一种基于多授权系统模型的高效CP-ABE方法
An Efficient CP-ABE Scheme Based on Multi-authority System Model
-
摘要: 密文策略的属性基加密(Ciphertext-Policy Attribute-Based Encryption, CP-ABE)是一种可靠的方法,它既能实现数据机密性,又能实现细粒度的访问控制。但CP-ABE只支持单授权系统模型,不适合云存储的多授权。通过引入角色和规则的概念,提出了一种多授权系统模型的改进方法,并改进标准CP-ABE方法以形成MACP-ABE方案。该方案能支持改进的多授权系统,实现细粒度的访问控制。此外,MACP-ABE方法可支持用户的属性撤销,从而实现动态属性管理。实验结果表明该方法可以有效地减少整体计算开销。Abstract: As a reliable scheme, the ciphertext-policy attribute-based encryption(CP-ABE) can realize the data confidentiality and fine-grained access control. However, CP-ABE is only suitable for single-authority system, not for multi-authority system in the cloud storage. This paper proposes an improved multi-authority system model and obtains MACP-ABE scheme by modifying standard CP-ABE. MACP-ABE scheme not only supports the improved multi-authority system to realize fine-grained access control, but also supports users'attribute revocation and achieves the dynamic attribute management. The experiment results show that the proposed method can effectively reduce the overall computation.