数据信封技术在云数据安全中的应用

loud computing are providing flexible and convenient services to satisfy the increasing demand of customers. However, the resources stored in the cloud may stay unsafe. Traditional access control methods bring up great security overhead and redundant of data. We optimize the policy on resource dimension, and construct cloud applicable data envelopes with the aid of encryption technique and sticky policy. At the same time, we map accessible resources to data envelopes, enabling users request to the virtual resource pool. The decision method proposed in this paper differs from traditional methods that traverse all rules for an explicit result, and it achieves the on-demand decision for user request, and improves the efficiency and security of the system. Finally, we present a case study of patient privacy preserving in healthcare, and simulate the decision-making through amount of synthetic policies.