文摘
Video on demand (VoD) is a popular application on the Internet. In the past few years, more and more VoD services are shifted to cloud. Although this transformation introduces many benefits, it arouses new challenges of data security due to the outsourcing storage on untrusted cloud servers. For satisfying the requirements of fine-grained access control in cloud, Attribute-Based Encryption (ABE) algorithms are applied to this field. However, due to the large number of videos and users in cloud, there exist frequent subscribing/unsubscribing behaviors and numerous categories, which induce the challenges for higher flexibility and efficiency. Most of existing schemes do not discuss these challenges sufficiently. In this paper, we propose an ABE-based Secure Independent-update Concise- expression Access Control (SICAC) scheme in Cloud, to provide flexible and efficient authentication and authorization for VoD services. In the aspect of access policy update, to guarantee that users cannot affect each other, we design an independent-update key policy ABE (KP-ABE) algorithm which allows users to update their keys separately, while most of existing schemes require that all members of a group should be updated simultaneously. In the aspect of attribute description, to reduce the storage cost, we propose a concise-expression access structure which can describe various logic relationships flexibly and efficiently. The security is proved in standard model and the experiment is implemented with Pairing-Based Cryptography(PBC) library. Both the theoretical analysis and the experimental results show that our scheme is efficient and effective for VoD services in cloud.