Data access privilege managing method and apparatus

PURPOSE: A data access right managing method and an apparatus thereof are provided to secure confidentiality of data by separating/dispersing/storing a data file stored in a cloud server into a header and a body. CONSTITUTION: A data owner terminal(100) encodes a data file into a symmetric key and obtains an encoded text consisting of a header and a body. The data owner terminal encodes the symmetric key in a KP-ABE(Key Policy Attribute Based Encryption) mode and is included in a header of the encoded text. A right manager terminal(210) stores a header of the encoded text and certifies the validity of a user through a system user list.