Revocable and Traceable Data Sharing and Encryption Methods in Cloud Computing Environments
Ming Fang, Xin Li, Yuanliang Zhang, Handong LuABSTRACT
Cloud computing faces critical security challenges in permission management and leak traceability. This paper proposes a revocable and traceable data sharing scheme addressing limitations in revocation timeliness, tracking accuracy, and multi‐authority collaboration. Our framework involves four components: attribute authorities for key management, public clouds for secure storage and re‐encryption, data owners using binary decision tree policies for pre‐encryption, and data users requiring policy compliance for decryption. Technically, we combine bilinear mapping with attribute‐based encryption for fine‐grained access control, optimizing performance via strategic key segmentation. Security mechanisms include key integrity verification, precise traitor tracking, and dynamic key updates with real‐time ciphertext re‐encryption for immediate revocation. Evaluation on a manufacturing data platform demonstrates practical effectiveness, handling 1 GB design documents with re‐encryption times of 3.5–4.3 s post‐permission changes. The solution maintains strong privacy, keeping information entropy below 0.20, achieving an optimal security‐tracking‐performance balance.