Abstract
: Data access control is an effective way to ensure the data security in the cloud. Due to data outsourcing and untrusted cloud servers, the data access control becomes a challenging issue in cloud storage systems. Cipher text-Policy Attribute based Encryption (CPABE) is regarded as one of the most suitable technologies for data access control in cloud storage, because it gives data owners more direct control on access policies. However, it is difficult to directly apply existing CP-ABE schemes to data access control for cloud storage systems because of the attribute revocation problem. In this paper, an expressive, efficient and revocable data access control scheme for multiauthority cloud storage systems, where there are multiple authorities co-exist and each authority is able to issue attributes independently. Precisely, a revocable multi-authority CP-ABE scheme, and apply it as the underlying techniques to design the data access control scheme. A attribute revocation method can efficiently achieve both forward security and backward security.