云存储环境下的密文安全共享机制

姚文斌; 韩司; 李小勇

doi:10.11959/j.issn.1000-436x.2015211

您当前的位置：

首页 >

文章列表页 >

云存储环境下的密文安全共享机制

学术论文 | 更新时间：2024-06-05

- 云存储环境下的密文安全共享机制
- Security sharing scheme for encrypted data in cloud storage
- 通信学报 2015年36卷第10期页码：1-8
- 作者机构：
  
  北京邮电大学智能通信软件与多媒体北京市重点实验室，北京 100876
- 作者简介：
  
  [ "姚文斌（1973-），男，黑龙江哈尔滨人，北京邮电大学教授、博士生导师，主要研究方向为灾备技术、信息安全、可信计算等。" ]
  [ "韩司（1988-），女，安徽砀山人，北京邮电大学博士生，主要研究方向为信息安全、系统容灾、可信计算。" ]
  [ "李小勇（1975-），男，甘肃天水人，北京邮电大学副教授，主要研究方向为分布式计算、可信计算、网络安全等。" ]
- 基金信息：
  
  国家自然科学基金资助项目(61370069);国家高技术研究发展计划（“863”计划）基金资助项目(2012AA012600)
- DOI：10.11959/j.issn.1000-436x.2015211
  中图分类号： TP393
- 网络出版日期：2015-10，
  
  纸质出版日期：2015-10-25
- 稿件说明：
移动端阅览
姚文斌, 韩司, 李小勇. 云存储环境下的密文安全共享机制[J]. 通信学报, 2015,36(10):1-8.

Wen-bin YAO, Si HAN, Xiao-yong LI. Security sharing scheme for encrypted data in cloud storage[J]. Journal on communications, 2015, 36(10): 1-8.
姚文斌, 韩司, 李小勇. 云存储环境下的密文安全共享机制[J]. 通信学报, 2015,36(10):1-8. DOI： 10.11959/j.issn.1000-436x.2015211.

Wen-bin YAO, Si HAN, Xiao-yong LI. Security sharing scheme for encrypted data in cloud storage[J]. Journal on communications, 2015, 36(10): 1-8. DOI： 10.11959/j.issn.1000-436x.2015211.

摘要

云存储环境为海量数据的存储和共享提供方便的同时也带了安全隐患。为保证数据安全，用户将自己的隐私数据加密后存储在开放的云存储环境中，如何建立云存储环境下的密文访问控制机制是亟需解决的问题。基于CP-ABE算法的密文安全共享机制主要解决云存储环境下的密文访问控制问题。共享机制使用2个半可信中心进行密钥的生成和分发，降低访问控制对第三方的依赖性。同时，在用户密钥中加入标识信息，抵抗来自非法用户的串谋攻击。此外，提出用户密钥撤销算法，增强动态安全性。安全分析和实验结果表明，安全共享机制在保障云存储环境下数据安全共享的同时，适用于实际的云存储环境。

Abstract

With the convenient of storing and sharing data in cloud storage environment

the concerns about data security arised as well.To achieve data security on untrusted servers

user usually stored the encrypted data on the cloud storage environment.How to build a cipertext-based access control scheme became a pot issue.For the access control problems of ciphertext in cloud storage environment

a CP-ABE based data sharing scheme was proposed.Novel key generation and distribution strategies were proposed to reduce the reliance on a trusted third party.Personal information was added in decryption key to resistant conclusion attacks at the same time.Moreover

key revocation scheme was proposed to provide the data backward secrecy.The security and implement analysis proves that proposed scheme is suit for the real application environment.

关键词

Keywords

references

MELL P , GRANCE T . The NIST Definition of Cloud Computing [R ] . National Institute of Standards and Technology,Tech Rep , 2009 .

GOYAL V , PANDY O , SAHAI A , et al . Attribute-based encryption for fine-grained access control of encrypted data [A ] . Proceedings of the 13th ACM Conference on Computer and Communications Security(CCS) [C ] . ACM , 2006 . 89 - 98 .

YU S , WANG C , REN K , et al . Achieving secure,scalable,and fine grained data access control in cloud computing [A ] . International Conference on Computer Communications(INFOCOM) [C ] . 2010 . 1 - 9 .

孙国梓 , 董宇 , 李云 . 基于CP-ABE算法的云存储数据访问控制 [J ] . 通信学报 , 2011 , 32 ( 7 ): 146 - 152 .

SUN G Z , DONG Y , LI Y . CP-ABE based data access control for cloud storage [J ] . Journal on Communications , 2011 , 32 ( 7 ): 146 - 152 .

ZHOU Z B , HUANG D J , WANG Z J . Efficient privacy-preserving ciphertext-policy attribute based-encryption and broadcast encryption [J ] . IEEE Transactions on Computers , 2015 , 64 ( 1 ): 126 - 138 .

DONG X , YU J , LUO Y , et al . Achieving an effective,scalable and privacy-preserving data sharing service in cloud computing [J ] . Computers ＆ Security , 2014 , 42 : 151 - 164 .

YANG K , JIA X . DAC-MACS:effective data access control for multi-authority cloud storage systems [J ] . Security for Cloud Storage Systems , 2014 : 59 - 83 .

SUBRAMANIAN J V , PANDIAN A , KUMAR M . Improving security and efficiency in attribute-based data sharing [J ] . Networking and Communication Engineering , 2012 , 4 ( 2 ): 76 - 83 .

JUNG T , LI X Y , WAN Z , et al . Privacy preserving cloud data access with multi-authorities [A ] . INFOCOM,2013 Proceedings IEEE [C ] . 2013 . 2625 - 2633 .

WAN Z , LIU J , DENG R H . HASBE:a hierarchical attribute-based solution for flexible and scalable access control in cloud computing [J ] . Information Forensics and Security,IEEE Transactions , 2012 , 7 ( 2 ): 743 - 754 .

SUBRAMANIAN J V , PANDIAN A , KUMAR M . Improving security and efficiency in attribute-based data sharing [J ] . Networking and Communication Engineering , 2012 , 4 ( 2 ): 76 - 83 .

YANG K , JIA X . DAC-MACS:effective data access control for multi-authority cloud storage systems [J ] . IEEE Transactions on Information Forensics ＆ Security , 2013 , 8 ( 11 ): 1790 - 1801 .

WAN Z , LIU J , ZHANG R , et al . A collusion-resistant conditional access system for flexible-pay-per-channel pay-TV broadcasting [J ] . Multimedia,IEEE Transactions , 2013 , 15 ( 6 ): 1353 - 1364 .

苏金树 , 曹丹 , 王小峰 , 等 . 属性基加密机制 [J ] . 软件学报 , 2011 , 22 ( 6 ): 1299 - 1315 .

SU J S , CAO D , WANG X F , et al . Auribate-based encryption schemes [J ] . Journal of Software , 2011 , 22 ( 6 ): 1299 - 1315 .

BELLARE M , DESAI A , POINTCHEVAL D . Relations among notions of security for public-key encryption schemes [J ] . Lecture Notes in Computer Science , 1998 , 1462 : 22 - 45 .

DOSHI N , JINWALA D C . Fully secure ciphertext policy attribute-based encryption with constant length ciphertext and faster decryption [J ] . Security and Communication Networks , 2014 , 7 ( 11 ): 1988 - 2002 .

浏览量

1243

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

云存储下多用户协同访问控制方案

基于属性加密的区块链数据溯源算法

支持高效密文密钥同步演化的安全数据共享方案

面向云存储的基于属性加密的多授权中心访问控制方案

权限分离的属性基加密数据共享方案