A dynamic cryptographic access control scheme in cloud storage services

The cloud storage services is a technology in cloud computing, which provides the online storage services for data owners over the Internet. It enables data owners to remotely store their data into a cloud so that to enjoy scalable services pay-on-demand. However, allowing the cloud servers to take care of the confidential data, which may bring many challenges for data security and access control. In order to achieve security, fine-grained and flexible access control for cloud storage services, we present a cryptographic access control scheme called CS-CACS based on encryption (CP-ABE), which is implemented based on the HDFS workstation. Meanwhile, we combine the proxy re-encryption and lazy re-encryption to make the cloud servers do most of re-encryption computing when the user´s permission is revoked, which greatly reduces the computation cost of data owners. Our scheme has prominent properties of user access permission confidentiality and user secret key accountability. Performance analysis shows that the proposed scheme is efficient and security when the more users access data in the cloud storage.