Computer Science ›› 2016, Vol. 43 ›› Issue (3): 118-121.doi: 10.11896/j.issn.1002-137X.2016.03.024

Previous Articles     Next Articles

Multiple Permissions Secure Access Control Scheme Combining CP-ABE and XACML in Cloud Storage

LIU Xiao-jian, WANG Li-sheng and LIAO Xin-kao   

  • Online:2018-12-01 Published:2018-12-01

Abstract: In order to protect the confidentiality of user data and user privacy in cloud storage system,multiple permissions secure access control scheme combining ciphertext-policy attribute-based encryption(CP-ABE) and XACML was proposed.The confidentiality of user data is ensured by CP-ABE encryption and properties of fine-grained access control are implemented by XACML framework.In cloud storage system user data is encrypted by symmetric encryption mecha-nism,and symmetric key encryption uses the CP-ABE.Simulation results show that the model is efficient,flexible,and secure.Security analysis shows that the scheme can resist collusion attacks,has data confidentiality and backward forward confidentiality.

Key words: Cloud storage,Access control,Ciphertext-policy attribute-based encryption,XACML

[1] Larry D.Cloud computing hasn’t gone Fortune 500 yet,But it’s coming[EB/OL].(2008-03).
[2] Christian C,Idit K,Alexander S.Trusting the cloud[J].Acm Sigact News,2009,40(2):81-86
[3] Goyal V,Pandey O,Sahai A,et al.Attribute-based encryptionfor fine-grained access control of encrypted data[C]∥Procee-dings of the 13th ACM Conference on Computer and Communications Security.New York:ACM,2006:89-98
[4] Bethencourt J,Sahai A,Waters B.Ciphertext-policy attribute-based encryption[C]∥IEEE Symposium on Security and Privacy.California,2007:321-334
[5] Pirretti M,Traynor P,McDaniel P,et al.Secure attribute-based systems[C]∥Proceedings of the 13th ACM conference on Computer and communications security.New York:ACM,2006:99-112
[6] Wang Peng-pian,Feng Deng-guo,Zhang Li-wu.CP-ABE Scheme Supporting Fully Fine-Grained Attribute Revocation[J].Journal of Software, 2012,23(10):2805-2816(in Chinese) 王鹏翩,冯登国,张立武.一种支持完全细粒度属性撤销的 CP-ABE方案[J].软件学报,2012,23(10):2805-2816
[7] Li Ming,Yu Shu-cheng,Zheng Yao.Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption[J].Parallel and Distributed Systems,2013,4(1):131-143
[8] Brent W.Public Key Cryptography-PKC 2011[M].Berlin:Springer,2011:53-70
[9] 马恒太,李鹏飞,颜学雄,等.Web服务安全[M].北京:电子工业出版社,2007:280-319
[10] Niu De-hua,Ma Jian-feng,Ma Zhuo,et al.Enhanced cloud sto-rage access control scheme based on arrtibute[J].Journal on Communications, 2013,4(Z1):276-284(in Chinese) 牛德华,马建峰,马卓,等.基于属性的安全增强云存储访问控制方案[J].通信学报,2013,4(Z1):276-284
[11] Sun’s XACML Implementation[EB/OL].
[12] Advanced Crypto Software Collection[EB/OL].
[13] Chen Yan-li,Song Ling-ling,Yang Geng.Efficient Aceess Control Scheme Combining CP-ABE and SD in Cloud Computing[J].Computer Science,2014,1(9):152-157,8(in Chinese) 陈燕俐,宋玲玲,杨庚.基于CP-ABE和SD的高效云计算访问控制方案[J].计算机科学,2014,1(9):152-157,8

No related articles found!
Full text



[1] LEI Li-hui and WANG Jing. Parallelization of LTL Model Checking Based on Possibility Measure[J]. Computer Science, 2018, 45(4): 71 -75, 88 .
[2] XIA Qing-xun and ZHUANG Yi. Remote Attestation Mechanism Based on Locality Principle[J]. Computer Science, 2018, 45(4): 148 -151, 162 .
[3] LI Bai-shen, LI Ling-zhi, SUN Yong and ZHU Yan-qin. Intranet Defense Algorithm Based on Pseudo Boosting Decision Tree[J]. Computer Science, 2018, 45(4): 157 -162 .
[4] WANG Huan, ZHANG Yun-feng and ZHANG Yan. Rapid Decision Method for Repairing Sequence Based on CFDs[J]. Computer Science, 2018, 45(3): 311 -316 .
[5] SUN Qi, JIN Yan, HE Kun and XU Ling-xuan. Hybrid Evolutionary Algorithm for Solving Mixed Capacitated General Routing Problem[J]. Computer Science, 2018, 45(4): 76 -82 .
[6] ZHANG Jia-nan and XIAO Ming-yu. Approximation Algorithm for Weighted Mixed Domination Problem[J]. Computer Science, 2018, 45(4): 83 -88 .
[7] WU Jian-hui, HUANG Zhong-xiang, LI Wu, WU Jian-hui, PENG Xin and ZHANG Sheng. Robustness Optimization of Sequence Decision in Urban Road Construction[J]. Computer Science, 2018, 45(4): 89 -93 .
[8] LIU Qin. Study on Data Quality Based on Constraint in Computer Forensics[J]. Computer Science, 2018, 45(4): 169 -172 .
[9] ZHONG Fei and YANG Bin. License Plate Detection Based on Principal Component Analysis Network[J]. Computer Science, 2018, 45(3): 268 -273 .
[10] SHI Wen-jun, WU Ji-gang and LUO Yu-chun. Fast and Efficient Scheduling Algorithms for Mobile Cloud Offloading[J]. Computer Science, 2018, 45(4): 94 -99, 116 .