期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

具有访问权限撤销的外包数据加密方案 被引量:10

Outsourced data encryption scheme with access privilege revocation
下载PDF
导出
摘要 对Zhou等提出的方案(ZHOU M,MU Y,SUSILO W,et al.Privacy enhanced data outsourcing in the cloud.Journal of network and computer applications,2012,35(4):1367-1373)进行分析,指出了该方案无法实现对用户访问权限进行撤销的问题。针对该方案的不足,提出一种具有撤销用户访问权限的外包数据加密方案。首先,把数据分成多个数据块并分别对每个数据块加密;其次,通过密钥导出的方法减少数据拥有者管理和保存密钥的数量;最后,对同一个加密数据构造多个解密密钥,实现对某些用户的访问权限撤销,而未被撤销用户无需进行密钥更新。与Zhou等的方案相比,所提方案不仅保持该方案中的外包数据隐私保护优点,而且还实现了用户访问权限的撤销。分析结果表明,在离散对数困难问题(DLP)假设下,所提方案是安全的。 The scheme proposed by Zhou et al.( ZHOU M, MU Y, SUSILO W, et al. Privacy enhanced data outsourcing in the cloud. Journal of network and computer applications, 2012, 35( 4) : 1367- 1373) was analyzed, and the shortcoming of no access privilege revocation was shown. To address the shortcoming, an outsourced data encryption scheme with revoking access privilege was proposed. Firstly, the data were divided into several data blocks, and each data block was encrypted separately. Secondly, with the key derivation method, the number of keys stored and managed by the data owner was reduced. Finally, multiple decryption keys were constructed on an encrypted data to revoke access privileges of some users, without affecting the legitimate users. Compared with Zhou's scheme, the proposed scheme not only maintains the advantage of privacy protection to the outsourced data in the scheme, but also realizes access privilege revocation for users.The analysis results show that the proposed scheme is secure under the assumption of the Discrete Logarithm Problem( DLP).
作者 李程文 王晓明
机构地区 暨南大学信息科学技术学院
出处 《计算机应用》 CSCD 北大核心 2016年第1期216-221,共6页 journal of Computer Applications
基金 国家自然科学基金资助项目(61070164 61272415) 广东省自然基金资助项目(S2012010008767) 广东省科技计划项目(2013B010401015 2012B091000136)~~
关键词 外包数据 用户撤销 数据加密 密钥管理 多解密密钥 outsourced data user revocation data encryption key management multiple decryption key
分类号 TP309.7 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献15

  • 1ARMBRUST M, FOX A, GRIFFITH R, et al. A view of cloud computing [J]. Communications of the ACM, 2010, 53(4): 50-58.
  • 2GHEMAWAT S, GOBIOFF H, LEUNG S-T. The Google file system [C]// Proceeding of the 19th ACM Symposium on Operating Systems Principles. New York: ACM, 2003: 29-43.
  • 3MODI C, PATEL D, BORISANIYA B, et al. A survey on security issues and solutions at different layers of cloud computing [J]. The journal of supercomputing, 2013, 63(2): 561-592.
  • 4杨健,汪海航,王剑,俞定国.云计算安全问题研究综述[J].小型微型计算机系统,2012,33(3):472-479. 被引量:92
  • 5BHADAURIA R, CHAKI R, CHAKI N, et al. Security issues in cloud computing [J]. Acta technica corviniensis-bulletin of engineering, 2014, 7(4): 159.
  • 6WANG W, LI Z, OWENS R, et al. Secure and efficient access to outsourced data [C]// Proceedings of the 2009 ACM Workshop on Cloud Computing Security. New York: ACM, 2009: 55-66.
  • 7AGRAWAL R, KIERNAN J, BLUNDO C, et al. Efficient key management for enforcing access control in outsourced scenarios [C]// Proceedings of the IFIP International Conference on Information Security. Berlin: Springer, 2009: 364-375.
  • 8ATALLAH M J, BLANTON M, FAZIO N, et al. Dynamic and efficient key management for access hierarchies [J]. ACM transactions on information and system security, 2009, 12(18): 1-43.
  • 9WALLNER D, HARDER E, AGEE R, et al. Key management for multicast: issues and architectures, RFC 2627 [S]. [S.l.]: IETF, 1999.
  • 10ZHOU M, MU Y, SUSILO W, et al. Privacy enhanced data outsourcing in the cloud [J]. Journal of network and computer applications, 2012, 35(4): 1367-1373.

二级参考文献24

  • 1罗武庭.DJ—2可变矩形电子束曝光机的DMA驱动程序[J].LSI制造与测试,1989,10(4):20-26. 被引量:373
  • 2Brodkin. Gartner: seven cloud-computing security risks[DB/OL]. http://www.networkworld.comlnews/2008/070208-cloud. html, 2008-07-02.
  • 3Cao Tian-jie , Zhang Yong-ping, Wang Chu-jiao. Security protocol [ M]. Beijing: Beijing University of Posts and Telecommunications Press, 2009.
  • 4Aaram Yun, Shi Chun-hui, Yongdae Kim. On protecting integrity and confidentiality of cryptographic file system for outsourced storage [ C]. In CCSW'09: Proceedings of the 2009 ACM Workshop on Cloud Computing Security, Chicago, Illinois, USA, 2009: 67- 75.
  • 5Carter J L, Wegman M N. Universal classes of hash functions (extended abstract) [ A]. STOC '77: Proceedings of the Ninth Annual ACM Symposium on Theory of Computing, New York, NY, USA [C]. ACMPress, 1977:106-112.
  • 6Wang Cong , Wang Qian , Ren Kui, et al. Ensuring data storage security in cloud computing [ C]. In IWQoS' 09: Proceedings of 17th International Workshop on Quality of Service, Charleston, SC, USA, 2009:1-9.
  • 7Adi Shamir. Identity-based cryptosystems and signature schemes [ C]. In Proceedings of CRYPTO'84 on Advances in Cryptology, Santa Barbara, California, USA, 1985 :47-53.
  • 8Horwitz J, Lynn B. Toward hierarchical identity-based encryption [C]. In Proceedings of EUROCRYPT 2002, LNCS, Springer, Heidelberg ,2002 ,2332 :466481.
  • 9Li H, Dai Y, Tian L,et al. Identity-based authentication for cloud computing[ C]. In CloudCom'09: Proceedings of the 1 st International Conference on Cloud Computing, Beijing, China, 2009: 157-166.
  • 10Yu S, Wang C, Ren K, et al. Achieving secure, scalable, and fine-grained data access control in cloud computing [ C]. In Proceedings of IEEE INFOCOM, 2010:534-542.

共引文献91

同被引文献63

引证文献10

二级引证文献30

计算机应用
2016年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部