期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于属性群的云存储密文访问控制方案 被引量:9

Cryptographic Access Control Scheme in Cloud Storage Based on Attribute Group
在线阅读 下载PDF
导出
摘要 提出一种基于属性群的云存储密文访问控制方案。采用对称加密算法加密大型数据文件,并用属性加密算法加密对称密钥,将重加密的任务转移到云服务提供商,从而降低数据拥有者的计算代价,且未向云服务提供商泄露额外信息。在属性和用户权限撤销时,以同一属性集下的不同用户为单位,数据拥有者不参与属性和用户权限的撤销,从而减轻数据拥有者的权限管理代价。分析结果表明,该方案在权限撤销时的效率优于已有的密文访问控制方案,支持细粒度的灵活访问控制策略,具有数据机密性、抗合谋攻击性、前向保密性和后向保密性。 This paper proposes a cryptographic access control scheme based on attribute group in cloud storage.The symmetric cryptosystem is used to encrypt the original data by the Data Owner(DO),and the attribute-based encryption algorithm is used to encrypt the symmetric key.DO delegate the task of data re-encryption to the Cloud Service Provider(CSP),which not only reduces the computational cost of DO,but also does not reveal extra information of the plaintext to CSP.The proposed scheme supports the unit of a collection of multiple users when any attribute or user is revoked.The fine-grained and flexible access control can be achieved by hybrid cryptosystem meachanism.Compared with the existing access control schemes,the proposed scheme is more efficient in revocation cost and can alleviate the administering burders on DO.The scheme guarantees collusion resistance against colluding users,data confidentiality,forward and backward secrecy.
作者 杨小东 王彩芬
机构地区 西北师范大学数学与信息科学学院
出处 《计算机工程》 CAS CSCD 2012年第11期20-22,26,共4页 Computer Engineering
基金 国家自然科学基金资助项目(61163038) 西北师范大学青年教师科研能力提升计划基金资助项目(NWNU-LKQN-10-22)
关键词 密文访问控制 云存储 属性群 用户权限撤销 重加密 cryptographic access control cloud storage attribute group user revocation re-encryption
分类号 TP309.7 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献2

二级参考文献24

  • 1Dignan L. Cloud computing hasn't gone fortune 500 yet, but it's coming[EB/OL]. [2011-04]. http://blogs.zdnet.com/ BTL/?p=8199.
  • 2Shamir A. Identity-based cryptosystems and signature schemes[C]//LNCS 196: Proceedings of the Advances in Cryptology (CRYPTO), 1985. Berlin, Heidelberg: Springer- Verlag, 1985: 47-53.
  • 3Boneh D, Franklin M. Identity-based encryption from the Weil pairing[C]//Proceedings of the Advances in Cryptology (CRYPTO), 2001. Berlin, Heidelberg: Springer- Veflag, 2001: 213-229.
  • 4Sahai A, Waters B. Fuzzy identity based encryption[C]// Proceedings of the Advances in Cryptology (EUROCRYPT), Aarhus, Denmark, 2005. Berlin, Heidelberg: Springer- Verlag, 2005: 457--473.
  • 5Goyal V, Pandey O, Sahai A, et al. Attribute based encryption for fine-grained access control of encrypted data[C]//Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS '06). New York, NY, USA: ACM, 2006: 89-98.
  • 6Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption[C]//Proceedings of the 2007 IEEE Symposium on Security and Privacy, Oakland, California, USA, 2007. Washington, DC, USA: IEEE Computer Society, 2007: 321-334.
  • 7Liang Xiaohui, Cao Zhenfu, Lin Huang, et al. Attribute based proxy re-encryption with delegating capabilities[C]//Proceedings of the 4th International Symposium on Information, Computer and Communications Security (ASIACCS 2009). New York, NY, USA: ACM, 2009: 276-286.
  • 8Hong Cheng, Zhang Min, Feng Dengguo. AB-ACCS: a cryptographic access control scheme for cloud storage[J]. Journal of Computer Research and Development, 2010, 47(Suppl): 259-265.
  • 9Pirretti M, Traynor P, McDaniel P, et al. Secure atrribute-based systems[C]//Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS '06). New York, NY, USA" ACM, 2006: 99-112.
  • 10Yu Shucheng, Wang Cong, Ren Kui, et al. Attribute based data sharing with attribute revocation[C]//Proceedings of the 5th International Symposium on Information, Computer and Communications Security (ASIACCS 2010). New York, NY, USA: ACM, 2010: 261-270.

共引文献98

同被引文献55

  • 1Sandhu R,Coyne E J,Feinstein H L. Role-based access con- trol models[ J ]. IEEE computer, 1996,29 (2) :38-47.
  • 2Sahai A, Waters B. Fuzzy identity - based encryption [ C ]// Proc of EUROCRYPT. [ s. 1. ] : [ s. n. ,2005:457-473.
  • 3Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data[ C ]//Pro- ceedings of the ACM conference on computer and communica- tions security. [ s. 1. ] : [ s. n. ] ,2006:89-98.
  • 4Bethencourt J,Sahai A,Waters B. Ciphertext-policy attribute -based encryption [ C ]//Proceedings of IEEE symposium on security and privacy. [ s. 1. ] : [ s. n. ] ,2007:321-334.
  • 5Boneh D, Boyen X, Goh E J. Hierarchical identity based en- cryption with constant size ciphertext [ C ]//Proc of EURO- CRYPT 2005. [ s. 1. ] : [ s. n. ] ,2005:440-456.
  • 6Ge A, Zhang R, Chen C. Threshold ciphertext policy attribute- based encryption with constant size ciphertexts [ C ]//Proc of ACISP. [ s. 1. ]:[ s. n. ] ,2012:336-349.
  • 7Wan Z, Liu J, Deng R H. HASBE: a hierarchical attribute- based solution for flexible and scalable access control in cloud computing[J]. IEEE transactions on information forensics and security ,2012,7 (2) :743-754.
  • 8Vaquero L M,Rodero-Merino L,Caceres J,et al.A Break in the Clouds:Towards a Cloud Definition[J].ACM SIGCOMM Computer Communication Review,2008,39(1):50-55.
  • 9Costanzo A,Assuncao M D,Buyya R.Harnessing Cloud Technologies for a Virtualized Distributed Computing Infrastructure[J].Internet Computing,2009,13(5):24-33.
  • 10Kim Y J,Thottan M,Kolesnikov V,et al.A Secure Decentralized Data-centric Information Infrastructure for Smart Grid[J].Communications Magazine,2010,48(11):58-65.

引证文献9

二级引证文献44

计算机工程
2012年 第11期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部