关键词: 改进属性基加密, 云计算, 访问精准控制, 信任度, 分级授权

Abstract: Due to the complexity of multi tenant and multi-level security requirements in cloud computing environments, existing access control strategies are difficult to meet the needs of different users and applications, resulting in lower resource access security and more time consumption during encryption and decryption. To address the above issues, combining CP-ABE(Ciphertext Policy-Attribute Based Encryption) with asymmetric encryption RSA(Rivest Shamir Adleman) research on hierarchical access control of cloud computing resources is conducted. A CP-ABE access control architecture is established and encrypted access policies are developed. The trust values related to hierarchical access of cloud computing resources is used to clarify the trust relationship of access, and the trust degree of access subject and object resources are obtainined. Based on the calculated trust value, users are granted hierarchical authorization to meet the needs of multi tenant and multi-level security. Based on the results of user identity hierarchical authorization, the RSA algorithm is used to replace the complex bilinear mapping of CP-ABE for encryption and decryption, achieving precise control of resourcehierarchical access and reducing encryption and decryption time consumption. Through experimental testing, it was found that the proposed method can achieve a concurrent connection count of 400, a maximum over authorization rate of 6. 8% for hierarchical access, and an effective control of access control response time of less than 6 seconds, which can effectively meet the multi tenant and multi-level security needs of application scenarios. It has a good effect on hierarchical access control of cloud computing resources. 

Key words: improve attribute based encryption, cloud computing, access precise control, trust level, graded authorization