| The widespread use of cloud storage services has revolutionized the way data is shared,allowing users to easily and affordably store data remotely.However,this convenience comes with potential security risks,prompting the development of Attribute-Based Encryption(ABE)as a means of ensuring data confidentiality.ABE has gained significant attention due to its ability to provide secure data access in the cloud.However,existing ABE schemes have limitations,as they require trust in a single authority,creating a potential single point of failure.Additionally,key escrow remains an issue,as untrusted attribute authorities(AAs)can potentially use decryption keys to gain unauthorized access to encrypted data.These limitations must be addressed to develop more effective and trustworthy ABE schemes that are better suited for real-world use cases.Meanwhile,attribute-based encryption still faces many challenges in terms of policy update and fine-grained access control in complex environments.Attribute-Based Access Control(ABAC)is a flexible access control model that allows an arbitrary number of attributes to be used in access control decisions and is simple and effective in implementing complex policies.As enterprises and institutions strengthen cooperation and resource sharing in various fields such as blockchain,Internet of Things and cloud computing,the advantages of ABAC will become more and more obvious.However,in a complex open environment,ABAC still faces threats such as reduced system security and authorized forgery.To address the aforementioned issues,this paper focuses on the following key tasks:(1)In order to solve the problem of untrustworthy participants,This paper proposes the use of blockchain technology to address the mentioned problem.Specifically,the deployment of smart contracts can be utilized to optimize the solution.mutual trust is established for the participants,while reducing the computational overhead of the participants and ensuring the correctness of the calculation results.(2)This paper presents an attribute-based access control(ABAC)scheme for blockchain data,which ensures credibility and security through the auditability and non-tamperability of the blockchain.By leveraging these properties,the proposed scheme ensures the openness and verifiability of the decision-making process of ABAC.In addition,the scheme replaces keys with real-time attribute tokens,entrusts token generation to smart contracts,and effectively resists the key escrow problem.Since tokens and policies are updated dynamically,the security of the system is also greatly improved.(3)A blockchain-based CP-ABE scheme with support for multi-attribute authorization has been proposed.To address the issue of trust in the authorization authority,the scheme splits the key generation process and uses smart contracts to verify sub-keys and ultimately generate decryption keys.Trust relationships have been established among multiple authorization centers,preventing a single AA from generating a complete key and avoiding the possibility of gaining additional privileges by decrypting ciphertext.In addition,in this scheme,data access logs can be recorded on the blockchain,enabling auditable access control. |
PDF Full Text Request