1(School of Data and Target Engineering,PLA Information Engineering University,Zhengzhou 450001,China)2(School of Software and Applied Technology,Zhengzhou University,Zhengzhou 450001,China)
Abstract:Aiming at the requirements for secure sharing of data with varying levels of sensitivity in cloud storage,a hierarchical key distribution and data encryption scheme (CloudMLS) based on linear geometry was proposed,which enforces the multi-level security access control strategy that satisfies the Bell-La Padula (BLP) model.By separating read key and write key,CloudMLS achieves the flexible authorization of read and write access,and limits users′ encryption and decryption capabilities based on their security class,in order to meet the“no read up”and“no write down”characteristics of BLP model.In addition,the CloudMLS′s ciphertext and key updating algorithm when access policy dynamically changes was also presented.The comparative analysis of safety and efficiency show that the scheme reduces the computational overhead by calculating the lower security classes′ read keys and it′s message indistinguishable against chosen-plaintext attack(CPA).
2019, Vol. 40 
