摘要:In this paper, we analyze Liu et al.’s scheme and show that their scheme is not secure. Then we modify their scheme and present an efficient access scheme to outsourced data. Our scheme adopts two-layer encryption model and all users are divided into different groups according to their access privilege. We employ filter functions to construct the key derivation procedure to prevent the revoked users from getting encryption key. Our scheme can realize dynamic access control without shipping outsourced data back to the data owner when group membership is changed. Moreover, our scheme can grant and revoke the users without updating any secret key of other users. Our scheme avoids publishing many public tokens for deriving the encryption key. The analysis of security and performance shows that our scheme is secure and efficient.
