期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

云端数据访问控制中基于中间代理的用户撤销新方法 被引量:6

New user revocation approach based on intermediate agency for cloud data access control
下载PDF
导出
摘要 基于属性的加密机制是云端大数据细粒度访问控制的重要方法,其中的用户撤销是访问控制的重要一环,但现有的用户撤销方法因为仅仅重新加密对称密钥或者需要重新加密原始数据,所以存在安全性差或效率低的问题。针对上述问题,提出了一种基于中间代理的用户撤销方法,来解决在细粒度访问控制环境下用户撤销所带来的安全和效率问题。该用户撤销方法主要思想是利用中间代理辅助处理原始密文,继而由用户完成转化后密文的解密。由于用户没有单独解密密文的能力,因此不需要重新加密共享数据,从而在用户撤销后保证了数据的安全性,又解决了效率问题。理论分析以及实验结果表明,所提出的方法相较现有方法能够在细粒度访问控制环境下达到安全且高效的用户撤销。 Attribute-based encryption mechanism was a significant approach for data fine-grained access control in cloud in which the user revocation was the most crucial aspect of the access control. However, the existing user revocation schemes either encrypt the symmetric key or the original data, so keeping the balance between security and efficiency was difficult. In order to solve the security and efficiency problems that user revocation brought in the fine-grained access control, a new user revocation approach based on intermediate agency was proposed. In this approach, a intermediate agency to process original cipher text was employed, then the decryption should be finished by users. Because the user couldnot decrypt the cipher text alone, encrypting data after user revocation was required. Theoretical analysis and ex- perimental results show that in the fine-grained access control environment proposed approach can achieve security and efficiency in user revocation compared with the existing schemes.
作者 姚亮 杨超 马建峰 张俊伟
机构地区 西安电子科技大学计算机学院
出处 《通信学报》 EI CSCD 北大核心 2015年第11期92-101,共10页 Journal on Communications
基金 国家自然科学基金资助项目(61170251) 国家自然科学基金委-广东联合基金资助项目(U1401251) 国家高技术研究发展计划("863"计划)基金资助项目(2012AA013102) 教育部重点基金资助项目(209156)~~
关键词 数据机密性 细粒度访问 用户撤销 中间代理 data confidentiality fine-grained access user revocation intermediate agency
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献12

  • 1NAOR D, NAOR M,LOTSPIECH J. Revocation and tracing sche-mesortateless receivers[A]. Advances in Cryptology~CRYPTO2001 [C]. Springer Berlin Heidelberg, 2001.41-62.
  • 2WONG C K,GOUDA M,LAM S S. Secure group communicationsusing key graphs [J]. IEEE/ACM Transactions on Networking, 2000,8(1): 16-30.
  • 3BADEN R, BENDER A, SPRING N, et al. Persona: an online socialnetwork with user-defined privacy [J]. ACM SIGCOMM ComputerCommunication Review, 2009,39(4): 135-146.
  • 4BETHENCOURT J, SAHAI A, WATERS B. Ciphertext-policy attrib-ute-based encryption[A]. Security and Privacy IEEE Symposiumon[C]. 2007. 321-334.
  • 5YU S, WANG C,REN K, et al. Achieving secure, scalable, andfine-grained data access control in cloud computing[A]. INFOCOM,2010 Proceedings IEEE[C]. 2010. 1-9.
  • 6GOYAL V, PANDEY O,SAHAI A, et al. Attribute-based encryptionfor fine-grained access control of encrypted data[A]. Proceedings ofthe 13th ACM Conference on Computer and Communications Secu-rity[C].ACM, 2006. 89-98.
  • 7BLAZE M, BLEUMER Q STRAUSS M. Divertible protocols and atomicproxy cryptography[A]. Advancesin Cryptology-EUROCRYPT98[C].Springer Berlin Heidelberg, 1998.127-144.
  • 8JAHID S’ MITTAL P, BORISOV N. EASiER: encryption-based ac-cess control in social networks with efficient revocation[A]. Proceed-ings of the 6th ACM Symposium on Information, Conmputer andCommunications Security[C]. ACM, 2011.411-415.
  • 9BETHENCOURT J, SAHAI A, WATERS B. Ciphertext-policy attrib-ute-based encryption [A]. Security and Privacy IEEE Symposium onIEEE[C]. 2007. 321-334.
  • 10BOLDYREVA A,GOYAL V,KUMAR V. Identity-based encryptionwith efficient revocation[A]. Proceedings of the 15th ACM Coferenceon Computer and Communications Security[C]. ACM, 2008.417-426.

同被引文献41

引证文献6

二级引证文献24

通信学报
2015年 第11期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部