부산대학교 도서관

As file management is widely used in e-government and enterprise office, the file exchange, as the main means of sharing and collaborating in office, has been far from able to meet the needs of data security. Encrypted Storage with its highly security, controllability, can be an effective solution to the limitations of existing authority control services. However, during the data sharing and exchange, the file is separated from the owner, which has the problem of insufficient or over -authorization, thus needs fine-grained hierarchical control and cooperation. In this article, we propose a hierarchical management and control scheme for encrypted storage combined with ciphertext retrieval. The proposed scheme supports top-down privilege division without increasing the number of managed keys, all the data are processed and authorized strictly, the high-level user can deduce the keys of lower authorized users, but not vice versa, thus solving data leakage caused by over-authorization. Through performance and security analysis, we demonstrate that the scheme can better meet the data security and precise authorization requirements.