期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

云存储环境下支持策略变更的CP-ABE方案 被引量:2

CP-ABE Scheme with Supporting Policy Elastic Updating in Cloud Storage Environment
下载PDF
导出
摘要 近年来,CP-ABE作为适用于云存储环境的访问控制机制,成为研究热点。由于现有的基于CP-ABE的访问控制方案在云存储环境下不支持系统属性灵活变更,利用云存储服务提供者的存储及计算资源优势,基于AB-ACER方案提出了支持系统属性灵活撤销及恢复的云存储访问控制方案。该方案通过引入虚拟属性来支持云存储环境下访问策略属性的撤销及恢复,且仅由存储服务提供者进行少量的重加密计算。安全及性能分析表明,该方案不仅支持数据属主访问策略的灵活变更,还保持了原有方案的安全性及细粒度访问控制,同时大大降低了数据属主的计算开销。 In recent years,CP-ABE has been researched extensively as an access control mechanism in cloud storage environment.Because existing access control schemes based on CP-ABE can not support the elastic update with the system properties in cloud storage environment,this paper used the cloud storage service provider's(CSP's)storage and computing resources advantages,and proposed a cloud storage access control scheme which supports the system attributes revocation or recovery based on the attribute-based access control with efficient revocation(AB-ACER)scheme.The scheme introduces virtual attributes for the access control tree,and when system attributes have been revoked or recovered,CSP only provides small re-encryption computation.Security analysis and performance analysis show that the proposed scheme not only supports a changeable access control policy for data owner(DO),but also ensures the confidentiality of data and the fine-grained access control,and reduces a large number of encryption calculation works for DO.
作者 熊安萍 许春香 冯浩
机构地区 电子科技大学计算机科学与工程学院 重庆邮电大学计算机科学与技术学院
出处 《计算机科学》 CSCD 北大核心 2016年第1期191-194,共4页 Computer Science
基金 国家自然科学基金项目(61350203) 重庆市教委科学技术研究项目(KJ1400414)资助
关键词 云存储 CP-ABE 系统属性变更 虚拟属性 访问控制 Cloud storage CP-ABE System attribute update Virtual attribute Access control
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献16

  • 1Amazon. com. Amazon s3 Availability Event: July 20, 2008 [OL]. http://status, aws. amazon, corn/s3-20080520, html.
  • 2Arrington M. Gmail Disaster: Reports of Mass Email Deletions [R/OL]. http://www, techcrunch, com/2006/12/28/gmail-disa- ster-repor t s-of-massemail-deletions.
  • 3Krigsman M. Apple's MobileMe Experiences Post Launch Pain [OL]. http://blogs, zdnet, com/projectfailures/?p= 908.
  • 4Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data [C]//CCS. ACM, 2006 : 89-98.
  • 5苏金树,曹丹,王小峰,孙一品,胡乔林.属性基加密机制[J].软件学报,2011,22(6):1299-1315. 被引量:98
  • 6Hur J, Noh D K. Attribute-based access control with efficient revocation in data outsourcing systems[J]. IEEE Transactions on Parallel and Distributed Systems,2011,22(7):1214- 1221.
  • 7Dara K. Microsoft's 2012 11 SkyDrive accidently freezes out Opera users[EB/OL]. [2014-04-20]. http://www, cnet. corn/ news/microsoft s-skydrive-accident ly- freezes-out-opera users.
  • 8Sahai A,Waters B. Fuzzy Identity-Based Encryption[M]//Ad- vances in Cryptology EUROCRYPT 2005. Springer Berlin Hei- delberg, 2005 .. 457-473.
  • 9Xiong An-ping, Xu Chun xiang. Energy Efficient Multiresource Allocation of Virtual Machine Based on PSO in Cloud Data Cen- ter[J]. Mathematical Problems in Engineering, 2014, 18 ( 5 ) : 816- 830.
  • 10Bethencourt J, Sahai A, Waters B. Ciphertext-Policy Attribute Based Encryption[C]//IEEE Symposium on Security and Priva cy,2007(SP'07). IEEE,2007 : 321-334.

二级参考文献67

  • 1Fiat A, Naor M. Broadcast encryption. In: Stinson DR, ed. Advances in Cryptology-CRYPTO'93. Berlin, Heidelberg: Springer- Verlag, 1994. 480-491.
  • 2Naor D, Naor M, Lotspiech J. Revocation and tracing schemes for stateless receivers. In: Kilian J, ed. Advances in Cryptology- CRYPTO 2001. Berlin, Heidelberg: Springer-Verlag, 2001.41-62.
  • 3Boneh D, Gentry C, Waters B. Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup V, ed. Advances in Crytology-CRYPTO 2005. Berlin, Heidelberg: Springer-Verlag, 2005. 258-275. [doi: 10.1007/11535218_16].
  • 4Shamir A. Identity-Based cryptosystems and signature schemes. In: Blakley GR, Chaum D, eds. Advances in Cryptology- CRYPTO'84. Berlin, Heidelberg: Springer-Verlag, 1984.47-53.
  • 5Boneh D, Franklin M. Identity-Based encryption from the weil pairing. In: Kilian J, ed. Advances in Cryptology-CRYPTO 2001. LNCS 2139, Berlin, Heidelberg: Springer-Verlag, 2001. 213-229. [doi: 10.1007/3-540-44647-8_13].
  • 6Sahai A, Waters B. Fuzzy identity-based encryption. In: Cramer R, ed. Advances in Cryptology-EUROCRYPT 2005. Berlin, Heidelberg: Springer-Verlag, 2005. 457-473.
  • 7Goyal V, Pandey O, Sahai A, Waters B. Attribute-Based encryption for fine-grained access control of encrypted data. In: Proc. of the 13th ACM Conf. on Computer and Communications Security. New York: ACM Press, 2006. 89-98. [doi: 10.1145/1180405. 1180418].
  • 8Yu SC, Ren K, Lou WJ. Attribute-Based content distribution with hidden policy. In: Proc. of the 4th Workshop on Secure Network Protocols (NPSec). Orlando: IEEE Computer Society, 2008.39-44. [doi: 10.1109/NPSEC.2008.4664879].
  • 9Traynor P, Butler K, Enck W, Mcdaniel P. Realizing massive-scale conditional access systems through attribute-based cryptosystems. In: Proc. of the 15th Annual Network and Distributed System Security Symp. (NDSS 2008). San Diego: USENIX Association, 2008.1-13.
  • 10Cheung L, Newport C. Provably secure ciphertext policy ABE. In: Proc. of the ACM Conf. on Computer and Communications Security. New York: ACM Press, 2007.456-465. [doi: 10.1145/1315245.1315302].

共引文献119

同被引文献17

引证文献2

二级引证文献2

计算机科学
2016年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部