Controlling data access in public cloud storage systems is a difficult topic. The Cipher text-Policy Attribute-Based Encryption has emerged as a promising approach for cloud storage data access control that is flexible, fine-grained, and safe. When using a Cipher Text-Policy Attribute-Based Encryption approach in a large-scale cloud storage system, the single attribute authority must handle the time-consuming user legitimacy verification and secret key distribution, creating a single-point performance bottleneck. Users may be kept in the waiting queue for an extended period of time in order to obtain their secret keys, resulting in low system efficiency. To disperse the load of user validity verification, our architecture employs a number of attribute authorities. Meanwhile, in our strategy, a CA (Central Authority) is created to create secret keys for valid users.  To strengthen security, we additionally provide an auditing tool for discovering which AA (Attribute Authority) performed the validity verification operation incorrectly or maliciously. According to our findings, our approach not only meets security criteria but also greatly improves key generation performance.

Z. Fu, K. Ren, J. Shu, X. Sun, and F. Huang, “Enabling personalized search over encrypted outsourced data with efficiency improvement,” IEEE Transactions on Parallel& Distributed Systems, vol. 27, no. 9, pp. 2546–2559, 2016.

P. Mell and T. Grance, “The NIST definition of cloud computing,” National Institute of Standards and Technology Gaithersburg, 2011

K. Xue and P. Hong, “A dynamic secure group sharing framework in public cloud computing,” IEEE Transactions on Cloud Computing, vol. 2, no. 4, pp. 459–470, 2014.

Y. Wu, Z. Wei, and H. Deng, “Attribute-based access to scalable media in cloud-assisted content sharing,” IEEETransactions on Multimedia, vol. 15, no. 4, pp. 778–788, 2013.

J. Hur, “Improving security and efficiency in attributebased data sharing,” IEEE Transactions on Knowledgeand Data Engineering, vol. 25, no. 10, pp. 2271–2282, 2013.

J. Hur and D. K. Noh, “Attribute-based access control with efficient revocation in data outsourcing systems,” IEEE Transactions on Parallel and Distributed Systems,vol. 22, no. 7, pp. 1214–1221, 2011.

J. Hong, K. Xue, W. Li, and Y. Xue, “TAFC: Time and attribute factors combined access control on timesensitive data in public cloud,” in Proceedings of 2015IEEE Global Communications Conference (GLOBECOM2015). IEEE, 2015, pp. 1–6.

Y. Xue, J. Hong, W. Li, K. Xue, and P. Hong, “LABAC:A location-aware attribute-based access control scheme for cloud storage,” in Proceedings of 2016 IEEE Global Communications Conference (GLOBECOM 2016). IEEE, 2016, pp. 1–6.

A. Lewko and B. Waters, “Decentralizing attribute-based encryption,” in Advances in Cryptology–EUROCRYPT2011. Springer, 2011, pp. 568–588.

J. Chen and H. Ma, “Efficient decentralized attribute based access control for cloud storage with user revocation,” in Proceedings of 2014 IEEE International Conference on Communications (ICC 2014) IEEE, 2014, pp. 3782–3787