Time and Attribute Based Dual Access Control and Data Integrity Verifiable Scheme in Cloud Computing Applications

Abstract

In the era of big data, cloud-based industrial applications can provide available and convenient data access for resource-constrained smart devices. Attribute-based encryption can be used to ensure data security while providing fine-grained data access. However, current attribute-based encryption schemes rarely consider the access control of time, and the integrity verification of data simultaneously. In response to the above two problems, we propose a time and attribute based dual access control and data integrity verifiable scheme in cloud computing applications (DCDV). Firstly, a hierarchical time tree is introduced in the attribute-based encryption technology by using of hierarchical identity-based encryption technology to set an effective access time period and a specified decryptable time period for the user's attributes key and encrypted data separately. The decryption operation can only be performed if the attribute set of user satisfies the data owner's access policy and the effective access time period of the user's attributes key completely covered the decryption time period set by the data owner. In this way, the data is dual controlled with time and attributes to solve the problem of privacy data leakage caused by private key leakage. Secondly, by using of the inverted index and Merkle hash tree, the data verification tree is designed. The data user can verify the integrity of the ciphertext data returned by the cloud server without decryption, which solves the problem that the cloud server may delete or modify the data. Finally, the security proof and efficiency analysis show that our scheme is secure and practical.