关键词: 属性基加密, 用户-属性撤销, 访问控制, 代理重加密

Abstract: In order to solve the problem of user authorization revocation caused by user attributes change in open cloud computing environment, an attribute-based proxy re-encryption scheme based on proxy re-encryption and key segmentation is proposed. Instant revocation of user authorization is supported in the scheme. When user revocation occurs, it is only necessary to update the ciphertext component in the cloud storage server and unrevoked users' attribute independence private key component in the proxy server. When the user attribute revocation occurs, it is necessary to update the user attribute revocation list from which the user authorization can be limited. Then the workload of updating ciphertext and the user private key is lessen to improve the execution efficiency of re-encryption and access control scheme, at the same time,the privacy information of user attributes are protected.

Key words: attribute-based encryption, user-attribute revocation, access control, proxy re-encryption