Abstract
Access control technology is one of the key technologies to ensure safe resource sharing. Identity authentication and authority distribution are two key technologies for access control technology to restrict unauthorized users from accessing resources and resources can only be accessed by authorized legal users.However, user privacy protection and frequent permission changes are two thorny issues that need to be solved urgently by access control technology. To deal with these problems, this paper proposes a dynamic access control technology based on privacy protection. Compared with existing access control technologies, the main advantages of this paper are as follows: 1) encrypt and hide the attributes of entities, and use attribute-based identity authentication technology for identity authentication, which not only achieves the purpose of traditional identity authentication, but also ensures the attributes and privacy of entities are not leaked; 2) Binding resource access permissions with entity attributes, dynamically assigning and adjusting resource access control permissions through changes in entity attributes, making resource access control more fine-grained and more flexible. Security proof and performance analysis show that the proposed protocol safe under the hardness assumption of the discrete logarithm problem (DLP) and the decision bilinear Diffie-Hellman (DBDH) problem. Compared with the cited references, it has the advantages of low computational complexity, short computational time, and low communication overhead.
T-RBAC based Multi-domain Access Control Method in Cloud
