Abstract

Abstract: Protecting data and managing data accessin a public cloud storage system is a difficult task. Cipher text PolicyAttribute-Based Encryption (CP-ABE) is a promising technique for providingversatile, fine-grained, and secure data access control for cloud storage withhonest-but-suspicious cloud servers. When a CP-ABE scheme is used in alarge-scale cloud storage system, however, numerous works have been proposed inwhich the single attribute authority must conduct the time-consuming userlegitimacy verification and hidden key distribution, resulting in asingle-point performance bottleneck. Clients can be trapped in line for a longtime to receive their mystery keys, resulting in the framework's inefficiency.Despite the fact that multi authority access control proposals have beenproposed, these plans are still unable to overcome the drawbacks ofsingle-point bottleneck and low performance, due to the way each authoritystill deals with a disjoint characteristic set independently. In this paper, anovel heterogeneous architecture is proposed to solve the problem of a singlepoint performance bottleneck and provide a more robust access control schemewith auditing capabilities. Multiple attribute authorities are used in thissystem to spread the burden of user legitimacy verification. Meanwhile, a CA(Central Authority) is implemented in this scheme to produce hidden keys forvalidity checked users, and each of our scheme's authorities manages the entireattribute collection individually. This system increases key generationefficiency while still meeting security requirements.

Keywords: CA(Central Authority); Cipher text Policy Attribute-Based Encryption (CP-ABE);attribute authorities (AAs); Location-aware attribute-based access controlsystem (LABAC).