期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于CP-ABE和SD的高效云计算访问控制方案 被引量:10

Efficient Access Control Scheme Combining CP-ABE and SD in Cloud Computing
下载PDF
导出
摘要 存储在云端服务器中的敏感数据的保密和安全访问是云计算安全研究的重要内容。提出了一种安全、高效、细粒度的云计算访问控制方案。密文的加密采用了借助线性秘密共享矩阵的CP-ABE加密算法,并将大部分密文重加密工作转移给云服务提供商执行,在保证安全性的前提下,降低了数据属主的计算代价。该方案在用户属性撤销时,引入SD广播加密技术,有效降低了撤销时的计算开销和通信开销。理论分析表明该方案具有数据机密性、抗合谋攻击性、前向安全和后向安全,最后的实验结果验证了方案具有较高的撤销效率。 The privacy and secure access of sensitive data stored in the cloud server is important content in cloud computing security research. A secure, effective, fine-grained access control scheme in cloud computing was proposed. The ciphertext encryption employs a CP-ABE with a linear secret sharing matrix, and most of the re-encryption work is transferred to the cloud service provider, so the scheme reduces the data owner's computational cost on the premise of security. When user attributes' revocation occurs, the scheme introduces SD broadcast encryption technology, effectively reducing the computing and communication overheads. The analysis shows that the scheme has the data confidentiality, collusion-resistance, backward and forward secrecy. Finally the experiment result validates the high revocation efficiency of the scheme.
作者 陈燕俐 宋玲玲 杨庚
机构地区 南京邮电大学计算机学院
出处 《计算机科学》 CSCD 北大核心 2014年第9期152-157,168,共7页 Computer Science
基金 国家"九七三"重点基础研究发展规划:物联网混杂信息融合与决策研究(2011CB302903) 国家自然科学基金项目:云计算环境下的新型访问控制理论与关键技术研究(61272084) 江苏省自然科学基金(BK2009426)资助
关键词 访问控制 云计算 子集差分 基于属性加密 撤销 Access control Cloud computing Subset difference Attribute-based encryption Revocation
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献16

  • 1Yu Shu-cheng, Wang Cong, Ren Kui, et al. Achiving secure, scalable, and fine-grained data access control in cloud computing [C] // INFOCOM, 2010 Proceedings IEEE. San Diego, CA, 2010: 1-9.
  • 2Do J eong-min, Song You-in,Park N. Attribute based Proxy Re- Encryption for Data Confidentiality in Cloud Computing Envi- ronments[C]//2011 First ACIS/JNU International Conference on Computers, Networks, Systems and Industrial Engineering (CNSI). IEEE, Jeju Island, 2011 : 248-251.
  • 3Wan Zhi-guo, Liu Jun' e, Deng R H. HASBE: A Hierarchical At- tribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing[J]. IEEE Transaction on Information Fo- rensics and Security, 2012,7(2) : 743-754.
  • 4Liang Xiao-hui, Lu Rong-xing, Lin Xiao-dong, et al. Ciphertext Policy Attribute Based Encryption with Efficient Revocation [R]. Technical Report, University of Waterloo, 2010.
  • 5Liang Xiao-hui, Lu Rong-xing, Lin Xiao-dong, et al. Ciphertext Policy Attribute Based Encryption with Efficient Revocation [R]. Technical Report, University of Waterloo, 2010.
  • 6Sahai A, Seyalioglu H, Waters B. Dynamic Credentials and Ci- phertext Delegation for Attribute-Based Encryption[M]///Ad- vances in Cryptology-CRYPTO 2012. Springer Berlin Heidel- berg, 2012 : 199-217.
  • 7Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data[C]//Procee- dings of the 13th ACM conference on Computer and communica- tions security. ACM, New York, NY, USA, 2006 : 89-98.
  • 8Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute- based encryption[C]//IEEE Symposium on Security and Priva- cy, 2007(SP'07). Berkeley,CA, United states, 2007:321-334.
  • 9Hut J, Noh D K. Attribute-based access control with e{{icient revocation in data outsourcing systems[J]. IEEE Transaction on Parallel and Distributed Systems,2011,22(7) : 1214-1221.
  • 10Attrapadung N, Imai H. Conjunctive broadcast and attribute- based encryption [ M] // Pairing-Based Cryptography-Pairing 2009. Springer Berlin Heidelberg, 2009 : 248-265.

同被引文献88

  • 1陈兰香,许力.云存储服务中可证明数据持有及恢复技术研究[J].计算机研究与发展,2012,49(S1):19-25. 被引量:28
  • 2刘国萍,刘建峰,谭国权.多租户SaaS服务安全技术研究[J].电信科学,2011,27(S1):11-15. 被引量:5
  • 3牛德华,马建峰,马卓,李辰楠,王蕾.基于属性的安全增强云存储访问控制方案[J].通信学报,2013,34(S1):276-284. 被引量:12
  • 4沈海波,洪帆.基于属性的授权和访问控制研究[J].计算机应用,2007,27(1):114-117. 被引量:16
  • 5Goyal V, Pandey O, Sahai A, et al. Attrlbute-Based Encryption for Fine-Grained Access Control of En- crypted Data[C]//Proeeedings of The 13th ACM Conference on Computer and Communications Securi- ty. ACM, 2006: 89-98.
  • 6Sahai A, Seyalioglu H, Waters B. Dynamic Creden- tials and Ciphertext Delegation for Attribute-Based gncryption 2J ]. Advances in Cryptology - CRYPTO 2012, 2012: 199-217.
  • 7Agrawal S, Boyen X, Vaikuntanathan V, et al. Func- tional Encryption for Threshold Functions (Or Fuzzy Ibe) from Lattices[M3//~-s.n.3.Public Key Cryptography -PKC 2012. Berlin Heidelberg: Springer,2012 : 280-297.
  • 8Zhang J, Zhang Z, Ge A. CiphertextPolicy Attribute- Based Encryption from Lattices[C3//Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security. ACM, 2012: 16-17.
  • 9Gorbunov S, Vaikuntanathan V, Wee H. Attribute- Based Encryption for Circuitsl-C~//Proceedings of the 45th Annual ACM Symposium on Symposium on Theory of Computing. ACM, 2013: 545-554.
  • 10Wang Y. Lattice Ciphertext Policy Attribute-based Eneryption in the Standard Model[J3.IJ Network Se- curity, 2014, 16(4): 358-365.

引证文献10

二级引证文献25

计算机科学
2014年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部