Research On Access Control Mechanism In Cloud Storage

With the rapid development of the cloud computing industry,cloud storage services have also been widely used,when the large number of data was in the cloud storage,there are many security problems increasingly around it.Untill now,various social issues emerge in an endless stream of data leakage caused by cloud,cloud storage security has already sounded the alarm.Cloud storage security measures currently accepted is the implementation of encryption for data storage,the key is to secure key algorithm selection and access control technology support.If the security strategy is strict,can bring the relative safety data.But when the data changes,access or update,high strength encryption algorithm will directly affect the efficiency of cloud storage and convenience,at the same time bring more burden to the cloud storage center.If the user level distribution,cross level cloud file sharing will exponentially increase the system overhead,is not conducive to enterprise log According to the efficient use of cloud storage to reduce the unique advantages.Access control technology plays an important role in information security field,but the traditional access control can not meet the cloud computing environment of enterprise specific needs.This paper proposes a method based on multi level access to the cloud storage access control mechanism,the mechanism to make full use of single function can only be deduced with unidirectional.The access control mechanism of the design concept,the high level of security level users can push users to export low security key is fast through the one-way function,while the opposite is not.When the cross level access,communication overhead and the mechanism of the key cloud saves transfer operation overhead,efficient access to realize the multi level business users of cloud storage file access control demand.Based on the open source openstack cloud platform for multi level access control mechanism was tested through a single point in a virtual machine Department of swift all in one platform,combined with National Supercomputing Tianjin center system cloud platform provides the Thcloud_sdk.py Thcloud_sdk.py for secondary development of,complete simulation of the access control mechanism.The design of cloud storage access control system at the time of the occurrence of revocation,the user can according to the distribution parameter,self is a new key.The cloud is also the agent re encryption technology,update the cloud storage space of the encrypted data according to the relevant parameters,the user group no need to distribute keys,simple and quick realization of file access permissions change.At the end of this paper,from multiple perspectives analysis under the environment of cloud storage security policy issues,the future of cloud application was prospected.