CN104780174A - Safe content access method - Google Patents

Abstract

The invention provides a safe content access method used for encrypting a file in a cloud computing environment. The safe content access method comprises the following steps: updating a secrete key through re-encryption to prevent a server from acquiring the plaintext information of file data of a database side; executing an access control policy according to an access control matrix to prevent a user from performing unauthorized file access. According to the safe content access method, the safety performance cost of cloud storage is further safely and effectively reduced, the maintenance quantity of the database side is decreased, and an efficient secrete key and data updating policy is constructed.

Description

A kind of content safety access method

Technical field

The present invention relates to cloud security, particularly a kind of content safety access method stored for cloud.

Background technology

Cloud is stored as a kind of emerging service form and configures with its elasticity, buys as required, is easy to the storage selection that the advantages such as maintenance become numerous tissue.But under cloud memory module, data have departed from the control range of user, which results in the worry of user to server reliability and Information Security.For example, along with the development of intelligent medical treatment, medical platform based on cloud computing is widely used by medical institutions, the sensitive data produced in medical science and medical treatment needs to ensure storage security, and now ciphertext access control is the important method improving medical personnel's data confidentiality under cloud memory module He realize fine-granularity access control.Huge and in the tissue that the access rights of department internal staff to resource are basically identical in staff size, if still each user can be wasted a large amount of computational resources and storage resources as independent access control unit.Authority renewal rewards theory frequently may be there is in high security level data, now data owner also need upgrade from server retrieves data and key ciphertext and upload onto the server, and distribute new key to user, obvious data are again encrypted and newly-generatedly with key reconsul are brought serious performance cost to database side, reduce entire system treatment effeciency.Therefore, key management that the frequent policy update of high secure data under huge userbase brings to database side how is effectively reduced and Data Update performance cost is ciphertext access control problem demanding prompt solution.Although cipher key index tree effectively reduces the cost that part authority upgrades in the scheme of existing support dynamic strategy, but the key maintenance cost of user is still very high, simultaneously under authority update status, the renewal of high security level data still needs to be completed by database side, does not securely and effectively reduce the cost of data management.

Summary of the invention

For solving the problem existing for above-mentioned prior art, the present invention proposes a kind of content safety access method, for being encrypted file in cloud computing environment, it is characterized in that, comprising:

Complete the renewal of key by encryption mechanism again, prevent server from obtaining the cleartext information of database side file data;

Perform access control policy according to access control matrix, prevent user's unauthorized access file.

Preferably, described cloud computing environment comprises database side, user side and Cloud Server, and described database side comprises key tree and builds module, file permission update module, data management module, update of role module, again encryption key module; Wherein key tree builds the cipher key index tree that module is used for converting to according to access control matrix correspondence; Described update of role module is used for user role and upgrades, and process key upgrades and Data Update simultaneously; File permission update module for authorizing or cancelling the access rights of role R to file f, and upgrades relevant authentication, key, data; The rk of encryption key again of the described spanned file of encrypting module again key kf, and passed to the encryption again that server completes file symmetric key; The encryption that data management module realizes data is uploaded, and completes Data Update according to double layer encryption strategy; User side include file access modules, utilizes user role key and associated authentication information acquisition decruption key to obtain cleartext information.

Preferably, described double layer encryption strategy comprises further:

When authority removal process file authority odd-times changes, not backspace file data, only complete the renewal of key by encryption mechanism again, the outer encryption key of server by utilizing role is encrypted again to file cipher text simultaneously, and the key preserved before the user after cancelling to prevent authority utilizes obtains plaintext document; When even-times, the ciphertext that database side obtains double layer encryption is decrypted and file re-encrypted, utilizes simultaneously and has again encrypted key updating.

The present invention compared to existing technology, has the following advantages:

This method reduce the complexity of database side maintenance key, improve key safety; Cryptographic tasks is transferred to server to perform, reduce the expense of key updating.Meanwhile, the present invention utilizes the encryption policy of improvement to reduce the return frequency of data as far as possible, saves computing cost and communication overhead from key and data two aspects.

Accompanying drawing explanation

Fig. 1 is the flow chart of the content safety access method according to the embodiment of the present invention.

Embodiment

Detailed description to one or more embodiment of the present invention is hereafter provided together with the accompanying drawing of the diagram principle of the invention.Describe the present invention in conjunction with such embodiment, but the invention is not restricted to any embodiment.Scope of the present invention is only defined by the claims, and the present invention contain many substitute, amendment and equivalent.Set forth many details in the following description to provide thorough understanding of the present invention.These details are provided for exemplary purposes, and also can realize the present invention according to claims without some in these details or all details.

An aspect of of the present present invention provides a kind of content safety access method.Fig. 1 is the content safety access method flow chart according to the embodiment of the present invention.For the integrity problem of server, the present invention adopts mainstream applications context service device, and server correctly performs the access control policy proposed in embodiment, but can attempt the cleartext information obtaining data.The user of malice may be there is simultaneously in user, attempt the not one's own fileinfo of unauthorized access.Therefore, the present invention mainly prevents server from obtaining cleartext information and these two kinds of attack patterns of user's unauthorized access file of database end data.

The present invention utilizes index tree to retain its policy update advantage, and on its basis resource group and role are classified as to resource and user, and reduce the complexity of database side maintenance key further in conjunction with key computing (authentication) mechanism, available protecting node key and file encryption key; In order to access control policy upgrades the key updating cost brought, cryptographic tasks is transferred to server to perform, database side only needs the newly-generated task of service portion key, save communication overhead and computing cost in a large number like this, compensate for index tree authority and cancel the shortcoming that in process, key updating cost is large.Meanwhile, in order to improve the efficiency of Data Update, the present invention utilizes double layer encryption strategy to reduce the return frequency of data in policy update as far as possible.The present invention saves computing cost and communication overhead from key and data two aspect respectively, supports dynamically updating of access control policy better.

Lower mask body introduces 3 importances of the present invention: the strategy that construction method, the again encipherment scheme of cipher key index tree and file data upgrade.

The structure of 1 cipher key index tree

Before structure cipher key index tree, the present invention needs user identical for access rights in access control matrix to be classified as same role (R), the resource that access object is identical is classified as same secure resources group (SC), reduce key maintenance by sorting out, and the common factor guaranteeing not have respectively between role and secure resources group user and file is namely: and i ≠ j.Owing to just sorting out user and resource herein, therefore, the reliability of conversion process and completeness are satisfied.

Index tree sort out basis on can reduce key maintenance in access control further, but user still needs to safeguard multiple key, needs maintenance 2 in worst case ^{| R|-1}individual key.In model of the present invention, index tree leaf node and SC one_to_one corresponding, the key of non-leaf nodes is that symmetric key is for the formation of authentication, the key that leaf node is corresponding is unsymmetrical key, for the symmetric key of encrypt asset, this will be conducive to the renewal cost of the file key reduced in dynamic strategy.On this basis, the present invention utilizes and carries out framework improvement based on the key operation method of authentication to index tree, and distributes unique role key for user, and the cipher key index built based on key computing is set.Authentication information safety all in a model also can disclose, database side can leave itself and resource in burden that server end reduces database side, greatly improve key safety, user can calculate the key of All Files in extent of competence according to unique role key and relevant authentication simultaneously, decreases the key maintenance of user and data owner's database side.

In key tree, suppose key k _iand k _jfather node v respectively _iwith child nodes v _jkey, then authentication T _i, j=k _j⊕ h (k _i), wherein ⊕ is xor operation, and h is an One-way Hash function, therefore, anyly holds father node key k _iuser, utilize to calculate and obtain h (k _i), and by calculating k _j=h (k _i) ⊕ T _{i, j}obtain child node v _jkey k _j.

Definition 1.Key operation function F.Cipher key sets is designated as κ, and authentication set is designated as T.Direct key operation function F: κ → 2 κ represents by key k _ithe set of all keys formations of direct computing, is defined as F (k _i)={ k _j| k _j∈ κ, t _{i, j}∈ T}.Key operation function F*: κ → 2 κ represents all cipher key sets by direct computing or computing indirectly, is defined as F (k _i) *={ k _m| k _m∈ κ, k _j∈ κ, k _t∈ κ ..., (T _{i, j}..., T _{t, m}) ∈ T}.

Definition 2.Asset keys partition function φ.File set is designated as File and the set of leaf node unsymmetrical key is designated as κ ^*, asset keys partition function φ: f → κ ^*represent and distribute unique asymmetric cryptographic key to the symmetric key of any file f, be defined as φ (f)=k _jif, k _j∈ κ ^*, f ∈ SC _i, ACSi=Pk _j, wherein ACS _ifor the access control vector binary representation of f, pk _jrepresent from root node to counterpart keys k _jleaf node path.

Definition 3.Role key distribution ξ.In index tree, role R can obtain cipher key sets and is on level corresponding to its access index tree $\mathrm{\α}\left(R_i\right)=\left\{k\right|\∀S{C}_j\mathrm{if}{A^{,}}_{\mathrm{ij}}=1\mathrm{ks}{c}_j\∈F{\left(k\right)}^{*}\}.$ Role key distribution function ξ: R → κ represents the key ξ (R that the user that distributes to role R is unique _i)={ k|F (k)=α (R _i).Therefore, the addressable cipher key sets of role R can be expressed as F ^*(ξ (R _i))={ k|k ∈ F (k _i) *, k _i∈ α (R _i).

Definition 4.Key management model . be defined as a tlv triple it completes management and the computing of key for whole system, is distributed ξ formed by key operation function F*, asset keys partition function φ, role key.

Key management model key distribution is carried out to respective nodes in the basis of index tree, authentication generates the structure realizing index tree, concrete steps are as follows:

1) after index tree is set up, in order to ensure effective work of model, this model is each the path node distributed key to leaf node from root node, and each key is the random symmetric key produced.Database side is that each secure resources component that leaf node is corresponding joins a unsymmetrical key.

2) according to the key situation of each branch in index tree, generate node authentication successively from top to bottom, and then be each role creation role key and cipher key sets if A ' _ij=1, ksc _j∈ F (k) ^*between all role's authentications, namely generate role key and the role's authentication between the right child nodes of corresponding Role hierarchy.

3) according to encryption policy file be encrypted and sign, and uploading onto the server.User can obtain the decruption key of file to obtain expressly according to authentication chain and the role key of self.In the process that the access strategy in later stage upgrades, correspondingly can upgrade corresponding authentication chain and key.

Key management model user access control matrix table is carried out role and resource to sort out, upload transformation key tree through the structure of index tree, the distribution of key, the encryption of file, enhance access control ability.By the method, database side only needs to safeguard root key and role key, and user only need safeguard a key i.e. role key belonging to it, greatly reduces the number of keys that database side needs to safeguard, and improves the fail safe of key.

2 encrypt again

On the basis of key tree, in order to access control policy is dynamically updated the file key that causes again encryption expenses transfer to server and perform, the present invention utilizes again cryptographic algorithm to upgrade the file key of leaf node asymmetric-key encryption.This algorithm file key ciphertext length is not again encrypted the increase of number of times with file and increases, and meets the demand of access control policy frequent updating, and server is performing the relevant information that cannot obtain plaintext in the process of again encrypting simultaneously.The formula again encrypted is as follows:

k’ _f(g ^bmod P) ^rmod P＝k _f(g ^amod P) ^rmod P k _f/k’ _f(g ^rmod P) ^a-b，

In formula, P is Big prime, Z ^* _pfor the multiplication loop group of mould P, g is cyclic group Z ^* _pgenerator, k _f, k ' _ffor key plain information, parameter a, b, r satisfy condition 1≤a, b, r≤P-2, and wherein a, b are private key, and r is encryption random parameter, wherein k ' f (g ^bmod P) ^rmod P, k _f(g ^amod P) ^rmod P is the latter half of the ciphertext that encryption kf, k ' f obtains, and first half is g ^rmod p.This algorithm will use PKI g ^athe kf ciphertext that mod P encrypts converts the g that uses public-key to ^bmod P encrypts the ciphertext that k ' f obtains, and can not reveal cleartext information and association key in this process.Encryption key formula is again

rk＝k _f/k’ _f(g ^rmodP) ^a-b。

Above-mentioned formula meets the character of again encrypting, and can ensure the file key safety of encryption.When strategy changes, database side only needs the relevant parameter k generating again encryption key _fk ' ^-1 _fand a-b, and passed to server the renewal that re-encrypted can complete key is carried out to file key, reduce access control policy and update to the burden that database side brings.

3 double layer encryption strategies

Above-mentioned mechanism can reduce the complexity administered and maintained of key effectively, but because data scale is large, symmetric cryptography need be adopted, and symmetric cryptography does not have effective mechanism of again encrypting, therefore, when policy update, need to return corresponding data ciphertext, by database side, related data is encrypted again, database side burden can be increased the weight of so widely.

Therefore, the present invention uses double layer encryption strategy to significantly reduce the Data Update cost of file size return frequency and database side.Main thought is by when authority removal process file authority odd-times changes, backspace file data only do not complete the renewal of key by encryption mechanism again, the outer encryption key of server by utilizing role is encrypted again to file cipher text simultaneously, and the key preserved before the user after cancelling to prevent authority utilizes obtains plaintext document; When even-times, the ciphertext that database side obtains double layer encryption is decrypted and file re-encrypted, utilizes simultaneously and has again encrypted key updating, which reduce the number of times that file data returns, and improves database side data management and upgrades cost.

In order to realize double layer encryption, server needs for each role in role set R safeguards an outer key, and is provided to the role of correspondence by escape way, and upgrades along with the outer key of change to role of authority number of undo levels.For the renewal process of Single document f description document and key.When file f odd-times authority reclaims, database side only needs spanned file key k _fthe rk of encryption key again (symmetric key of file f is constant), and send it to server and complete k _fencryption again.Server end upgrades corresponding outer key of cancelling role, and utilizes the new outer symmetric key of corresponding role to be encrypted file cipher text.When file f even-times authority reclaims, data ciphertext returns by database side, and regenerates file cipher text after carrying out 2 layers of deciphering, generates new file key k ' simultaneously _fwith ancient deed key k _fthe rk of encryption key again (symmetric key of file f changes), and send to server to complete file f key updating.

In order to supporting double-layer encryption policy, before files passe to server end, database side needs file data form to carry out relevant treatment,

Concrete processing procedure is as follows:

1) be ID that file allocation one is unique;

2) be the encryption key dk that file Stochastic choice one is symmetrical, and symmetric cryptography is carried out to file, utilize the hash value of the root key of database side to file to sign simultaneously;

3) file binary system path in index tree is deposited as file path, so that user obtains authentication chain, whether flag there is the mark of double layer encryption as file simultaneously, individual layer is only had to encrypt if flag is 0 expression, if be 1, comprise double layer encryption, be initially 0, server for encrypting once this value just increases 1.

Reduced the complexity of the renewal of key in dynamic strategy renewal by effective combination of key tree, again encryption mechanism, double layer encryption strategy, and effectively improve the efficiency of Data Update, reduce the administrative burden of database side.

The architectural framework that the present invention adopts comprises database side, user side and Cloud Server, and database side mainly comprises key tree and builds module, file permission update module, data management module, update of role module, again encryption key module; User side mainly comprises file access module.Wherein key tree builds module and converts corresponding key tree to according to access control matrix, and utilizes key calculation mechanism, reduce further key management complexity, improves the fail safe of key.Update of role module mainly realize user role upgrade, process simultaneously bring thus authentication renewal, key updating, Data Update.File permission update module primary responsibility is authorized or is cancelled the access rights of role R to file f, and upgrades relevant authentication, key, data.Encrypting module spanned file key k again _fthe rk of encryption key again, and passed to the encryption again that server completes file symmetric key, can the scene of effective adaptive strategy frequent updating.

The encryption that data management module mainly realizes data is uploaded, and completes Data Update according to double layer encryption strategy.The main include file access modules of user side utilizes user role key and associated authentication information acquisition decruption key to obtain cleartext information.The flow process journey of follow-up browsing process and strategy change will complete primarily of above-mentioned functions module.

In technical solution of the present invention, data access process is divided into parameter initialization, file distribution, distribute keys, obtains these 4 stages of file.In data access process, build module mainly through key tree realize the structure of key tree and the issue of file, utilize file access module to realize the access of file cipher text.

In the parameter initialization stage, the initialization of database side generation system open parameter Big prime P, territory Z ^* _p, generator g, random parameter r and g _rmod P.In the file distribution stage, build module construction key tree by key tree and realize the encryption issuing function of file.File f is increased newly in server process in database side, first be starting point to server request with root node, the authentication chain of path access control vector ACS (f) that is file f, then utilize the key dk of database side and authentication chain to calculate tail node key vk; Point 2 kinds of situations after obtaining key vk: if first the length of chain is equal with ACS (f) length, then illustrate in key tree there is corresponding secure resources group, directly utilizes vk to encrypt the symmetric key k of f _f, complete the encryption of file f by file encryption module and upload onto the server after signing.Otherwise, need the branch creating index tree according to ACS (f), create index tree node simultaneously and authentication chain is from top to bottom built to node distributed key, and utilize the asymmetric-key encryption file key kf of root node, finally utilize file encryption module to realize encryption and the signature of file, index tree nodal information, authentication chain, data and key ciphertext are uploaded onto the server.

In files passe process: 1) character is that the access rights that 1 role representing its correspondence has this file need to increase the role's authentication between corresponding role to this node; 2) key that cipher key index leaf nodes is corresponding is public private key pair (g ^xmod p, x), nonleaf node is that the random symmetric key produced is so need to judge whether this node is leaf node when creating new node.Concrete following file publishing method, wherein access control matrix converts cipher key index tree to through algorithm,

With access control matrix ACS (f), the symmetric key dk of database side as input,

1) authentication chain corresponding to file f is obtained according to ACS (f);

2) the key vk of joint of the chain tail is calculated;

3) if | ACS (f) | >| chain length |, perform step 4), otherwise perform step 6);

4) the dominant vector ACS (f) ' that chain lacks relative to ACS (f) is calculated;

5) corresponding according to ACS (f) ' successively character generating indexes tree left and right node, and be new node distributed key, last leaf node distribution public private key pair, form authentication from top to bottom, if be right node, generate role's authentication of corresponding role and this right node, the symmetric key k of last stochastic generation file f simultaneously _f;

6) encryption and signature that file encryption module realizes file and file key is called, and index tree node, authentication chain, role's authentication, file f and the key k that will newly create _fciphertext upload onto the server.The role of distribute keys phase data storehouse end belonging to user, by safe lane, role key rk corresponding for user is sent to all users, server is that user corresponding to each role distributes corresponding outer key rk '.

At acquisition document stage, file access module is utilized to obtain the plaintext of file.Access control vector ACS (f) of user role information R and file f is sent, the authentication chain that server backspace file is corresponding and file key ciphertext Ckf, file encryption parameter f lag, file cipher text C with user orientation server _f.When flag is 0, user utilizes the role key held to resolve authentication chain and obtains encrypt file key k _fkey, this key is that (private key is a to unsymmetrical key, and PKI is g ^amod P), and then utilize decipherment algorithm to obtain file key k _f, finally according to k _fobtain the plaintext of file f.When flag is 1, first obtains the ciphertext of file according to the outer infill layer of the outer secret key decryption of role, and then obtain the key k of file f _f, be decrypted and obtain file f clear data.

According to a further aspect in the invention, policy update mainly comprises file permission and upgrades, update of role two kinds of situations.Combine encryption key module, data management module again by authority update module and update of role module respectively to complete.

For file permission update status, file access authority upgrades and is divided into file access authority authorize and reclaim, and corresponding for role R in access control matrix corresponding for file f numerical value is become 0 file authorizing from 1 and then becomes 1 from 0 by authority recovery.For cipher key index tree, the essence that file access authority upgrades is file and the switching of file key between different secure resources group, therefore utilizes again encryption key CMOS macro cell encryption key (g again when access rights are authorized ^rmod P) ^a-b, now do not need transaction file key k _f, only need upgrade encryption k _fkey a, finally by server by file key k _fagain be encrypted to the key ciphertext of new key encryption; Not only need when authority is cancelled to upgrade encrypt file key k _fkey a, need to change file key kf into k ' simultaneously _f, finally also need to utilize double layer encryption policy update data ciphertext.File permission renewal process is specific as follows:

With file index ID, file source and destination access control vector sacl, dacl, policy update type type as input;

1) first sacl is obtained, the authentication chain schain that dacl is corresponding, dchain;

2) the key oldsk of the tail node of two authentication chains is obtained respectively, newsk;

3) if | dchain|<|dacl|, perform step 4), otherwise perform step 5);

4) utilize above-mentioned file publishing method to complete the generations such as index tree node corresponding to corresponding dacl and authentication chain, obtain the unsymmetrical key newsk ' of leaf node corresponding to this branch, and assignment is to newsk;

5) if type=0 need authorize, step 6 is performed) and step 7), otherwise expression is cancelled, and performs step 8);

6) encrypting module generates encryption parameter k again again _fk ' ^-1 _f, oldsk-newsk, generates rk=k by server end _f/ k ' _f(g ^rmod P) ^a-b;

7) if file f policy update parameter f lag=0, completed the encryption again of encrypt data by server, and flag is changed to 1; Otherwise obtain file f expressly by file access function, utilize new encryption key k ' _fgenerate new ciphertext and end of uploading onto the server, change flag into 0;

8) encrypting module generates encryption parameter parameter oldsk-newsk again again, generates rk=(g by server end ^rmod P) ^a-b.

For update of role situation, the role of user is become dr from sr by database side, and server returns all needs according to request and upgrades the authentication of node key, and namely returning sr can the node set common factor node that can not access of the node set of visit data and dr and authentication chain.

The set of authentication chain comprises following 3 kinds: containing leaf node authentication chain set LT, not containing leaf node authentication chain set NLT, role's authentication set RT.First obtaining role dr can not access node, then obtains the node set BN that set of node CN and dr that sr can access can not access, and to obtain from root node through the authentication chain of BN and CN to leaf node, is returned to database side.Database side is to the node in authentication chain between CN and BN again distributed key, and form new authentication chain from top to bottom, the file cipher text of secure resources group that simultaneously the similar authority mode batch process authentication chain of cancelling is corresponding and the renewal of the file key ciphertext of correspondence.

Update of role detailed process is as follows:

1) former role and object role R1, R2 is obtained;

2) R1 is obtained at L _r1in the cipher key node set CN that holds; Obtain R2 at L _r2the node set BN of the key do not held in layer;

3) searching loop CN and BN gets node n;

4) the preorder traversal index tree that is root node with node n, obtains L successively _r1layer and L _r2layer is all will the more node set of new key and authentication chain, comprises role's authentication;

5) authentication information needing to upgrade, nodal information are returned to database side, database side re-starts key distribution to needing the node upgraded, and form new authentication chain, all role's authentications of role R1 are upgraded, to role R1 again distributed key;

6) to the new symmetric key k ' of secure resources group SCi stochastic generation related to _f, unsymmetrical key is regenerated to leaf node, and generates encryption key parameters again;

7) if file f policy update parameter f lag=0, completed the encryption again of encrypt data by server, and flag is changed to 1; Otherwise obtain file f expressly, utilize new encryption key k ' _fgenerate new ciphertext and end of uploading onto the server, flag is set to 0.

In sum, encryption method of the present invention reduces the complexity of database side maintenance key, improves key safety; Cryptographic tasks is transferred to server to perform, reduce the expense of key updating.Meanwhile, the present invention utilizes the encryption policy of improvement to reduce the return frequency of data as far as possible, saves computing cost and communication overhead from key and data two aspects.

Obviously, it should be appreciated by those skilled in the art, above-mentioned of the present invention each module or each step can realize with general computing system, they can concentrate on single computing system, or be distributed on network that multiple computing system forms, alternatively, they can realize with the executable program code of computing system, thus, they can be stored and be performed by computing system within the storage system.Like this, the present invention is not restricted to any specific hardware and software combination.

Should be understood that, above-mentioned embodiment of the present invention only for exemplary illustration or explain principle of the present invention, and is not construed as limiting the invention.Therefore, any amendment made when without departing from the spirit and scope of the present invention, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.In addition, claims of the present invention be intended to contain fall into claims scope and border or this scope and border equivalents in whole change and modification.

Claims (5)

1. a content safety access method, for being encrypted file in cloud computing environment, is characterized in that, comprising:

Utilize again to encrypt and the key of database side file data is upgraded;

Access control policy is performed according to access control matrix.

2. method according to claim 1, it is characterized in that described cloud computing environment comprises database side, user side and Cloud Server, described database side comprises key tree and builds module, file permission update module, data management module, update of role module, again encryption key module;

Wherein said key tree builds module and is used for converting corresponding cipher key index tree to according to access control matrix;

Described update of role module is used for user role and upgrades, and process key upgrades and Data Update simultaneously;

Described file permission update module for authorizing or cancelling the access rights of role R to file f, and upgrades relevant authentication, key, data; The described spanned file of encrypting module again key k _fthe rk of encryption key again, and passed to the encryption again that server completes file symmetric key;

The encryption that described data management module realizes data is uploaded, and completes Data Update according to double layer encryption strategy; User side include file access modules, utilizes user role key and associated authentication information acquisition decruption key to obtain cleartext information.

3. method according to claim 2, is characterized in that, described double layer encryption strategy comprises further:

When authority removal process file authority odd-times changes, not backspace file data, only complete the renewal of key by encryption mechanism again, the outer encryption key of server by utilizing role is encrypted again to file cipher text simultaneously, and the key preserved before the user after cancelling to prevent authority utilizes obtains plaintext document; When even-times, the ciphertext that database side obtains double layer encryption is decrypted and file re-encrypted, utilizes simultaneously and has again encrypted key updating.

4. method according to claim 3, it is characterized in that, when the role of user is become the update of role of object role dr from former role sr by database side, server returns all needs according to request and upgrades the authentication of node key, and namely returning sr can the node set common factor node that can not access of the node set of visit data and dr and the set of authentication chain; The set of described authentication chain comprises following 3 kinds: containing leaf node authentication chain set LT, not containing leaf node authentication chain set NLT, role's authentication set RT; First obtaining role dr can not access node, then obtains the node set BN that set of node CN and dr that sr can access can not access, and to obtain from root node through the authentication chain of BN and CN to leaf node, is returned to database side; Database side to the node in authentication chain between CN and BN again distributed key, and forms new authentication chain from top to bottom, the renewal of the file cipher text of secure resources group that the mode batch process authentication chain of simultaneously cancelling with authority is corresponding and the file key ciphertext of correspondence.

5. method according to claim 4, is characterized in that, before files passe to server end, database side needs file data form to process, and comprises further:

1) be ID that file allocation one is unique;

2) be the encryption key dk that file Stochastic choice one is symmetrical, and symmetric cryptography is carried out to file, utilize the hash value of the root key of database side to file to sign simultaneously;

3) file binary system path in index tree is deposited as file path, authentication chain is obtained by user, mark flag is set for judging that whether file is by double layer encryption, individual layer is only had to encrypt if flag is 0 expression, if flag=1, comprise double layer encryption, and flag is reset to 0, when server for encrypting one time, flag increases 1;

Server is that each role in role set R safeguards an outer key, and is provided to the role of correspondence by escape way, and upgrades along with the outer key of change to role of authority number of undo levels;

When file f odd-times authority reclaims, the symmetric key of file f is constant, and a database side spanned file key k _fthe rk of encryption key again, and send it to server, complete k _fencryption again; Server end upgrades corresponding outer key of cancelling role, and utilizes the new outer symmetric key of corresponding role to be encrypted file cipher text; When file f even-times authority reclaims, data ciphertext returns by database side, and regenerates file cipher text after carrying out two-layer deciphering, generates new file key k ' simultaneously _fwith ancient deed key k _fthe rk of encryption key again, and send to server complete file key upgrade;

Described update of role is further comprising the steps:

1) former role and object role R1, R2 is obtained;

2) R1 is obtained at L _r1in the cipher key node set CN that holds; Obtain R2 at L _r2the node set BN of the key do not held in layer;

3) each node n in searching loop CN and BN;

4) the preorder traversal index tree that is root node with node n, obtains L successively _r1layer and L _r2layer is all will the more node set of new key and authentication chain, and role's authentication;

5) authentication information needing to upgrade, nodal information are returned to database side, database side re-starts key distribution to needing the node upgraded, and form new authentication chain, all role's authentications of role R1 are upgraded, to role R1 again distributed key;

6) to the new symmetric key k ' of secure resources group SCi stochastic generation related to _f, unsymmetrical key is regenerated to leaf node, and generates encryption key parameters again;

7) if file f policy update parameter f lag=0, completed the encryption again of encrypt data by server, and flag is changed to 1; Otherwise obtain file f expressly, utilize new encryption key k ' _fgenerate new ciphertext and end of uploading onto the server, flag is set to 0.