NC-MACPABE: Non-centered multi-authority proxy re-encryption based on CP-ABE for cloud storage systems 被引量：9

NC-MACPABE: Non-centered multi-authority proxy re-encryption based on CP-ABE for cloud storage systems

下载PDF

导出

摘要 The cloud storage service cannot be completely trusted because of the separation of data management and ownership, leading to the difficulty of data privacy protection. In order to protect the privacy of data on untrusted servers of cloud storage, a novel multi-authority access control scheme without a trustworthy central authority has been proposed based on CP-ABE for cloud storage systems, called non-centered multi-authority proxy re-encryption based on the cipher-text policy attribute-based encryption(NC-MACPABE). NC-MACPABE optimizes the weighted access structure(WAS) allowing different levels of operation on the same file in cloud storage system. The concept of identity dyeing is introduced to improve the users' information privacy further. The re-encryption algorithm is improved in the scheme so that the data owner can revoke user's access right in a more flexible way. The scheme is proved to be secure. And the experimental results also show that removing the central authority can resolve the existing performance bottleneck in the multi-authority architecture with a central authority, which significantly improves user experience when a large number of users apply for accesses to the cloud storage system at the same time. The cloud storage service cannot be completely trusted because of the separation of data management and ownership, leading to the difficulty of data privacy protection. In order to protect the privacy of data on untrusted servers of cloud storage, a novel multi-authority access control scheme without a trustworthy central authority has been proposed based on CP-ABE for cloud storage systems, called non-centered multi-authority proxy re-encryption based on the cipher-text policy attribute-based encryption(NC-MACPABE). NC-MACPABE optimizes the weighted access structure(WAS) allowing different levels of operation on the same file in cloud storage system. The concept of identity dyeing is introduced to improve the users' information privacy further. The re-encryption algorithm is improved in the scheme so that the data owner can revoke user's access right in a more flexible way. The scheme is proved to be secure. And the experimental results also show that removing the central authority can resolve the existing performance bottleneck in the multi-authority architecture with a central authority, which significantly improves user experience when a large number of users apply for accesses to the cloud storage system at the same time.

作者 XU Xiao-long ZHANG Qi-tong ZHOU Jing-lan 徐小龙;张栖桐;周静岚

机构地区 College of Computer State Key Laboratory for Novel Software Technology (Nanjing University)

出处《Journal of Central South University》 SCIE EI CAS CSCD 2017年第4期807-818,共12页 中南大学学报（英文版）

基金 Projects(61472192,61202004)supported by the National Natural Science Foundation of China Project(14KJB520014)supported by the Natural Science Fund of Higher Education of Jiangsu Province,China

关键词 cloud storage data PRIVACY PROXY re-encryption multi-authority cloud storage data privacy proxy re-encryption multi-authority

分类号 TP309.7 [自动化与计算机技术—计算机系统结构] TP333 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献3

1XUE Weit,SHU JiWu,LIU fang,& XUE Mao.Corslet: A shared storage system keeping your data private[J].Science China(Information Sciences),2011,54(6):1119-1128. 被引量：5
2徐小龙,涂群,BESSIS Nik,杨庚,王新珩.SATVPC:Secure-agent-based trustworthy virtual private cloud model in open computing environments[J].Journal of Central South University,2014,21(8):3186-3196. 被引量：2
3黄汝维,桂小林,余思,庄威.云环境中支持隐私保护的可计算加密方法[J].计算机学报,2011,34(12):2391-2402. 被引量：61

二级参考文献49

1Sandberg R, Goldberg D, Kleiman S, et al. Design and implementation of the SUN network filesystem. In: Proceedings of the Summer USENIX Conference, Portland, USA, 1985. 119-130.
2Callaghan B, Pawlowski B, Staubach P. NFS version protocol specification. RFC 1813, 1995.
3Braam P J. The Lustre storage architecture, http://www.lustre,org/documentation.html.
4Braam P J. The Lustre storage architecture. Cluster File Systems, Inc., Aug. 2004. http://www.lustre.org/documentation.html.
5Amazon.com. Amazon simple storage service (Amazon S3). http://aws.amazon.com/s3.
6Weil S A, Brandt S A, Miller E L, et al. Ceph: A scalable, high-performance distributed file system. In: Proceedings of OSDI, Seattle, USA, 2006. 22.
7Hasan R, Myagmar S, Lee A J, et al. Toward a threat model for storage systems. In: Proceedings of StorageSS, Fairfax, USA, 2005. 94-102.
8Data Breach Investigation Report, Verizon, 2010. http://www.verizonbusiness.com/resources/reports/rp-2010-data-breach-report-en-xg, pdf.
9Kallahalla M, Riedel E, Swaininathan R, et al. Plutus-scalable secure file sharing on untrusted storage. In: Proceedings of the 2nd USENIX File and Storage Technologies, San Francisco, USA, 2003.
10Riedel E, Kallahalla M, Swaminathan R. A framework for evaluating storage system security. In: Proceedings of FAST, Monterey, USA, 2002. 15-30.

共引文献65

1张俊.云计算技术在计算机网络安全中的应用[J].电子技术（上海）,2021(1):120-121. 被引量：9
2陈伟,Wally Smieliauskas.云计算环境下的联网审计实现方法探析[J].审计研究,2012(3):37-44. 被引量：101
3DONG Wei,CHEN LiQian.Recent advances on trusted computing in China[J].Chinese Science Bulletin,2012,57(35):4529-4532. 被引量：4
4马欣.基于云计算的气象数据信息安全技术研究[J].微型机与应用,2012,31(23):64-66. 被引量：4
5王有刚,徐勇,王泽成,周善英.云环境数据发布服务中隐私保护相关技术研究[J].现代情报,2012,32(12):3-7. 被引量：2
6杨刚,陈越,李超零,谭鹏许.基于AES和模运算的密文索引方案[J].计算机应用研究,2013,30(1):278-281. 被引量：1
7傅颖勋,罗圣美,舒继武.安全云存储系统与关键技术综述[J].计算机研究与发展,2013,50(1):136-145. 被引量：176
8张海玉.云平台下数字图书馆的安全策略研究[J].图书馆学研究,2013(3):42-46. 被引量：9
9于延,王建华,孙惠杰.基于云计算的数据查找与加密方案研究[J].计算机工程与应用,2013,49(4):18-22. 被引量：6
10曾博文.网络云数据滤波融合存储访问机制研究与仿真[J].科技通报,2013,29(4):133-135.

同被引文献30

1李伯虎,张霖,王时龙,陶飞,曹军威,姜晓丹,宋晓,柴旭东.云制造——面向服务的网络化制造新模式[J].计算机集成制造系统,2010,16(1):1-7. 被引量：869
2陶飞,张霖,郭华,罗永亮,任磊.云制造特征及云服务组合关键问题研究[J].计算机集成制造系统,2011,17(3):477-486. 被引量：212
3FANG LiMing,WANG JianDong,GE ChunPeng,REN YongJun.Fuzzy conditional proxy re-encryption[J].Science China(Information Sciences),2013,56(5):206-218. 被引量：2
4蓝才会,王彩芬.一个新的基于秘密共享的条件代理重加密方案[J].计算机学报,2013,36(4):895-902. 被引量：11
5王于丁,杨家海,徐聪,凌晓,杨洋.云计算访问控制技术研究综述[J].软件学报,2015,26(5):1129-1150. 被引量：194
6熊厚仁,陈性元,张斌,杜学绘.基于双层角色和组织的可扩展访问控制模型[J].电子与信息学报,2015,37(7):1612-1619. 被引量：10
7Jianjiang Li,Jie Wu,Zhanning Ma.Frequency and Similarity-Aware Partitioning for Cloud Storage Based on Space-Time Utility Maximization Model[J].Tsinghua Science and Technology,2015,20(3):233-245. 被引量：4
8陈达伦,陈荣国,谢炯.基于MPP架构的并行空间数据库原型系统的设计与实现[J].地球信息科学学报,2016,18(2):151-159. 被引量：21
9田野,袁博,李廷力.物联网海量异构数据存储与共享策略研究[J].电子学报,2016,44(2):247-257. 被引量：44
10雷蕾,蔡权伟,荆继武,林璟锵,王展,陈波.支持策略隐藏的加密云存储访问控制机制[J].软件学报,2016,27(6):1432-1450. 被引量：23

引证文献9

1钱政,夏红霞.基于有限域代数签名分治表的大数据云存储远程审计[J].计算机工程与科学,2018,40(11):1907-1914. 被引量：3
2HOU Jing-wei,SUN Shi-qin,LIU Ren-tao,LI Jian-hua,ZHANG Ming-xin.Design and achievement of cloud geodatabase for a sponge city[J].Journal of Central South University,2018,25(10):2423-2437. 被引量：2
3朱雯曦,黄煜栋,黄长城.考虑擦除编码可靠视频流三步式内凸逼近优化[J].计算机应用与软件,2019,36(7):169-176.
4任晓莉,杨建卫,李乃乾.云计算中基于动态虚拟化电子流密码的安全存储[J].计算机科学与探索,2019,13(8):1331-1340. 被引量：13
5章园园,秦岭.面向物联网搜索技术的高效访问控制方案[J].计算机科学,2019,46(8):194-200. 被引量：3
6李龙,古天龙,常亮,李晶晶,钱俊彦.云制造中策略可更新的去中心化访问控制机制[J].计算机集成制造系统,2019,25(9):2280-2290. 被引量：3
7许小媛,李海波,黄黎.云存储多异构文件联合延迟尾概率凸优化分析[J].计算机工程与应用,2021,57(5):88-94. 被引量：2
8洪文圳,李冬睿,沈阳.基于双哈希模糊布隆滤波器云存储数据融合[J].计算机工程与设计,2021,42(8):2152-2158. 被引量：2
9陈曦,李勇,李如先.一种支持细粒度授权的数据安全共享方案[J].信息安全研究,2023,9(7):667-674. 被引量：1

二级引证文献29

1王习涛.基于任务角色的云计算快速访问控制方法研究[J].计算机产品与流通,2020,0(7):124-124. 被引量：1
2任元芬,黄永泉,付丽菊.针刺治疗小儿腹泻118例疗效观察[J].针灸临床杂志,2000,16(2):27-28. 被引量：1
3孙诗琴,侯景伟.中国低影响开发文献定量分析[J].人民珠江,2020,41(6):121-128. 被引量：2
4张萍.基于双向寻优粒子群的网络涉密信息安全存取[J].实验技术与管理,2020,37(10):56-60. 被引量：5
5牛鹏伟.云计算数据中心虚拟化电子流加密方法研究[J].信息与电脑,2020,32(22):30-31. 被引量：1
6庄银霞.基于网格技术的分布式大数据混合云存储方法[J].廊坊师范学院学报（自然科学版）,2021,21(1):12-16. 被引量：3
7杨强.田湾核电站基于Elasticsearch的创新型数据应用研究与实践[J].电力大数据,2021,24(2):41-46.
8杨海亮.基于安全散列算法的电子数据存证方法设计[J].电子设计工程,2021,29(13):104-108.
9杨强,胡心宇.田湾核电站设备管理智能化应用的研究与实践[J].电工技术,2021(12):41-43. 被引量：1
10潘燕华,王克,王平.云计算环境下复杂产品价值链合作伙伴选择研究[J].计算机集成制造系统,2021,27(12):3651-3658. 被引量：3

1腾讯云数据存储全覆盖[J].网络安全和信息化,2017,0(9):21-21.
2Veritas实现存储智能化[J].网络安全和信息化,2017,0(10):23-23.
3CHEN HEYING.Decoding the Climate Change Cipher[J].China Today,2017,66(11):60-61.
4Rui ZHANG,Hui MA,Yao LU,Yang LI.Provably secure cloud storage for mobile networks with less computation and smaller overhead[J].Science China(Information Sciences),2017,60(12):175-187. 被引量：3
5数据管理软件套件将测量数据转化为可执行的技术洞察[J].今日电子,2017,0(12):72-72.
6Hori Wired Mini Gamepad便携式手柄[J].汽车与社会,2017,0(34):79-79.
7Mohammad Reza Jannati Oskuee,Masoumeh Karimi,Yahya Naderi,Sajad Najafi Ravadanegh,Seyyed Hossein Hosseini.A new multilevel voltage source inverter configuration with minimum number of circuit elements[J].Journal of Central South University,2017,24(4):912-920.
8Global Glance[J].China Rare Earth Information,2017,23(6):6-8.
9ZHANG Shuanhong,ZHAO Yue,LIU Yongsheng.Formation of the Giant Bayan Obo Deposit by ca. 1.3 Ga Carbonatitic Magmatism and its Link with Continental Rifting in the Columbia Supercontinent[J].Acta Geologica Sinica(English Edition),2016,90(S1):195-196. 被引量：1
10Zhang Baoning,Ge Wei,Wang Zhen.A distributed cross-domain register filefor reconfigurable cryptographic processor[J].Journal of Southeast University(English Edition),2017,33(3):260-265. 被引量：1

Journal of Central South University

2017年第4期

浏览历史

内容加载中请稍等...