) access control schemes, do not consider the generation of access structure and the existence of malicious users. To tackle these problems, a power cloud access control (PCAC) scheme is proposed, which improves the traditional CP-ABE access control model. Considering the heavy time consumption of CP-ABE, PCAC encrypts the symmetric key, instead of the raw data. PCAC combines the access tree and linear secret-sharing scheme (LSSS) to achieve the automatic generation and efficient operation of access structure. Additionally, an action audit phase, based on zero-knowledge verification was designed to defend against malicious users. The experiments proved that PCAC meets the requirement of fine-grained access control, in a power cloud. Compared with existing CP-ABE schemes, the PCAC scheme reduced about half of the time consumption, in the action audit phase and costs about one-third the time, in the data obtainment stage.
Highlights
With the fast development of cloud computing, it is economic for individuals and companies to save their data in cloud
We focus on the attribute-based access control (ABAC), which is more fine-gained than role-based access control (RBAC)
We proposed a power cloud access control (PCAC) access control scheme that is suitable for power cloud environment
Summary
With the fast development of cloud computing, it is economic for individuals and companies to save their data in cloud. Power cloud contains a large number of users with complex system structure and different data security requirements, which needs an automatic, fine-gained access control scheme. Only if, the user’s attribute set satisfies the access structure, the user can decrypt the data. This scheme can meet the fine-grained access control requirement of power clouds, but it is difficult to meet the security requirement. The existing CP-ABE schemes have not considered the security issue of the data source and the generation of the access structure. CP-ABE system model, including outsourcing the generation of access structures and the verification of attribute sets to a third party, to reduce the computational complexity.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have