CN105141574A - Cloud storage cipher text access control system based on table attributes - Google Patents

Abstract

The invention belongs to the technical field of cloud storage service, and provides a cloud storage cipher text access control system based on table attributes and an access control method thereof. According to the system and the method, a data owner classifies leaf nodes on an access structure tree according to whether the threshold of a parent node corresponding to each leaf node is 1 in the process of encryption, the data owner further classifies a set of leaf nodes of which the thresholds of the parent nodes are 1 according to different types of parent nodes, and finally, the data owner encrypts data according to the result of classification and uploads the data to the cloud. Thus, the length of cipher text obtained by the data owner, the amount of encryption calculation and the amount of decryption calculation for subsequent sharing users are only related to an attribute set of which the threshold of the parent node is not 1. In the access structure tree, the threshold corresponds to an OR gate when the threshold is 1, or the threshold corresponds to an AND gate. Therefore, the system overload is only related to an attribute set of which the parent node is an OR gate. When the number of OR gates in the access structure tree increases, the computational cost and communication overhead of the system are greatly reduced.

Description

A kind of cloud based on form attributes stores ciphertext access control system

Technical field

The invention belongs to cloud stores service technical field, particularly relate to a kind of cloud based on form attributes and store ciphertext access control system.

Background technology

In cloud stores service platform, owing to adopting remote data trustship technology, cloud storage service provider is the physics owner of data, but with data owner not in same trust domain.Cloud storage service provider manages multiple user and resource thereof, when other user resources of the cross-border access of user, needs the access adopting certain access control policy to control data and service.But in reality, because cloud stores service platform adopts virtualization storage technology, cloud stores service, with being loose coupling between bottom hardware environment, lacks changeless secure border between the data of different user, thereby increases the difficulty executing access control at cloud stores service platform logarithm factually.

In prior art, based on the encryption (Attribute-basedEncryption of attribute, ABE) scheme is with attribute description user identity, private key for user and ciphertext are relevant to one group of attribute respectively, when private key for user attribute and the mutual matching degree of ciphertext attribute reach set threshold value time, user could successful decryption ciphertext.

But ABE scheme only can support thresholding access control policy, in order to express access control policy more flexibly, encryption attribute (CipherPolicyAttribute-basedEncryption, the CP-ABE) scheme based on Ciphertext policy is suggested.In CP-ABE scheme, ciphertext is relevant to access strategy, and private key for user is relevant to community set, and when the attribute of and if only if private key for user meets the access strategy of ciphertext, user could successful decryption ciphertext.Reduce the network bandwidth that data sharing fine-granularity access control brings and the expense that node calculates CP-ABE schemes tend, be best suited for one of the ciphertext access control technology in cloud storage platform.

For the cloud storage platform adopting CP-ABE scheme, consider enterprise's application scenarios, attribute and access strategy need to be disposed by form.But because community set is comparatively huge, access structure is very complicated, the execution efficiency of CP-ABE scheme in cloud storage platform is very low.

Summary of the invention

A kind of cloud based on form attributes is the object of the present invention is to provide to store ciphertext access control system, the cloud storage platform being intended to solve existing employing CP-ABE scheme disposes attribute and access strategy by form, because community set is huge, access structure is complicated, make the problem that CP-ABE scheme execution efficiency is low.

The present invention is achieved in that a kind of cloud based on form attributes stores ciphertext access control system, and described system comprises:

The management end run by authentication center, for generate and to each validated user dispatch user private key, described private key for user is associated with the attribute of respective user;

The client run by user, for when uploading data to high in the clouds, the data decimation session key that need upload is encrypted, whether the threshold value setting father node corresponding to each leaf node afterwards according to access structure is 1, each leaf node is classified, and further according to the difference of father node type, the set that the threshold value of father node is the leaf node of 1 is classified, afterwards according to classification results to described session key to obtain session key ciphertext, afterwards by described session key ciphertext and encryption after data upload to high in the clouds, also for when from high in the clouds downloading data, from high in the clouds download session key ciphertext and corresponding shared data, and when the attribute be associated with own user private key meet access structure set time, session key is obtained by session key decrypt ciphertext, utilize afterwards and decipher the shared data that the described session key obtained deciphers described correspondence.

Another object of the present invention is to provide a kind of as above based on the access control method of the cloud storage ciphertext access control system of form attributes, described method comprises:

Authentication center's operational management end, generation system PKI and main private key, be uploaded to high in the clouds by described system PKI;

Authentication center's operational management end, joins request according to the system that user sends, and whether authenticated user is validated user, and when user is validated user, calculates the private key for user of user, and be distributed to user;

Data owner running client, the data decimation session key that need upload is encrypted, whether the threshold value setting father node corresponding to each leaf node afterwards according to access structure is 1, classifies to each leaf node, and further according to the difference of father node type, classify to the set that the threshold value of father node is the leaf node of 1, afterwards according to classification results to described session key to obtain session key ciphertext, afterwards by described session key ciphertext and encryption after data upload to high in the clouds;

Sharing users running client, from high in the clouds download session key ciphertext and corresponding shared data, and when the attribute be associated with own user private key meet access structure set time, obtain session key by session key decrypt ciphertext, utilize afterwards and decipher the shared data that the described session key obtained deciphers described correspondence.

Cloud based on form attributes provided by the invention stores in ciphertext access control system and access control method thereof, data owner is in ciphering process, whether the threshold value setting father node corresponding to each leaf node upper according to access structure is 1, classifies to each leaf node, and further according to the difference of father node type, classify to the set that the threshold value of father node is the leaf node of 1, be uploaded to high in the clouds according to classification results to after data encryption afterwards.Like this, the ciphertext length that data owner obtains, the deciphering amount of calculation of computation degree and follow-up sharing users with father node threshold value be not all only 1 community set relevant, and in access structure tree, threshold value is 1 corresponding or door, otherwise corresponding and door, therefore can say, overhead is relevant with the community set of door with father node, when access structure tree in or door increase time, relative to existing CP-ABE scheme, the calculation cost of system and communication overhead will greatly reduce, thus secret protection can be provided for user more efficiently, data sharing and access control service.

Accompanying drawing explanation

Fig. 1 is the structure chart that the cloud based on form attributes provided by the invention stores ciphertext access control system;

Fig. 2 is the flow chart that the cloud based on form attributes provided by the invention stores the access control method of ciphertext access control system;

Fig. 3 is a kind of access structure tree instance graph of the present invention.

Embodiment

In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.

For prior art Problems existing, consider that form attributes has following two features: one, attribute is classification, as shown in table 1 below is the register of an enterprise:

Table 1

Sequence number	Name	Sex	Position	Department
					001	Alan	Female	CEO	General headquarters
002	John	Man	General manager	General headquarters
					003	Alex	Man	Manager	Human Resource Department
004	Steven	Man	Manager	Finance Department
					…	…	…	…	…

In upper table, all properties is divided into 5 types; Two, in access structure tree attribute type of the same race or door (OR door) more than with door (AND door), as shown above, sequence number 001OR002OR003 probability of happening is comparatively large, and sequence number 001AND002AND003 probability of happening is extremely low.Thus, in the present invention, data owner is in ciphering process, whether the threshold value setting father node corresponding to each leaf node upper according to access structure is 1, classifies to each leaf node, and further according to the difference of father node type, classify to the set that the threshold value of father node is the leaf node of 1, be uploaded to high in the clouds according to classification results to after data encryption afterwards.

Fig. 1 shows the structure that the cloud based on form attributes provided by the invention stores ciphertext access control system, for convenience of explanation, illustrate only part related to the present invention.

Specifically, system of the present invention comprises: the management end 11 run by authentication center, for generate and to each validated user dispatch user private key, private key for user is associated with the attribute of respective user, the client 12 run by user, for when uploading data to high in the clouds, the data decimation session key that need upload is encrypted, whether the threshold value setting father node corresponding to each leaf node afterwards according to access structure is 1, each leaf node is classified, and further according to the difference of father node type, the set that the threshold value of father node is the leaf node of 1 is classified, afterwards according to classification results to session key to obtain session key ciphertext, afterwards by session key ciphertext and encryption after data upload to high in the clouds, also for when from high in the clouds downloading data, from high in the clouds download session key ciphertext and corresponding shared data, and when the attribute be associated with own user private key meet access structure set time, session key is obtained by session key decrypt ciphertext, utilize the shared data of deciphering the session key deciphering correspondence obtained afterwards.

In the present invention, the validated user of system can be divided into data owner and sharing users, and data owner, sharing users are the operation main body of client 12 respectively, and authentication center is the operation main body of management end 11.Wherein, data owner refers to and the provider of data is shared in high in the clouds, and data owner formulates access strategy, and is encrypted the data that need upload based on access strategy, afterwards by the Data Hosting after encryption to high in the clouds; Sharing users (i.e. visitor) refers to from high in the clouds download of sharing data side, the encrypt data that sharing users access high in the clouds stores, the attribute in the private key for user of sharing users is only had to meet the access strategy defined in ciphertext, sharing users ability successful decryption ciphertext; Authentication center refers to except data owner and sharing users, the trusted third party mutual with high in the clouds, and authentication center sets up system and accepts user's registration, is responsible for the private key for user that each user generates its attribute separately of association.Be to be understood that, definition data owner and the object of sharing users are the function of main body in certain running of system in order to distinguish running client 12 is uploading data or downloading data, thus the data owner in certain running of system can be the sharing users in another running, similarly, the sharing users in certain running of system can be the data owner in another running.

The operation principle that cloud based on form attributes of the present invention stores ciphertext access control system is: after system is set up, authentication center's operational management end 11, generation system PKI and main private key, be uploaded to high in the clouds by system PKI.

If user wishes to add system, then running client 12, sends system to authentication center and joins request, authentication center's operational management end 11, joins request according to this system, and whether this user of certification is validated user, be calculate the private key for user of this user, and be distributed to this user.

When data owner uploading data, data owner running client 12, the data decimation session key that need upload is encrypted, whether the threshold value setting father node corresponding to each leaf node afterwards according to access structure is 1, classifies to each leaf node, and further according to the difference of father node type, classify to the set that the threshold value of father node is the leaf node of 1, afterwards according to classification results to session key to obtain session key ciphertext, afterwards by session key ciphertext and encryption after data upload to high in the clouds.

When sharing users is from high in the clouds downloading data, sharing users running client 12, from high in the clouds download session key ciphertext and corresponding shared data, and when the attribute be associated with own user private key meet access structure set time, obtain session key by session key decrypt ciphertext, utilize the shared data of deciphering the session key deciphering correspondence obtained afterwards.

Cloud based on form attributes provided by the invention stores in ciphertext access control system, data owner is in ciphering process, whether the threshold value setting father node corresponding to each leaf node upper according to access structure is 1, classifies to each leaf node, and further according to the difference of father node type, classify to the set that the threshold value of father node is the leaf node of 1, be uploaded to high in the clouds according to classification results to after data encryption afterwards.Like this, the ciphertext length that data owner obtains, the deciphering amount of calculation of computation degree and follow-up sharing users with father node threshold value be not all only 1 community set relevant, and in access structure tree, threshold value is 1 corresponding or door, otherwise corresponding and door, therefore can say, overhead is relevant with the community set of door with father node, when access structure tree in or door increase time, relative to existing CP-ABE scheme, the calculation cost of system and communication overhead will greatly reduce, thus secret protection can be provided for user more efficiently, data sharing and access control service.

Fig. 2 shows the flow process that the cloud based on form attributes provided by the invention stores the access control method of ciphertext access control system, comprises the following steps:

S1: authentication center's operational management end 11, generation system PKI and main private key, be uploaded to high in the clouds by system PKI.

Further, the step of generation system PKI and main private key can comprise the following steps again:

S11: definition the Bilinear Groups of prime number p that to be rank be, g is generator.Definition bilinear map e: it is a hash function.The attribute space of define system for with community set S, community set definition Lagrange coefficient ${\mathrm{\Δ}}_{i,S}=\underset{j\∈S,j\≠i}{\Π}\frac{x-j}{i-j}.$

S12: input security parameter λ, select random number and calculate h=g ^β, u=g ^αwith v=e (g, g) ^α, and then according to formula obtain system PKI PK, and obtain main private key MK according to formula MK=(β, u).

S2: authentication center's operational management end 11, joins request according to the system that user sends, whether authenticated user is validated user, and when user is validated user, calculates the private key for user of user, and be distributed to user.

Further, the step calculating the private key for user of user comprises the following steps again:

S21: authentication center utilizes attribute space U, according to role or the identity of user, for user distributes corresponding community set S, community set

S22: the community set S inputting main private key MK and user, for user chooses random number and choose random number for each attribute j ∈ S in community set S private key for user SK is calculated according to following formula:

SK＝(D＝g ^(α+r)/β,

$\∀j\∈S:D_j=g^r\·H{\left(j\right)}^{r_j},{\tilde{D}}_j=g^r\·H({\left(trpe\right(j\left)\right)}^{r_j},D_j^{\′}=g^{r_j})$

Wherein, type (j) is the form class at attribute j place, and D is Bilinear Groups on element, D _jfor Bilinear Groups on element, for Bilinear Groups on element, D' _jfor Bilinear Groups on element.

S3: data owner running client 12, the data decimation session key that need upload is encrypted, whether the threshold value setting father node corresponding to each leaf node afterwards according to access structure is 1, classifies to each leaf node, and further according to the difference of father node type, classify to the set that the threshold value of father node is the leaf node of 1, afterwards according to classification results to session key to obtain session key ciphertext, afterwards by session key ciphertext and encryption after data upload to high in the clouds.

Further, step S3 comprises the following steps again:

S31: data owner running client 12, chooses session key ck, and adopts symmetric encipherment algorithm to encrypt the data M that need upload, and obtains the data E after encrypting _ck(M).

S32: input system PKI PK, session key ck and access structure are set access structure is set in each node x, arranging its child nodes number is num _x, arranging its threshold value is t _x, and have 0 < t _x≤ num _x, defining polynomial q _xdegree be d _x, and d _x=t _xthe child nodes of-1, node x successively marking serial numbers is 1 ..., num _xindex (x) is the sequence number of return node x, att (x) is for returning the attribute be associated with node x, and the form class that type (att (x)) is return attribute att (x) place, sets for access structure afterwards root node, choose random number and set q _r(0)=s, further Stochastic choice d _rindividual child node carrys out complete definition multinomial q _r, access structure is set other node x except root node, setting q _x(0)=q _parent(index (x)), further Stochastic choice d _xindividual child node carrys out complete definition multinomial q _x.Wherein the PKI PK of system is downloaded from high in the clouds by data owner and obtains.

S33: access structure is set leaf node x, if the threshold value t of father node parent (x) of leaf node x _{parent (x)}=1, then q _x(0)=q _{parent (x)}(0), Y is made ₁for access structure tree in the set of such leaf node, Y ₂it is access structure tree the set of the leaf node of middle remainder, and further according to Y ₁in the difference of father node type of each leaf node, by Y ₁be divided into Y ₁₁, Y ₁₂...

S34: according to following formula to session key, calculates session key ciphertext CT:

$\&ForAll;y\&Element;Y_{1i}(i=1,2,\mathrm{...}):C_y=g^{q_{parent\left(y\right)}\left(0\right)},C_y^{\&prime;}=H({\left(trpe\right(att\left(y\right)\left)\right)}^{q_{parent\left(y\right)}\left(0\right)},$

$\&ForAll;y\&Element;Y_2:C_y=g^{q_y\left(0\right)},C_y^{\&prime;}=H{\left(att\right(y\left)\right)}^{q_y\left(0\right)})$

Wherein, for the calculating to session key, C is the calculating to root node, C _yfor the calculating to property value corresponding to attribute y, C' _yfor the calculating to attribute y place form class.Especially, Y _1iin all leaf nodes there is identical C _yif the attribute of different leaf node belongs to identical type, then they have identical C' _y.

S35: by the data E after session key ciphertext CT and encryption _ck(M) high in the clouds is uploaded to.

S4: sharing users running client 12, from high in the clouds download session key ciphertext and corresponding shared data, and when the attribute be associated with own user private key meet access structure set time, obtain session key by session key decrypt ciphertext, utilize the shared data of deciphering the session key deciphering correspondence obtained afterwards.

Further, step S4 can comprise the following steps again:

S41: sharing users running client 12, from high in the clouds download session key ciphertext CT and corresponding shared data E _ck, and the private key SK corresponding to community set S that has of input system PKI PK, user (M) _s, and key ciphertext CT.

S42: sharing users calls predefined recursive function if the community set S of sharing users meets access structure tree then secure processing device encrypts information A is:

$A=DecryptNode(CT,SK,R)=e{(g,g)}^{{\mathrm{rq}}_R\left(0\right)}=e{(g,g)}^{rs}$

In the present invention, recursive function DecryptNode (CT, SK, x) is defined as follows:

If a node x is leaf node, and the threshold value k of its father node _x> 1, then define:

$\begin{array}{c}DecryptNode(CT,SK,x)=\frac{e(D_{att\left(x\right)},C_x)}{e(D_{att\left(x\right)}^{\&prime;},C_x^{\&prime;})}\\ =\frac{e(g^r\&CenterDot;H{\left(att\right(x\left)\right)}^{r_{att\left(x\right)}},g^{q_x\left(0\right)})}{e(g^{r_{att\left(x\right)}},H{\left(att\right(x\left)\right)}^{q_x\left(0\right)})}\\ =e{(g,g)}^{{\mathrm{rq}}_x\left(0\right)}\end{array}$

If b node x is leaf node, and the threshold value k of its father node _x=1, then define:

$\begin{array}{c}DecryptNode(CT,SK,x)=\frac{e({\tilde{D}}_{att\left(x\right)},C_x)}{e(D_{att\left(x\right)}^{\&prime;},C_x^{\&prime;})}\\ =\frac{e(g^r\&CenterDot;H{\left(type\right(att\left(y\right)\left)\right)}^{r_{att\left(x\right)}},g^{q_{parent\left(x\right)}\left(0\right)})}{e(g^{r_{att\left(x\right)}},H{\left(type\right(att\left(y\right)\left)\right)}^{q_{parent\left(x\right)}\left(0\right)})}\\ =e{(g,g)}^{{\mathrm{rq}}_{parent\left(x\right)}\left(0\right)}=e{(g,g)}^{{\mathrm{rq}}_x\left(0\right)}\end{array}$

If c node x is non-leaf nodes, F is exported to all child node z of node x, recursive call DecryptNode (CT, SK, z) _z.Definition S _xany t _xthe set of individual node z, and F _z≠ ⊥, calculates F according to following formula _xif can not find the S satisfied condition _xset, then F _x=⊥:

$\begin{array}{c}{F}_x=\underset{z\&Element;S_x}{\&Pi;}{F_z}^{{\mathrm{\&Delta;}}_{i,S_x^{\&prime;}}\left(0\right)},wherei=index\left(z\right),S_x^{\&prime;}=\left\{index\left(z\right)\right\}\\ =\underset{z\&Element;S_x}{\&Pi;}{(e,{(g,g)}^{{\mathrm{rq}}_z\left(0\right)})}^{{\mathrm{\&Delta;}}_{i,S_x^{\&prime;}}\left(0\right)}\\ =\underset{z\&Element;S_x}{\&Pi;}{(e,{(g,g)}^{{\mathrm{rq}}_z\left(0\right)})}^{{\mathrm{\&Delta;}}_{i,S_x^{\&prime;}}\left(0\right)}\\ =e{(g,g)}^{r\underset{z\&Element;S_x}{\&Sigma;}{q}_x\left(0\right){\mathrm{\&Delta;}}_{i,S_x^{\&prime;}}\left(0\right)}\\ =e{(g,g)}^{{\mathrm{rq}}_x\left(0\right)}\end{array}$

S43: according to following formula, session key ciphertext CT is deciphered, obtain session key ck:

$\frac{\tilde{C}}{e(C,D)/A}=\frac{ck\&CenterDot;e{(g,g)}^{\mathrm{\&alpha;}s}}{e(h^s,g^{(\mathrm{\&alpha;}+r)/\mathrm{\&beta;}})/e{(g,g)}^{rs}}=\frac{ck\&CenterDot;e{(g,g)}^{\mathrm{\&alpha;}s}}{e(h^s,g^{(\mathrm{\&alpha;}+r)/\mathrm{\&beta;}})/e{(g,g)}^{rs}}=ck$

S44: according to deciphering the session key ck and shared data E that obtain _ck(M), deciphering obtains data M.

The efficiency below above-mentioned cloud based on form attributes being stored to the access control method of ciphertext access control system is analyzed:

Definition with represent the point multiplication operation on group, C _erepresent Bilinear map computing.Order with middle length of element is respectively with it is finite field the length of upper element.Definition A _cthe property set that ciphertext c comprises, A _c1to be father node threshold value be the property set of 1 and N is the father node number satisfied condition, A _c2the property set that father node threshold value is greater than 1, so have | A _c|=| A _c1|+| A _c2|.Definition A _ube user property collection, S represents that the minimal attribute set meeting access structure closes.The efficiency comparative of the present invention and classical BSW07 scheme is analyzed as follows shown in table 2:

Table 2

According to as above table 2, contrast BSW07 scheme and the present invention, private key length of the present invention is slightly long.But, the ciphertext length in BSW07 scheme, computation degree all with | A _c| relevant, and the ciphertext length of institute of the present invention extracting method, computation degree, deciphering amount of calculation all with | A _c2| relevant, due to | A _c| > | A _c2|, so the present invention significantly improves communication and the computational efficiency of ciphertext access control method.

If data owner adopts access structure tree as shown in Figure 3 to perform ciphering process, the ciphertext length of BSW07 scheme is computation degree is the ciphertext length of the inventive method is computation degree is meanwhile, access structure tree in or the more efficiency improvements of door more remarkable.

In sum, cloud based on form attributes provided by the invention stores in ciphertext access control system and access control method thereof, data owner is in ciphering process, whether the threshold value setting father node corresponding to each leaf node upper according to access structure is 1, classifies to each leaf node, and further according to the difference of father node type, classify to the set that the threshold value of father node is the leaf node of 1, be uploaded to high in the clouds according to classification results to after data encryption afterwards.Like this, the ciphertext length that data owner obtains, the deciphering amount of calculation of computation degree and follow-up sharing users with father node threshold value be not all only 1 community set relevant, and in access structure tree, threshold value is 1 corresponding or door, otherwise corresponding and door, therefore can say, overhead is relevant with the community set of door with father node, when access structure tree in or door increase time, relative to existing CP-ABE scheme, the calculation cost of system and communication overhead will greatly reduce, thus secret protection can be provided for user more efficiently, data sharing and access control service.

One of ordinary skill in the art will appreciate that all or part of step realized in above-described embodiment method is that the hardware that can control to be correlated with by program completes, described program can be stored in a computer read/write memory medium, described storage medium, as ROM/RAM, disk, CD etc.

The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, all any amendments done within the spirit and principles in the present invention, equivalent replacement and improvement etc., all should be included within protection scope of the present invention.

Claims (6)

1. the cloud based on form attributes stores a ciphertext access control system, and it is characterized in that, described system comprises:

The management end run by authentication center, for generate and to each validated user dispatch user private key, described private key for user is associated with the attribute of respective user;

The client run by user, for when uploading data to high in the clouds, the data decimation session key that need upload is encrypted, whether the threshold value setting father node corresponding to each leaf node afterwards according to access structure is 1, each leaf node is classified, and further according to the difference of father node type, the set that the threshold value of father node is the leaf node of 1 is classified, afterwards according to classification results to described session key to obtain session key ciphertext, afterwards by described session key ciphertext and encryption after data upload to high in the clouds, also for when from high in the clouds downloading data, from high in the clouds download session key ciphertext and corresponding shared data, and when the attribute be associated with own user private key meet access structure set time, session key is obtained by session key decrypt ciphertext, utilize afterwards and decipher the shared data that the described session key obtained deciphers described correspondence.

2., as claimed in claim 1 based on an access control method for the cloud storage ciphertext access control system of form attributes, it is characterized in that, described method comprises:

Authentication center's operational management end, generation system PKI and main private key, be uploaded to high in the clouds by described system PKI;

Authentication center's operational management end, joins request according to the system that user sends, and whether authenticated user is validated user, and when user is validated user, calculates the private key for user of user, and be distributed to user;

Data owner running client, the data decimation session key that need upload is encrypted, whether the threshold value setting father node corresponding to each leaf node afterwards according to access structure is 1, classifies to each leaf node, and further according to the difference of father node type, classify to the set that the threshold value of father node is the leaf node of 1, afterwards according to classification results to described session key to obtain session key ciphertext, afterwards by described session key ciphertext and encryption after data upload to high in the clouds;

Sharing users running client, from high in the clouds download session key ciphertext and corresponding shared data, and when the attribute be associated with own user private key meet access structure set time, obtain session key by session key decrypt ciphertext, utilize afterwards and decipher the shared data that the described session key obtained deciphers described correspondence.

3., as claimed in claim 2 based on the access control method of the cloud storage ciphertext access control system of form attributes, it is characterized in that, the step of described generation system PKI and main private key comprises the following steps:

Definition the Bilinear Groups of prime number p that to be rank be, g is generator, definition bilinear map a hash function, the attribute space U={U of define system ₁..., U _m, for with community set S, described community set definition Lagrange coefficient ${\mathrm{\&Delta;}}_{i,S}=\underset{j\&Element;S,j\&NotEqual;i}{\&Pi;}\frac{x-j}{i-j};$

Input security parameter λ, selects random number and calculate h=g ^β, u=g ^αwith v=e (g, g) ^α, and then according to formula obtain system PKI PK, and obtain main private key MK according to formula MK=(β, u).

4., as claimed in claim 3 based on the access control method of the cloud storage ciphertext access control system of form attributes, it is characterized in that, the step of the private key for user of described calculating user comprises the following steps:

Authentication center utilizes described attribute space U, according to role or the identity of user, for user distributes corresponding community set S, and described community set

Input the community set S of main private key MK and user, for user chooses random number and choose random number for each attribute j ∈ S' in community set S private key for user SK is calculated according to following formula:

$\begin{array}{c}SK=(D=g^{(\mathrm{\&alpha;}+r)/\mathrm{\&beta;}},\\ \&ForAll;j\&Element;S:D_j=g^r\&CenterDot;H{\left(j\right)}^{r_j},{\tilde{D}}_j=g^r\&CenterDot;H{\left(type\right(j\left)\right)}^{r_j},D_j^{\&prime;}{g}^{r_j})\end{array}$

Wherein, type (j) is the form class at attribute j place, and D is Bilinear Groups on element, D _jfor Bilinear Groups on element, for Bilinear Groups on element, D' _jfor Bilinear Groups on element.

5. as claimed in claim 4 based on the access control method of the cloud storage ciphertext access control system of form attributes, it is characterized in that, described data owner running client, the data decimation session key that need upload is encrypted, whether the threshold value setting father node corresponding to each leaf node afterwards according to access structure is 1, each leaf node is classified, and further according to the difference of father node type, the set that the threshold value of father node is the leaf node of 1 is classified, afterwards according to classification results to described session key to obtain session key ciphertext, afterwards the step of the data upload after described session key ciphertext and encryption to high in the clouds is comprised the following steps:

Data owner running client, chooses session key ck, and adopts symmetric encipherment algorithm to encrypt the data M that need upload, and obtains the data E after encrypting _ck(M);

Input system PKI PK, session key ck and access structure are set access structure is set in each node x, arranging its child nodes number is num _x, arranging its threshold value is t _x, and have 0 < t _x≤ num _x, defining polynomial q _xdegree be d _x, and d _x=t _xthe child nodes of-1, node x successively marking serial numbers is 1 ..., num _xindex (x) is the sequence number of return node x, att (x) is for returning the attribute be associated with node x, and the form class that type (att (x)) is return attribute att (x) place, sets for access structure afterwards root node, choose random number and set q _r(0)=s, further Stochastic choice d _rindividual child node carrys out complete definition multinomial q _r, access structure is set other node x except root node, setting q _x(0)=q _parent(index (x)), further Stochastic choice d _xindividual child node carrys out complete definition multinomial q _x;

Access structure is set leaf node x, if the threshold value t of father node parent (x) of leaf node x _{parent (x)}=1, then q _x(0)=q _{parent (x)}(0), Y is made ₁for access structure tree in the set of such leaf node, Y ₂it is access structure tree the set of the leaf node of middle remainder, and further according to Y ₁in the difference of father node type of each leaf node, by Y ₁be divided into Y ₁₁, Y ₁₂,

According to following formula to session key, calculate session key ciphertext CT:

Wherein, for the calculating to session key, C is the calculating to root node, C _yfor the calculating to property value corresponding to attribute y, C' _yfor the calculating to attribute y place form class;

By the data E after session key ciphertext CT and encryption _ck(M) high in the clouds is uploaded to.

6. as claimed in claim 5 based on the access control method of the cloud storage ciphertext access control system of form attributes, it is characterized in that, described sharing users running client, from high in the clouds download session key ciphertext and corresponding shared data, and when the attribute be associated with own user private key meet access structure set time, obtain session key by session key decrypt ciphertext, the step that the described session key utilizing deciphering to obtain afterwards deciphers the shared data of described correspondence comprises the following steps:

Sharing users running client, from high in the clouds download session key ciphertext CT and corresponding shared data E _ck, and the private key SK corresponding to community set S that has of input system PKI PK, user (M) _s, and key ciphertext CT;

Sharing users calls predefined recursive function if the community set S of sharing users meets access structure tree then secure processing device encrypts information A is:

$A=DecryptNode(CT,SK,R)=e{(g,g)}^{{\mathrm{rq}}_R\left(0\right)}=e{(g,g)}^{rs};$

According to following formula, session key ciphertext CT is deciphered, obtains session key ck:

$\frac{\tilde{C}}{e(C,D)/A}=\frac{ck\&CenterDot;e{(g,g)}^{\mathrm{\&alpha;}s}}{e(h^s,g^{(\mathrm{\&alpha;}+r)/\mathrm{\&beta;}})/e{(g,g)}^{rs}}=\frac{ck\&CenterDot;e{(g,g)}^{\mathrm{\&alpha;}s}}{e(h^s,g^{(\mathrm{\&alpha;}+r)/\mathrm{\&beta;}})/e{(g,g)}^{rs}}=ck;$

According to deciphering the session key ck and shared data E that obtain _ck(M), deciphering obtains data M.