Data access control method and system using attribute-based password for secure and efficient data sharing in cloud environment

摘要

The present invention discloses a data access control method and system using attribute-based encryption for safe and efficient data sharing in a cloud environment. In a data access control method using attribute-based encryption for safe and efficient data sharing in a cloud environment according to an aspect of the present invention, a TTP server manages user information registered by a user, and includes a public key and a master key and generating a secret key; transmitting, by the TTP server, the generated public key to a data owner unit and a user unit, respectively, and transmitting the master key and the private key to the user unit; encrypting, by the data owner unit, the data transmitted from the TTP server and uploading the data to the cloud storage by creating an access structure based on the information received from the TTP server and the attribute of the user unit capable of accessing its own data in the cloud environment; generating, by the user unit, a token for accessing the cloud using the information received from the TTP server and accessing the cloud storage; When the AC server compares and matches the attribute of the access structure specified in the cipher text to be accessed by the user unit and the user attribute, partial decryption proceeds to generate a key element necessary for final decryption and transmits it to the user unit together with the cipher text; and blocking, by the AC server, from accessing the cloud storage with information previously owned by the withdrawn user by canceling the attribute of the withdrawn user; The AC server is characterized in that the size of the cipher text is not proportional to the number of attributes and outputs a predetermined size.