摘要
提出一种时间约束条件下的分层访问控制方案.根据用户对感知节点资源的访问控制需求,充分考虑感知节点计算、存储能力受限且节点数海量的特点,从用户掌握密钥数、密钥获取时间和产生公共信息数3方面进行优化设计,以实现高效、安全的分层访问控制.与现有其他方案对比,该方案的优势在于:1)用户对大量感知节点资源进行的一次访问,仅需要掌握单个密钥材料;2)通过优化设计,使用户访问节点资源密钥的获取时间与产生的公共信息数达到最佳平衡;3)提出的方案是可证明安全的.
In order to realize an effective access control of sensitive data captured by sensor nodes,researchers have made great achievements on secure and efficient hierarchical access control to satisfy the features of widespread distribution,large universe,limited computation and storage capacity of sensor nodes in ubiquitous sensing network.However,time is the main factor that makes the requirements of hierarchical access control scheme in ubiquitous sensing network different from that in traditional Internet networks,leading to the limited actual application scenario.According to the users'requirement on the nodes for gathering resources,an efficient and secure time-bound hierarchical access control scheme is presented in this paper.Based on the characteristics of perception node in ubiquitous sensing network,including the limited power and computation capability,as well as the storage resource,the scheme optimizes the key storage of user,key derivation time,and public information.The advantages of our scheme include that 1)only one key material is required in each users'access;2)the balance can be achieved between the time for key acquisition and the amount of public information and 3)the scheme is provably secure without random oracle model.Theoretical analysis indicates that our proposed schedule adapts to user'access control requirement of ubiquitous sensing network.
出处
《计算机研究与发展》
EI
CSCD
北大核心
2017年第2期328-337,共10页
Journal of Computer Research and Development
基金
长江学者和创新团队发展计划基金项目(IRT1078)
中央高校基本科研业务费专项资金项目(JY10000903001)
国家自然科学基金项目(61602515)
河南省科技攻关项目(2016170162)
信息保障重点实验室开放课题(KJ-15-103)~~
关键词
时间约束
树重心
分层访问控制
泛在感知
密钥获取
time-bound
centroid of tree
hierarchical access control
ubiquitous sensing
key derivation
