浏览全部资源
扫码关注微信
云计算中基于时间和隐私保护的可撤销可追踪的数据共享方案
Time-based and privacy protection revocable and traceable data sharing scheme in cloud computing
- 通信学报 2021年42卷第10期 页码:81-94
- 作者机构:
西安电子科技大学网络与信息安全学院,陕西 西安 710071
- 作者简介:
[ "张嘉伟(1985- ),男,山西太原人,西安电子科技大学博士生,主要研究方向为网络安全、访问控制、数据安全、云计算安全和区块链等" ]
[ "马建峰(1963- ),男,陕西西安人,博士,西安电子科技大学教授、博士生导师,主要研究方向为网络安全、系统安全、数据安全和无人机安全等" ]
[ "马卓(1980- ),男,陕西延安人,博士,西安电子科技大学教授、博士生导师,主要研究方向为人工智能与无人系统安全、无线网络安全等" ]
[ "李腾(1991- ),男,陕西西安人,博士,西安电子科技大学讲师,主要研究方向为网络安全、系统日志分析、攻击检测、数据安全和隐私保护" ]
- 基金信息:国家自然科学基金资助项目(61902291);中国博士后基金资助项目(2019M653567);陕西省自然科学基金资助项目(2019JM-425);中央高校基本科研业务费专项资金资助项目(JB191507)
DOI:10.11959/j.issn.1000-436x.2021206
中图分类号: TP309-
网络出版日期:2021-10,
纸质出版日期:2021-10-25
- 稿件说明:
移动端阅览
张嘉伟, 马建峰, 马卓, 等. 云计算中基于时间和隐私保护的可撤销可追踪的数据共享方案[J]. 通信学报, 2021,42(10):81-94.
Jiawei ZHANG, Jianfeng MA, Zhuo MA, et al. Time-based and privacy protection revocable and traceable data sharing scheme in cloud computing[J]. Journal on communications, 2021, 42(10): 81-94.
张嘉伟, 马建峰, 马卓, 等. 云计算中基于时间和隐私保护的可撤销可追踪的数据共享方案[J]. 通信学报, 2021,42(10):81-94. DOI: 10.11959/j.issn.1000-436x.2021206.
Jiawei ZHANG, Jianfeng MA, Zhuo MA, et al. Time-based and privacy protection revocable and traceable data sharing scheme in cloud computing[J]. Journal on communications, 2021, 42(10): 81-94. DOI: 10.11959/j.issn.1000-436x.2021206.
摘要
传统的密文策略属性基加密方案为云计算数据共享服务提供细粒度访问控制功能的同时,其访问策略中的明文属性会导致隐私和敏感数据泄露,而且根据恶意用户泄露的解密密钥对其进行高效追踪并撤销是一个挑战性问题,同时,大多数现有可撤销方案中都存在着撤销列表过长、效率过低等缺陷。针对这些问题,基于密文策略属性基加密方法,提出一种可撤销可追踪的基于时间并具有隐私保护的云数据共享方案。通过隐藏访问策略的属性值,所提方案支持单调且部分隐藏的访问策略和大规模属性空间,并使用层级的基于身份加密技术设置用户密钥有效期从而实现基于时间限制的数据访问控制。在此基础上,利用白盒追踪和二叉树技术,所提方案实现了高效的用户追踪和具有较短用户撤销列表的直接用户撤销,并使用在线/离线和可验证外包解密技术提高整体效率。最后,在判定性q-BDHE假设下,所提方案被证明是安全的。理论分析和实验结果显示,所提方案在时间和存储开销方面具有较高的性能。
Abstract
General ciphertext-policy attribute-based encryption (CP-ABE) provides fine-grained access control for data sharing in cloud computing
but its plaintext formed access policy may cause leakage of private and sensitive data.And revoking a malicious user by accurately tracing the identity according to a leaked decryption key is a huge challenge.Moreover
most of existing revocable schemes incur long user revocation list and low efficiency.To solve these problems
a time-based and privacy preserving revocable and traceable data sharing scheme was proposed based on CP-ABE to support expressive monotonic and partial hidden access policy
large attribute universe by conceal the attribute values in access policy.Time-limited data access control using hierarchical identity-based encryption was achieved to set key valid period for users.Moreover
with the approaches of white-box tracing and binary tree
efficient user tracing and direct revocation with shorter revocation list was realized together with high efficiency via online/offline and verifiable outsourced decryption techniques.Furthermore
the scheme was secure under decisional q-BDHE assumption.Theoretical analysis and extensive experiments demonstrate its advantageous performance in computational and storage cost.
关键词
Keywords
references
ZHANG J W , MA J F , MA Z , et al . Efficient hierarchical data access control for resource-limited users in cloud-based e-health [C ] // Proceedings of 2019 International Conference on Networking and Network Applications (NaNA) . Piscataway:IEEE Press , 2019 : 319 - 324 .
MIAO Y B , WENG J , LIU X M , et al . Enabling verifiable multiple keywords search over encrypted cloud data [J ] . Information Sciences , 2018 , 465 : 21 - 37 .
MIAO Y B , DENG R H , LIU X M , et al . Multi-authority attribute-based keyword search over encrypted cloud data [J ] . IEEE Transactions on Dependable and Secure Computing , 2021 , 18 ( 4 ): 1667 - 1680 .
ISLAM M A , MADRIA S . Attribute-based encryption scheme for secure multi-group data sharing in cloud [J ] . IEEE Transactions on Services Computing , 2020 , PP ( 99 ): 1 .
ZHANG Z T , ZENG P , PAN B F , et al . Large-universe attribute-based encryption with public traceability for cloud storage [J ] . IEEE Internet of Things Journal , 2020 , 7 ( 10 ): 10314 - 10323 .
QI S Y , LU Y S , ZHENG Y Q , et al . CPDS:enabling compressed and private data sharing for industrial Internet of things over blockchain [J ] . IEEE Transactions on Industrial Informatics , 2021 , 17 ( 4 ): 2376 - 2387 .
HOHENBERGER S , WATERS B . Online/offline attribute-based encryption [C ] // International Workshop on Public Key Cryptography . Berlin:Springer , 2014 : 293 - 310 .
ROUSELAKIS Y , WATERS B . Practical constructions and new proof methods for large universe attribute-based encryption [C ] // Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security . New York:ACM Press , 2013 : 463 - 474 .
JOSHI M , JOSHI K , FININ T . Attribute based encryption for secure access to cloud based EHR systems [C ] // Proceedings of 2018 IEEE 11th International Conference on Cloud Computing (CLOUD) . Piscataway:IEEE Press , 2018 : 932 - 935 .
LIU Z C , JIANG Z L , WANG X , et al . Practical attribute-based encryption:outsourcing decryption,attribute revocation and policy updating [J ] . Journal of Network and Computer Applications , 2018 , 108 : 112 - 123 .
FAN W J , LI F , CHEN X W , et al . Deploying parallelised ciphertext-policy attributed-based encryption in clouds [J ] . International Journal of Computational Science and Engineering , 2018 , 16 ( 3 ): 321 .
NING J T , CAO Z F , DONG X L , et al . Auditable $\sigma $ -time outsourced attribute-based encryption for access control in cloud computing [J ] . IEEE Transactions on Information Forensics and Security , 2018 , 13 ( 1 ): 94 - 105 .
ZHANG Y H , ZHENG D , DENG R H . Security and privacy in smart health:efficient policy-hiding attribute-based access control [J ] . IEEE Internet of Things Journal , 2018 , 5 ( 3 ): 2130 - 2145 .
FAN K , XU H Y , GAO L X , et al . Efficient and privacy preserving access control scheme for fog-enabled IoT [J ] . Future Generation Computer Systems , 2019 , 99 : 134 - 142 .
CUI H , DENG R H , LAI J Z , et al . An efficient and expressive ciphertext-policy attribute-based encryption scheme with partially hidden access structures,revisited [J ] . Computer Networks , 2018 , 133 : 157 - 165 .
LI Q , ZHANG Y H , ZHANG T , et al . HTAC:fine-grained policy-hiding and traceable access control in mHealth [J ] . IEEE Access , 2020 , 8 : 123430 - 123439 .
ZHANG P , CHEN Z H , LIANG K T , et al . A cloud-based access control scheme with user revocation and attribute update [C ] // Information Security and Privacy . Cham:Springer , 2016 : 525 - 540 .
LI J G , YAO W , ZHANG Y C , et al . Flexible and fine-grained attribute-based data storage in cloud computing [J ] . IEEE Transactions on Services Computing , 2017 , 10 ( 5 ): 785 - 796 .
ZHANG J W , LI T , OBAIDAT M S , et al . Enabling efficient data sharing with auditable user revocation for IoV systems [J ] . IEEE Systems Journal , 2021 , PP ( 99 ): 1 .
ZHANG J W , MA J F , LI T , et al . Efficient hierarchical and time-sensitive data sharing with user revocation in mobile crowdsensing [J ] . Security and Communication Networks , 2021 , 2021 : 1 - 17 .
QIN B D , ZHAO Q L , ZHENG D , et al . (Dual) server-aided revocable attribute-based encryption with decryption key exposure resistance [J ] . Information Sciences , 2019 , 490 : 74 - 92 .
LIU Z H , DUAN S H , ZHOU P L , et al . Traceable-then-revocable ciphertext-policy attribute-based encryption scheme [J ] . Future Generation Computer Systems , 2019 , 93 : 903 - 913 .
HAN D Z , PAN N N , LI K C . A traceable and revocable ciphertext-policy attribute-based encryption scheme based on privacy protection [J ] . IEEE Transactions on Dependable and Secure Computing , 2020 , PP ( 99 ): 1 .
LIU J K , YUEN T H , ZHANG P , et al . Time-based direct revocable ciphertext-policy attribute-based encryption with short revocation list [C ] // Applied Cryptography and Network Security . Berlin:Springer , 2018 : 516 - 534 .
DE CARO A , IOVINO V . JPBC:Java pairing based cryptography [C ] // Proceedings of 2011 IEEE Symposium on Computers and Communications (ISCC) . Piscataway:IEEE Press , 2011 : 850 - 855 .
0
浏览量
786
下载量
0
CSCD
- 网络PDF下载
- XML下载
- Meta-XML下载
- BibTeX下载
- Endnote下载
- RefMan 下载
- NoteExpress下载
- NoteFirst下载
关联资源
相关文章
相关作者
相关机构
AI问答
鸿云智能
中文
- 技术支持由北京北大方正电子有限公司提供 京ICP备09064830号-19
京公网安备11010802024621 - 本系统建议在Chrome、 IE9+ 以上版本浏览器阅读本站内容,360浏览器请切换至极速模式
- Cookies帮助我们提供服务并提供个性化体验。使用本网站,即表示您同意我们使用Cookies
- 总访问量:151733 今日访问量:2