Location and Time Based Access Security Control Scheme for Mobile Cloud Computing

With mobile cloud data storage, mobile users can offload personal and business data to the cloud for flexibility and save money. However, data outsourcing involves high levels of confidentiality and data protection risks. To address the aforementioned mobile cloud data storage problem, Attribute-Based Encryption (ABE) is proposed due to the flexibility of the encryption strategy and fine-grained access control. However, existing attribute-based multi-authority encryption schemes still require a trusted central authority to issue system parameters and generate secret user keys. In this article, we propose a multi-authority attribute-based access control system that ensures user anonymity, protects user identities from malicious permissions, and supports permission coexistence. Our system uses some location range restrictions with ABE as access policies, and subsequently grants authorization to users whose current location and time align with these policies. To verify security and assess the validity of our proposition, we employ the Scyther tool for verification and conduct experiments to validate its correctness.