摘要
针对当前电子文件传播过程中无法控制他人使用时间的弊端,提出一种基于生命周期控制的电子文件安全删除方案:首先使用对称密钥加密原始文件获得密文文件,对称密钥与生命周期信息组合生成文件头并使用公钥加密获得文件头密文,文件头密文与密文文件封装成电子文件安全删除对象(Electronic File Assured Deletion Object,FAO)后可通过存储到云服务器、社交网络或直接发送给授权用户等多种方式对其进行安全共享.授权用户在非生命周期内无法访问FAO,并且当文件过期后,系统调用数据擦除程序对FAO进行永久删除,从而达到控制文件生命周期及安全删除的效果.实验分析表明该方案能有效删除过期的FAO,具有较低的开销,并能够控制电子文件生命周期,有效保障电子文件的隐私安全.
In order to control an electronic file's life time and delete safely when it's expired, a assured deletion scheme for electronic files based on life cycle control was proposed in this paper. In this security scheme, the file was first encrypted symmetrically by a symmetric key to obtain primitive ciphertext, then the symmetric key was encapsulated into a file header with the life time informa- tion, and this file header was encrypted by a public key to obtain the final file header. At last, the ciphertext and the final file header were encapsulated into the electronic file assured deletion object ( FAO} so that the file owner can share it through the cloud server, social network or directly send to authorized users. The authorized users can only access the FAO during the life time. After this life period, the system will permanently delete the FAO. The experiments show that this scheme can effectively remove the expired FAO, and has low performance overhead. Not only that it can control the electronic file's life time, but it can effectively ensure the privacy of electronic file.
出处
《小型微型计算机系统》
CSCD
北大核心
2016年第5期1091-1096,共6页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(61370078
61402109)资助
福建省自然科学基金项目(2015J05120)资助
福建省教育厅科研项目(JB14034
JA14091)资助
福建省高校杰出青年科研人才计划
关键词
安全删除
生命周期
隐私保护
数据加密
安全共享
safe deletion
life time
privacy protection
data encryption
security sharing
