| Abstract: | Threshold proxy re-encryption( PRE) authorizes the data access right of data subject to multiple proxies, who authorize the right again to delegatee to accomplish the end-to-end data encryption process from storage to authorization. Based on threshold PRE algorithm, in order to build a complete trusted data storage and authorization system, the four protocols, which are data access protocol, authorization proxy protocol, authorization proxy cancellation protocol and data reading authorization protocol, are defined completely. On that basis, an efficient data searching method is constructed by specifying the data delegatee. At last, to ensure the right to know of data, the audit log is processed with trusted data right confirmation based on distributed ledger technology. Meanwhile, a parallel data right confirmation processing method is defined based on hierarchical derivation algorithm of public and private key. In the end, the performance evaluation analysis of the protocol are given. Trusted data access and authorization protocol is convenient to build a complete data processing system on the premise of protecting data privacy based on public cloud storage system or distributed storage system. |
