Data access control method and system using attribute-based password for secure and efficient data sharing in cloud environment

摘要

The present invention discloses a data access control method and system using an attribute-based password for safe and efficient data sharing in a cloud environment. A data access control method using an attribute-based password for safe and efficient data sharing in a cloud environment according to an aspect of the present invention, a TTP server, manages user information registered by a user, and includes a public key and a master key. Generating a secret key; Transmitting, by a TTP server, the generated public key, master key, and private key to a data owner unit and a user unit; Encrypting the data and uploading the data to the cloud storage by creating an access structure, by the data owner unit, based on the information transmitted from the TTP server and the attribute of the user unit that can access the data in the cloud environment; Generating a token for accessing the cloud by the user unit using the information transmitted from the TTP server and accessing the cloud storage; When the AC server compares the attribute of the access structure specified in the ciphertext to be accessed by the user and matches the attribute of the user, partial decryption proceeds to generate a key element required for final decryption, and transmits it to the user unit together with the cipher text; And blocking, by the AC server, releasing the attribute of the withdrawn user from accessing the cloud storage with the information previously held by the withdrawn user.