面向移动云的属性基密文访问控制优化方法

刘建; 鲜明; 王会梅; 荣宏

doi:10.11959/j.issn.1000-436x.2018112

您当前的位置：

首页 >

文章列表页 >

面向移动云的属性基密文访问控制优化方法

学术论文 | 更新时间：2024-06-05

- 面向移动云的属性基密文访问控制优化方法
- Optimization method for attribute-based cryptographic access control in mobile cloud computing
- 通信学报 2018年39卷第7期页码：39-49
- 作者机构：
  
  国防科技大学电子科学学院，湖南长沙 410073
- 作者简介：
  
  [ "刘建（1986-），男，山东泰安人，博士，国防科技大学讲师，主要研究方向为通信网信息安全、云计算与大数据安全、隐私保护等。" ]
  [ "鲜明（1970-），男，四川南充人，博士，国防科技大学研究员，主要研究方向为网络安全评估、云计算系统安全与数据安全、数据挖掘及隐私保护技术等。" ]
  [ "王会梅（1981-），女，河北行唐人，博士，国防科技大学讲师，主要研究方向为网络安全评估、云计算与大数据安全等。" ]
  [ "荣宏（1988-），男，山西大同人，国防科技大学博士生，主要研究方向为数据挖掘及隐私保护技术。" ]
- 基金信息：
- DOI：10.11959/j.issn.1000-436x.2018112
  中图分类号： TP309.2
- 网络出版日期：2018-07，
  
  纸质出版日期：2018-07-25
- 稿件说明：
移动端阅览
刘建, 鲜明, 王会梅, 等. 面向移动云的属性基密文访问控制优化方法[J]. 通信学报, 2018,39(7):39-49.

Jian LIU, Ming XIAN, Huimei WANG, et al. Optimization method for attribute-based cryptographic access control in mobile cloud computing[J]. Journal on communications, 2018, 39(7): 39-49.
刘建, 鲜明, 王会梅, 等. 面向移动云的属性基密文访问控制优化方法[J]. 通信学报, 2018,39(7):39-49. DOI： 10.11959/j.issn.1000-436x.2018112.

Jian LIU, Ming XIAN, Huimei WANG, et al. Optimization method for attribute-based cryptographic access control in mobile cloud computing[J]. Journal on communications, 2018, 39(7): 39-49. DOI： 10.11959/j.issn.1000-436x.2018112.

摘要

针对移动云数据安全共享与访问控制问题，综合考虑当前密文访问控制机制的不足以及移动终端资源受限、网络带宽较低等特点，提出了一种面向移动云的属性基密文访问控制优化方法。通过引入属性基加密运算分割和双重加密机制，并结合多秘密共享技术进行改进，实现了移动用户数据发布和权限管理开销的大幅优化。理论和实验分析表明，所提方案在安全性、计算和网络开销等方面均能够满足移动云中的访问控制需求，具有良好的应用前景。

Abstract

For the problem of secure data sharing and access control in mobile cloud

the drawback of traditional cryptographic access control schemes was deeply analyzed.Considering the truth that mobile devices were usually equipped with limited resources

an optimized attribute-based cryptographic access control scheme was proposed in this study.In the proposed scheme

a third party proxy was introduced into the system model

and the two-layer encryption method was applied.Combining traditional attribute-based encryption (ABE) algorithm with multi-secret sharing and split measurement of ABE encryption

the scheme could greatly reduce the cost of mobile users in terms of data publish and access management.Theoretical and experimental analysis shows that the contribution can well meet the requirements of mobile cloud in terms of security

computational complexity and communication cost

which means that it is promising for future applications.

关键词

Keywords

references

李瑞轩 , 董新华 , 辜希武 , 等 . 移动云服务的数据安全与隐私保护综述 [J ] . 通信学报 , 2013 , 34 ( 12 ): 158 - 166 .

LI R X , DONG X H , GU X W , et al . Overview of the data security and privacy-preserving of mobile cloud services [J ] . Journal on Communications , 2013 , 34 ( 12 ): 158 - 166 .

苏铓 , 史振国 , 谢绒娜 , 等 . 面向移动云计算的多要素代理重加密方案 [J ] . 通信学报 , 2015 , 36 ( 11 ): 73 - 79 .

SU M , SHI Z G , XIE R N , et al . Multi-element based on proxy re-encryption scheme for mobile cloud computing [J ] . Journal on Communications , 2015 , 36 ( 11 ): 73 - 79 .

崔勇 , 宋健 , 缪葱葱 , 等 . 移动云计算研究进展与趋势 [J ] . 计算机学报 , 2017 , 40 ( 2 ): 273 - 295 .

CUI Y , SONG J , MIAO C C , et al . Mobile cloud computing research progress and trends [J ] . Chinese Journal of Computers , 2017 , 40 ( 2 ): 273 - 295 .

王于丁 , 杨家海 , 徐聪 , 等 . 云计算访问控制技术研究综述 [J ] . 软件学报 , 2015 , 26 ( 5 ): 1129 - 1150 .

WANG Y D , YANG J H , XU C , et al . Survey on access control technologies for cloud computing [J ] . Journal of Software , 2015 , 26 ( 5 ): 1129 - 1150 .

DONG C , RUSSELLO G , DULAY N . Shared and searchable encrypted data for untrusted servers [J ] . Journal of Computer Security , 2011 , 19 ( 3 ): 367 - 397 .

SAHAI A , WATERS B . Fuzzy identity-based encryption [M ] . Advances in Cryptology–EUROCRYPT , 2005 : 457 - 473 .

GOYAL V , PANDEY O , SAHAI A , et al . Attribute-based encryption for fine-grained access control of encrypted data [C ] // The 13th ACM Conference on Computer and Communications Security . 2006 : 89 - 98 .

BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryption [C ] // IEEE Symposium on Security and Privacy . 2007 : 321 - 334 .

WATERS B . Ciphertext-policy attribute-based encryption:an expressive,efficient,and provably secure realization [M ] . Public Key Cryptography–PKC , 2011 : 53 - 70 .

ZHOU L , VARADHARAJAN V , HITCHENS M . Achieving secure role-based access control on encrypted data in cloud storage [J ] . IEEE Transactions on Information Forensics and Security , 2013 , 8 ( 12 ): 1947 - 1960 .

ROUSELAKIS Y , WATERS B . Practical constructions and new proof methods for large universe attribute-based encryption [C ] // ACM Sigsac Conference on Computer ＆ Communications Security . 2013 : 463 - 474 .

LIANG X , CAO Z , LIN H , et al . Attribute based proxy re-encryption with delegating capabilities [C ] // The 4th International Symposium on Information,Computer,and Communications Security . 2009 : 276 - 286 .

YU S , WANG C , REN K , et al . Achieving secure,scalable,and fine-grained data access control in cloud computing [C ] // The 29th Conference on Information Communications . 2010 : 534 - 542 .

YANG K , JIA X , REN K . Secure and verifiable policy update outsourcing for big data access control in the cloud [J ] . IEEE Transactions on Parallel and Distributed Systems , 2015 , 26 ( 12 ): 3461 - 3470 .

CHENG Y , WANG Z Y , MA J , et al . Efficient revocation in ciphertext-policy attribute-based encryption based cryptographic cloud storage [J ] . Frontiers of Information Technology ＆ Electronic Engineering , 2013 , 14 ( 2 ): 85 - 97 .

YANG K , JIA X , REN K , et al . DAC-MACS:effective data access control for multi-authority cloud storage systems [J ] . IEEE Transactions on Information Forensics and Security , 2013 , 8 ( 11 ): 1790 - 1801 .

HAN J , SUSILO W , MU Y , et al . Improving privacy and security in decentralized ciphertext-policy attribute-based encryption [J ] . IEEE Transactions on Information Forensics and Security , 2015 , 10 ( 3 ): 665 - 678 .

HOHENBERGER S , WATERS B . Online/offline attribute-based encryption [M ] . Public-Key Cryptography , 2014 : 293 - 310 .

GREEN M , HOHENBERGER S , WATERS B . Outsourcing the decryption of ABE ciphertexts [C ] // The 20th USENIX Conference on Security . 2011 :34.

LIN S , ZHANG R , MA H , et al . Revisiting attribute-based encryption with verifiable outsourced decryption [J ] . IEEE Transactions on Information Forensics and Security , 2015 , 10 ( 10 ): 2119 - 2130 .

SABRINA D C , SARA F , SUSHIL J , et al . Over-encryption:management of access control evolution on outsourced data [C ] // The 33rd International Conference on Very Large Data Bases . 2007 : 123 - 134 .

洪澄 , 张敏 , 冯登国 . 面向云存储的高效动态密文访问控制方法 [J ] . 通信学报 , 2011 , 32 ( 7 ): 125 - 132 .

HONG C , ZHANG M , FENG D G . Achieving efficient dynamic cryptographic access control in cloud storage [J ] . Journal on Communications , 2011 , 32 ( 7 ): 125 - 132 .

BEIMEL A . Secure schemes for secret sharing and key distribution [M ] . Technion-Israel Institute of Technology,Faculty of Computer Science , 1996 .

BEIMEL A . Secret-sharing schemes:a survey [M ] . Coding and cryptology , 2011 : 11 - 46 .

YU S , WANG C , REN K , et al . Attribute based data sharing with attribute revocation [C ] // The 5th ACM Symposium on Information,Computer and Communications Security . 2010 : 261 - 270 .

AKINYELE J A , GARMAN C , MIERS I , et al . Charm:a framework for rapidly prototyping cryptosystems [J ] . Journal of Cryptographic Engineering , 2013 , 3 ( 2 ): 111 - 128 .

浏览量

1012

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

面向云存储且支持重加密的多关键词属性基可搜索加密方案

支持直接撤销的密文策略属性基加密方案

数据外包环境下一种支持撤销的属性基加密方案

权限分离的属性基加密数据共享方案

基于区块链的噪声化数据分享控制协议