摘要 |
The present invention relates to a system and a method for cloud data access control using attribute based encryption. A system includes a cloud data center, which generates an attribute set L of a user to generates a secret key SK through the calculation of a master key MK and the attribute set L and to transmit the generated SK to the user terminal, in response to a request for user authentication and the SK from the user terminal; compares the attribute set L of the user with an access structure AS of data to check access rights to the data, in response to a data access request message transmitted from the user terminal; and transmits an encoded data encryption key and encoded data to the user terminal when the access rights are checked. According to the present invention, the problem of key management can be solved since a user has to manage only one SK distributed from an access control center as a key for decoding cloud data, and a function for controlling access to decodable data can be even provided by including the user′s attribute set in the distributed SK. |