The cloud storage is the best option to outsource big data, as the cloud has the capability of storing a huge volume of data. However, cloud storage brings new concerns for privacy, fine-grained access control and data duplication, which are crucial for big data storage in the cloud. Existing solutions of data duplication over encrypted data schemes do not provide fine-grained access control. Recently, Cui et al. proposed the data duplication over encrypted data along with attribute based access control in 2017. However, this scheme suffers from the following issues: 1) it does not verify the data ownership which is essentially required for data protection when multiple users outsource the same data 2) it does not provide the data ownership management, which creates a chance to upload the false data by the ownership revoked owner 3) it suffers from communication and computation overhead during deduplication and encryption process. To improve the Cui et al. scheme, in this paper, we propose an enhanced attribute based access control with secure deduplication for big data storage in cloud (EABAC-SD). Our EABAC-SD scheme achieves dynamic ownership management using the group key. Our scheme allows only authorized data owners to upload the data which enhances the security. Further, our EABAC-SD scheme cuts down the communication and computation overhead of the encryption and deduplication process. In addition, security analysis proves that our scheme protects the data privacy and consistency. Further, our scheme proves that ineligible data owners and ownership withdrawn data owners are not able to upload the data. Performance analysis shows that our EABAC-SD scheme is more efficient than Cui et al. scheme.

云存储是外包大数据的最佳选择，因为云具有存储大量数据的能力。但是，云存储带来了对隐私，细粒度访问控制和数据复制的新关注，这对于云中的大数据存储至关重要。现有的通过加密数据方案进行数据复制的解决方案无法提供细粒度的访问控制。最近，崔等人。在2017年提出了基于加密数据的数据复制以及基于属性的访问控制。但是，此方案存在以下问题：1）当多个用户外包同一数据时，它不验证数据保护所必需的数据所有权2 ）它不提供数据所有权管理，这会导致被所有权撤销的所有者上载虚假数据的机会3）在重复数据删除和加密过程中，它遭受了通信和计算开销的困扰。为了提高崔等。方案中，我们针对云中的大数据存储提出了一种具有安全重复数据删除功能的基于属性的增强访问控制（EABAC-SD）。我们的EABAC-SD方案使用组密钥实现动态所有权管理。我们的方案仅允许授权的数据所有者上载数据，从而提高了安全性。此外，我们的EABAC-SD方案减少了加密和重复数据删除过程的通信和计算开销。此外，安全性分析证明我们的方案可以保护数据隐私和一致性。进一步，我们的方案证明，不合格的数据所有者和所有权撤回的数据所有者无法上传数据。性能分析表明，我们的EABAC-SD方案比Cui等人更有效。方案。