Abstract: Inpublic cloud storage system protecting the data and controlling the data accessis a challenging issue. Cipher text Policy Attribute-Based Encryption (CP-ABE)has been adopted as a promising technique to provide flexible, fine-grained andsecure data access control for cloud storage with honest-but-curious cloudservers. However numerous works have been proposed using CP-ABE scheme, inwhich the single attribute authority must execute the time-consuming userlegitimacy verification and secret key distribution and hence it results in asingle-point performance bottleneck when a CP-ABE scheme is adopted in alarge-scale cloud storage system. Clients may be stuck in the waiting line fora long stretch to get their mystery keys, which results in low-efficiency ofthe framework. Even though the multi authority access control plans have beenproposed, these plans still cannot conquer the disadvantages of single-pointbottleneck and low efficiency; because of the way that each of the authoritystill autonomously deals with a disjoint characteristic set. In this work, ithas been proposed a novel heterogeneous framework to remove the problem ofsingle point performance bottleneck and provide a more efficient access controlscheme with an auditing mechanism. This framework employs multiple attributeauthorities to share the load of user legitimacy verification. Meanwhile, inthis scheme, a CA (Central Authority) is introduced to generate secret keys forlegitimacy verified users and each of the authorities in our scheme manages thewhole attribute set individually. This system makes performance improvement inkey generation and also guarantees security requirement
Keywords: Cloud storage, Access control, Auditing, CPABE.