Dynamic Access Control and Fine-Grained Searchable Encryption for Cloud Data Using Trust Evaluation and B-Tree Indexing
Abstract
The security management of data stored on cloud servers is of great significance, as it not only prevents data leakage but also ensures data integrity. Thus, to achieve secure management of data stored on cloud servers, the research starts with existing searchable encryption technologies and attribute-based searchable encryption technologies, and improved designs are made for both to form a complete encryption scheme. Firstly, in terms of searchable encryption technology, the study considers the dynamic changes in user permissions and constructs an encryption scheme that includes a trust value evaluation model and a dual dynamic access control mechanism. Among them, the trust value evaluation model needs to consider historical trust values, recommended trust values, and attribute related trust values, and then generate a comprehensive trust value to evaluate user permissions. Secondly, in terms of attribute-based searchable encryption technology, the research adopts a multi-branch balanced tree and linear secret sharing scheme to construct a fine-grained access control scheme. Among them, the B-Tree index structure is used to optimize search efficiency, and the linear secret sharing scheme is used to achieve access control for users. In the experimental part, the study uses Python programming language combined with PyCrypto and OpenSSL cryptographic libraries for testing to ensure the feasibility and performance of the solution, and the operating system is Windows 10. The results show that the maximum trust value calculation time considering the user permission scheme is 32 ms, which is 46 ms, 33 ms, 22 ms, and 19 ms lower than the maximum values of the four comparison schemes, respectively. In addition, the maximum access control determination time, CPU utilization, and memory occupancy of this scheme are 56 ms, 12.17%, and 13.95%, respectively. The maximum key generation time and communication volume for supporting fine-grained access control schemes are 180 ms and 3.257 Byte, respectively, and the average storage overhead for user keys and ciphertext is 3.94 KB and 5.37 KB, respectively. The encryption schemes designed by the research have good performance and can provide technical support for secure management of cloud server storage data without decryption for data queries.
DOI:
https://doi.org/10.31449/inf.v49i34.9088Downloads
Published
How to Cite
Issue
Section
License
I assign to Informatica, An International Journal of Computing and Informatics ("Journal") the copyright in the manuscript identified above and any additional material (figures, tables, illustrations, software or other information intended for publication) submitted as part of or as a supplement to the manuscript ("Paper") in all forms and media throughout the world, in all languages, for the full term of copyright, effective when and if the article is accepted for publication. This transfer includes the right to reproduce and/or to distribute the Paper to other journals or digital libraries in electronic and online forms and systems.
I understand that I retain the rights to use the pre-prints, off-prints, accepted manuscript and published journal Paper for personal use, scholarly purposes and internal institutional use.
In certain cases, I can ask for retaining the publishing rights of the Paper. The Journal can permit or deny the request for publishing rights, to which I fully agree.
I declare that the submitted Paper is original, has been written by the stated authors and has not been published elsewhere nor is currently being considered for publication by any other journal and will not be submitted for such review while under review by this Journal. The Paper contains no material that violates proprietary rights of any other person or entity. I have obtained written permission from copyright owners for any excerpts from copyrighted works that are included and have credited the sources in my article. I have informed the co-author(s) of the terms of this publishing agreement.
Copyright © Slovenian Society Informatika
