期刊文献+

基于代理重加密的云端多要素访问控制方案 被引量:4

Proxy re-encryption based multi-factor access control scheme in cloud
下载PDF
导出
摘要 云服务是天地一体化信息网络的重要应用形式之一,用户可以通过云快捷、方便地获取信息和服务。云端数据的机密性、完整性直接关系到天地一体化信息网络的数据安全,所以云端数据多以密文形式进行流通。云端访问控制技术的研究则需要面向密文数据,同时兼顾复杂环境下的多要素描述需求。以此为背景,结合代理重加密技术,提出一种云端多要素访问控制(PRE-MFAC,proxy re-encryption based multi-factor access control)方案,首先,明确设计目标和前提假设;其次,构造具体方案,描述PRE-MFAC系统模型和相关算法;最后,对PRE-MFAC的安全性、特点进行比较分析。PRE-MFAC通过将代理重加密技术和多要素访问控制融合,实现云端密文数据的多要素化授权管理,同时,充分发挥云端服务器的运算和存储能力,降低个人用户加解密运算量和密钥管理难度。 Cloud computing is one of the space-ground integration information network applications. Users can access data and retrieve service easily and quickly in cloud. The confidentiality and integrity of the data cloud have a direct cor-respondence to data security of the space-ground integration information network. Thus the data in cloud is transferred with encrypted form to protect the information. As an important technology of cloud security, access control should take ac-count of multi-factor and cipher text to satisfy the complex requirement for cloud data protection. Based on this, a proxy re-encryption based multi-factor access control (PRE-MFAC) scheme was proposed. Firstly, the aims and assumptions of PRE-MFAC were given. Secondly, the system model and algorithm was defined. Finally, the security and properties of PRE-MFAC were analyzed. The proposed scheme has combined the PRE and multi-factor access control together and real-ized the multi-factor permission management of cipher text in cloud. Meanwhile, it can make the best possible use of cloud in computing and storing, then reduce the difficulty of personal user in cryptographic computing and key managing.
出处 《通信学报》 EI CSCD 北大核心 2018年第2期96-104,共9页 Journal on Communications
基金 国家重点研发计划基金资助项目(No.2016YFB0800303) 国家自然科学基金资助项目(No.61702266 No.61572255) 江苏省自然科学基金资助项目(No.BK20150787 No.BK20141404) 北京市自然科学基金资助项目(No.4152048)~~
关键词 代理重加密 多要素 访问控制 云计算 天地一体化信息网络 proxy re-encryption, multi-factor, access control, cloud computing, space-ground integration information network
  • 相关文献

参考文献4

二级参考文献37

  • 1方滨兴,殷丽华.关于信息安全定义的研究[J].信息网络安全,2008(1):8-10. 被引量:22
  • 2李喆,刘军.卫星网络安全路由研究[J].通信学报,2006,27(8):113-118. 被引量:21
  • 3MELL P,GRANCE T.The NIST definition of cloud computing. . 2009
  • 4JUNG Y,CHUNG M.Adaptive security management model in thecloud computing environment. Proceedings of the InternationalConference on Advanced Communication Technology . 2010
  • 5WANG W,LI Z,OWENS R,et al.Secure and efficient access tooutsourced data. Proceedings of the ACM Workshop on CloudComputing Security . 2009
  • 6Joshi J B D,Bertino E,Latif U,et al.A Generalized Temporal Role-based Access Control Model. IEEE Transactions of Knowledge and Data Engineering . 2005
  • 7Bertino E,Bonatti P A,Ferrari E.TRBAC: a temporal role-based access control model. ACM Transactions on Information and System Security . 2001
  • 8Almulla,S.A,Chan Yeob Yeun.Cloud computing security management. Engineering Systems Management and Its Applications (ICESMA), 2010 Second International Conference on . March302010-April12010
  • 9Koch M,Mancini L V,Parisi-Presicce F.Administrative Scope in the Graph-based Framework. Proceedings of 9th ACM Symposium on Access Control Models and Technologies (SACMAT) . 2004
  • 10Joshi J B D,,Bertino E,Ghafoor A.Hybrid role hierarchy forgeneralized temporal role based access control mode[l A]. Proc.of26th Annual International Computer Software and Ap-plications Conference . 2002

共引文献124

同被引文献47

引证文献4

二级引证文献35

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部