| With the development of cloud computing, cloud computing services and cloud storage services have brought great convenience to the enterprise. However, the cloud platform is not credible, they have to encrypt their data to ensure confidentiality of the data. How to make use of cryptographic access control scheme to reduce the management overhead of enterprises and users is an important issue by the advantages of cloud computing.Through the analysis of the existing cryptographic access control mechanism and related technology, a new subscription-based cryptographic access control mechanism is proposed, which is suitable to publish/subscribe system. The mechanism uses a key transformation structure to control the access to the resource by controlling the user’s access to the resource’s key. According to the situation of resource publishing and users’ subscription, the relationship between the user and the resource key is established by enterprise through the key transformation structure.In the process of resource publishing and user rights change, the key transformation structure is consistent with the access control policy. Mixed with group key management and proxy re-encryption, the structure let user can access to many kinds of resources with managing a secret information, and let enterprise can entrust the process of handling user access resources to the cloud server.Based on the subscription-based access control mechanism, the access control subsystem of the system is divided into three modules, including the client, the enterprise server and the cloud server. The test results show that the scheme reduces the management overhead of enterprises and users. |
PDF Full Text Request