Computer Science ›› 2016, Vol. 43 ›› Issue (9): 165-168.doi: 10.11896/j.issn.1002-137X.2016.09.032

Previous Articles     Next Articles

Research on Access Control Model in Multi-clouds Storage System Based on CP-ABE

YIN Kai-ze and WANG Hai-hang   

  • Online:2018-12-01 Published:2018-12-01

Abstract: Applying the access control system based on ciphertext-policy attributes-based encryption (CP-ABE) in single cloud to multi-clouds storage system will encounter a problem of policy conflict.Thus,an attributes mapping scheme was designed and an access control model in multi-clouds storage system based on CP-ABE was provided.The attributes mapping scheme was designed based on the access construction tree of CP-ABE and the types of attributes’ value that is supported.At last,the framework of this model and its workflow were elaborated.The effectiveness of the model is verified by building a simple prototype system,and the performance of the prototype system is analyzed.The proposed model has theoretical value and actual meaning for the research of access control in multi-clouds storage system.

Key words: Ciphertext-policy attribute-based encryption,Access control,Policy conflict,Attributes mapping,Multi-clouds storage system

[1] SNIA Technical Position.Cloud data management interface (cdmi) v1.0.2 [EB/OL].[2015-11-13].
[2] Sahai B J A,Waters B.Ciphertext-policy attribute-based encryption [C]∥Proceedings of the 28th IEEE Symposium on Security and Privacy.Piscataway:IEEE,2007:321-334
[3] Cloudfuze [EB/OL].[2015-11-13].
[4] Livenson I,Erwin L.Towards transparent integration of heterogeneous cloud storage platforms [C]∥Proceedings of the 4th International Workshop on Data-intensive Distributed Computing.New York:ACM,2011:27-34
[5] Bethencourt J,Sahai A,Waters B.The cpabe toolkit [EB/OL].[2015-11-13].
[6] Wang G,Liu Q,Wu J.Hierarchical attribute-based encryptionfor fine-grained access control in cloud storage services [C]∥Proceedings of the 17th ACM Conference on Computer and Communications Security.Chicago:ACM,2010:735-737
[7] Wan Z,Liu J E,Deng R H.HASBE:a hierarchical attribute-based solution for flexible and scalable access control in cloud computing [J].Information Forensics and Security,2012,7(2):743-754
[8] Li M,Yu S,Ren K,et al.Securing personal health records incloud computing:Patient-centric and fine-grained data access control in multi-owner settings [M]∥Security and Privacy in Communication Networks.Berlin:Springer,2010:89-106
[9] Barua M,Liang X,Lu R,et al.ESPAC:Enabling Security and Patient-centric Access Control for eHealth in cloud computing [J].International Journal of Security and Networks,2011,6(2/3):67-76
[10] Yin K Z,Wang H H.A cloud storage system with fine-grained access control and low storage space overhead [J].Journal of Computer Applications,2015,35(12):3413-3418(in Chinese) 印凯泽,汪海航.具有细粒度访问控制和低存储空间开销的云存储系统[J].计算机应用,2015,35(12):3413-3418
[11] Doan A H,Madhavan J,Domingos P,et al.Learning to map between ontologies on the semantic web [C]∥Proceedings of the 11th International Conference on World Wide Web.Honolulu:ACM,2002:662-673
[12] Wiederhold G.An algebra for ontology composition [C]∥Pro-ceedings of 1994 Monterey Workshop on Formal Methods.Monterey,1994,56:61
[13] Borthakur D.The hadoop distributed file system:architectureand design [EB/OL].[2015-12-15].
[14] Noessner J,Niepert M.CODI:Combinatorial Optimization forData Integration-Results for OAEI 2010 [C]∥Proceedings of the 5th International Workshop on Ontology Matching.Shanghai,2010:142-149
[15] Enterprise Ontology [EB/OL].[2016-04-25].

No related articles found!
Full text



No Suggested Reading articles found!