An Access Control Model Against Attribute Guessing Attacks for Data Sharing in Cloud Computing Environment

Data sharing is a fundamental component that facilitates collaboration and interoperability among entities in cloud computing environments. It enables cross-domain access, concurrent task execution, and parallel multi-task processing. However, challenges such as privacy breaches, vulnerabilities of sensitive data, and inflexible access control mechanisms are prevalent in data access scenarios. Many existing attribute-based searchable encryption (ABSE) schemes suffer from issues like keyword leakage, limited query methods, and susceptibility to attribute guessing attacks. To address these challenges, this paper proposes an attribute-based access control scheme designed to mitigate keyword-guessing attacks in cloud environments. The proposed scheme has several advantages: (1) Enhanced Privacy Protection: By employing attribute-based encryption (ABE), the scheme ensures user personal information and ciphertext attribute values remain protected during authentication through hidden attribute authentication techniques. (2) Resistance to Keyword-Guessing Attacks: The scheme utilizes an anti-guessing attribute encryption algorithm, ensuring that attribute keywords and access policies remain secure against guessing attacks during transmission. (3) A flexible ciphertext attribute search and matching algorithm enhances access control security and supports fine-grained access control. This approach achieves precise, adaptable, and stealthy access control while strengthening privacy protection. It also accommodates diverse search requirements and ensures robust fine-grained access control. Security analysis confirms its strong security. Performance analysis shows that it outperforms existing schemes.