Multi-security-level cloud storage system based on improved proxy re-encryption

Abstract

Based on the characteristics and data security requirements of the cloud environment, we present a scheme for a multi-security-level cloud storage system that is combined with AES symmetric encryption and an improved identity-based proxy re-encryption (PRE) algorithm. Our optimization includes support for fine-grained control and performance optimization. Through a combination of attribute-based encryption methods, we add a fine-grained control factor to our algorithm in which each authorization operation is only valid for a single factor. By reducing the number of bilinear mappings, which are the most time-consuming processes, we achieve our aim of optimizing performance. Last but not least, we implement secure data sharing among heterogeneous cloud systems. As shown in experiment, our proposed multi-security-level cloud storage system implements services such as the direct storage of data, transparent AES encryption, PRE protection that supports fine-grained and ciphertext heterogeneous transformation, and other functions such as authentication and data management. In terms of performance, we achieve time-cost reductions of 29.8% for the entire process, 48.3% for delegation and 47.2% for decryption.