关键词: 云计算, CP-ABE, 访问控制, 隐藏策略, 属性撤销

Abstract: In attribute-based encryption schemes, access policy may contain some sensitive information, how to achieve policy hidden and have abundant expressive ability of access policy at the same time is one of the urgent problems in the cloud computing environment. Users’ attributes often change in the system, so attribute revocation has become a hot spot of research in recent years. In this paper, a hierarchical access control scheme with hidden policy is proposed. To solve the problem of attribute revocation, the technique of proxy re-encryption is integrated into CP-ABE scheme. Compared with the previous schemes, the scheme both protect the policy and has flexible access control capability. Furthermore, the hierarchical authorization structure which reduces the burden and risk in the case of one single authority making the scheme secure.

Key words: cloud computing, CP-ABE, access control, hidden policy, attribute revocation