摘要
通过对外包数据库双层加密方案的分析,指出存在授权用户可以将资源访问授权给其他非授权用户的安全缺陷,为此,提出一个改进的安全外包数据访问控制方案。该方案利用二元一次函数诱导产生加密密钥。为适应访问控制策略动态变化,防止非授权用户访问资源,通过双重加密实现授权访问动态变化。分析结果表明,改进方案能够克服外包数据库双层加密方案的安全缺陷,可实现策略动态更新,是一个安全高效的访问控制方案。
Through the analysis of outsourced database two layer encryption scheme,its security flaw is pointed out,that is,authorized users can easy authorized other non-authorized user to access to resource.An improved scheme that can derive the encryption key by using linear equation in two unknowns is proposed.To adapt to access policy changes avoiding re-encryption for the data owner,this scheme exploits a two layer encryption scheme to prevent non-authorized users to access resource.Analysis shows that this scheme not only can overcome the flaws of the original program but also adapt to dynamic changes.It is a safe and efficient access control scheme.
出处
《计算机工程》
CAS
CSCD
北大核心
2011年第9期173-175,共3页
Computer Engineering
基金
国家自然科学基金资助项目(61070164)
广东省自然科学基金资助项目(8151063201000022)
广东省科技计划基金资助项目(2010B010600025)
关键词
外包数据库
访问控制
数据加密
密钥管理
隐私保护
outsourced database
access control
data encryption
key management
privacy preservation