In cloud computing platform Hadoop, because user data stored in the cloud is not a controllable domain, so how to protect the important data of user confidentiality and legally is an issue of most concern. In traditional public encrypt mechanism, the encryption resource provider needs obtain all relevant information of user, it will damage the user's privacy certainly, and it will need more bandwidth and large processing overhead. To solve this issue described above, we proposed a new security access control solution for Hadoop based on CP-ABE, in our solution the CP-ABE use multiple attributes (collection of properties) to identify a user, rather than use a only identity information, and theoretical analysis showed that our CP-ABE based solution can avoid obtaining user complete information and enhanced security for user accessing file on Hadoop.
[1]
Robert H. Deng,et al.
Fully Secure Cipertext-Policy Hiding CP-ABE
,
2011,
ISPEC.
[2]
Dalit Naor,et al.
Broadcast Encryption
,
1993,
Encyclopedia of Multimedia.
[3]
Brent Waters,et al.
Fuzzy Identity-Based Encryption
,
2005,
EUROCRYPT.
[4]
Hairong Kuang,et al.
The Hadoop Distributed File System
,
2010,
2010 IEEE 26th Symposium on Mass Storage Systems and Technologies (MSST).
[5]
Brent Waters,et al.
Attribute-based encryption for fine-grained access control of encrypted data
,
2006,
CCS '06.
[6]
Amos Fiat,et al.
Broadcast Encryption
,
1993,
CRYPTO.
[7]
Matthew K. Franklin,et al.
Identity-Based Encryption from the Weil Pairing
,
2001,
CRYPTO.