Privacy Protection Based Access Control Scheme in Cloud-Based Services 被引量：3

Privacy Protection Based Access Control Scheme in Cloud-Based Services

下载PDF

导出

摘要 With the rapid development of computer technology, cloud-based services have become a hot topic. They not only provide users with convenience, but also bring many security issues, such as data sharing and privacy issue. In this paper, we present an access control system with privilege separation based on privacy protection(PS-ACS). In the PS-ACS scheme, we divide users into private domain(PRD) and public domain(PUD) logically. In PRD, to achieve read access permission and write access permission, we adopt the Key-Aggregate Encryption(KAE) and the Improved Attribute-based Signature(IABS) respectively. In PUD, we construct a new multi-authority ciphertext policy attribute-based encryption(CP-ABE) scheme with efficient decryption to avoid the issues of single point of failure and complicated key distribution, and design an efficient attribute revocation method for it. The analysis and simulation result show that our scheme is feasible and superior to protect users' privacy in cloud-based services. With the rapid development of computer technology, cloud-based services have become a hot topic. They not only provide users with convenience, but also bring many security issues, such as data sharing and privacy issue. In this paper, we present an access control system with privilege separation based on privacy protection（PS-ACS）. In the PS-ACS scheme, we divide users into private domain（PRD） and public domain（PUD） logically. In PRD, to achieve read access permission and write access permission, we adopt the Key-Aggregate Encryption（KAE） and the Improved Attribute-based Signature（IABS） respectively. In PUD, we construct a new multi-authority ciphertext policy attribute-based encryption（CP-ABE） scheme with efficient decryption to avoid the issues of single point of failure and complicated key distribution, and design an efficient attribute revocation method for it. The analysis and simulation result show that our scheme is feasible and superior to protect users＇ privacy in cloud-based services.

作者 Kai Fan Qiong Tian Junxiong Wang Hui Li Yintang Yang

机构地区 State Key Laboratory of Integrated Service Networks Key Lab.of the Minist.of Educ.for Wide Band-Gap Semiconductor Materials and Devices

出处《China Communications》 SCIE CSCD 2017年第1期61-71,共11页 中国通信（英文版）

基金 financially supported by the National Natural Science Foundation of China(No.61303216,No.61272457,No.U1401251,and No.61373172) the National High Technology Research and Development Program of China(863 Program)(No.2012AA013102) National 111 Program of China B16037 and B08038

关键词 access control data sharing privacy protection cloud-based services access control data sharing privacy protection cloud-based services

分类号 TP309 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献1

1陈丹伟,邵菊,樊晓唯,陈林铃,何利文.基于MAH-ABE的云计算隐私保护访问控制[J].电子学报,2014,42(4):821-827. 被引量：16

二级参考文献11

1Sabai A, Waters B. Fuzzy identity-based encryption [ A]. Pro- ceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques [ C ]. Berlin Heidelberg: Springer,2005.457 - 473.
2Goyal Pandey O, Sabai A, et al. Attribute based encryption for" fine-grained access control of encrypted data [ A]. Proceedings of ACM Conference on Computer and Communications Securi- ty [ C] .Alexandria, Virginia, USA: ACM,2006.89 - 98.
3Bethencourt J, Sahai A, Waters B. Ciphertext-policy aUribute- based encryption [ A]. IEEE Symposium on Security and Priva- cy( SP' 07) [ C ]. Berkeley, California, USA: IEEE, 2007.321 - 334.
4Melissa Chase. Multi-authorityattribute based encryption [ A ]. Proceedings of the 4th Theory of Cryptography Conference L C]. Berlin Heidelberg: Springer, 2007.515 - 534.
5Wang G, Liu Q, Wu J. Hierarchical attribute-based encryption for fine-grained access control in cloud storage services E A]. Proceedings of ACM CCS Computer and Communications Se- curity [C].New York,USA:ACM,2010.735- 737.
6Bobba R, Khurana H, Prabhakaran M. Attribute-sets: A practi- cally motivated enhancement to auribute-based encryption [ A ]. Proceedings of ESORICS [ C ]. Berlin Heidelberg: Springer, 2009.587 - 604.
7Li Ming, Yu Shu-cheng,Zlaeng Yao. Scalable andsecure shar- ing of personal health records in cloud computing using at- tribute-based encryption [ J ]. IEEE. Transactions on Parallel and Distributed System,2012,24( 1 ) : 131 - 143.
8冯登国,张敏,张妍,徐震.云计算安全研究[J].软件学报,2011,22(1):71-83. 被引量：1072
9孙国梓,董宇,李云.基于CP-ABE算法的云存储数据访问控制[J].通信学报,2011,32(7):146-152. 被引量：64
10孙昌霞,马文平,陈和风.可证明安全的无中心授权的多授权属性签名[J].电子科技大学学报,2012,41(4):552-556. 被引量：4

共引文献15

1冯朝胜,秦志光,袁丁,卿昱.云计算环境下访问控制关键技术[J].电子学报,2015,43(2):312-319. 被引量：53
2王树兰,喻建平,张鹏,王廷.云计算中一种紧凑型的外包访问控制方案[J].信号处理,2015,31(10):1224-1232. 被引量：3
3张秀玉.异构服务聚合的协同访问控制算法研究[J].四川大学学报（自然科学版）,2015,52(6):1277-1284. 被引量：2
4李作辉,杨梦梦,陈性元.自适应安全与属性可重复的多授权机构ABE方案[J].计算机工程,2015,41(12):21-25. 被引量：2
5付楠,余荣威,王丽娜,刘维杰,鞠瑞,宋衍.虚拟化架构下管理域安全增强方法[J].武汉大学学报（理学版）,2016,62(3):218-224.
6李作辉,陈性元.多授权机构属性基加密方案研究与应用[J].计算机工程与设计,2016,37(8):1981-1985.
7杜瑞祥,鲜明,谷俊,陈恬.公有云安全风险分析及应对技术[J].网络空间安全,2016,7(7):67-72. 被引量：2
8严新成,陈越,翟雨畅,兰巨龙,黄恺翔.一种高效的CP-ABE云数据访问控制方案[J].小型微型计算机系统,2016,37(10):2155-2161. 被引量：2
9朱顺痣,黄亮,周长利,马樱.一种基于兴趣点分布的匿名框KNN查询方法[J].电子学报,2016,44(10):2423-2431. 被引量：3
10Bilin Shao,Genqing Bian,Xirui Quan,Zhixian Wang.Research of Privacy Preservation Method Based on Data Coloring[J].China Communications,2016,13(10):181-197. 被引量：1

同被引文献5

1吕志泉,洪澄,张敏,冯登国,陈开渠.面向社交网络的隐私保护方案[J].通信学报,2014,35(8):23-32. 被引量：14
2陈燕俐,宋玲玲,杨庚.基于CP-ABE和SD的高效云计算访问控制方案[J].计算机科学,2014,41(9):152-157. 被引量：10
3ZHOU Shungan,DU Ruiying,CHEN Jing,SHEN Jian,DENG Hua,ZHANG Huanguo.FACOR：Flexible Access Control with Outsourceable Revocation in Mobile Clouds[J].China Communications,2016,13(4):136-150. 被引量：2
4Juan Wang,Yuan Shi,Guojun Peng,Huanguo Zhang,Bo Zhao,Fei Yan,Fajiang Yu,Liqiang Zhang.Survey on Key Technology Development and Application in Trusted Computing[J].China Communications,2016,13(11):70-90. 被引量：7
5Zhaofeng Ma.Digital Rights Management：Model,Technology and Application[J].China Communications,2017,14(6):156-167. 被引量：7

引证文献3

1刘胜杰,王静.云环境下SNS隐私保护方案[J].计算机科学,2019,46(2):133-138. 被引量：1
2Juan Wang,Shirong Hao,Yi Li,Zhi Hong,Fei Yan,Bo Zhao,Jing Ma,Huanguo Zhang.TVIDS: Trusted Virtual IDS With SGX[J].China Communications,2019,16(10):133-150.
3Liqiang Wu,Xiaoyuan Yang,Minqing Zhang,Longfei Liu.New Identity Based Proxy Re-Encryption Scheme from Lattices[J].China Communications,2019,16(10):174-190. 被引量：2

二级引证文献3

1邓安远,史姣丽,黄定,何凯.支持关键词隐私保护的密文共享系统[J].软件导刊,2020,19(10):228-232. 被引量：1
2Chao Wang,Yiliang Han,Xiaowei Duan,KaiYang Guo.Hierarchical Identity-Based Conditional Proxy Re-encryption Scheme Based RLWE and NTRU Variant[J].国际计算机前沿大会会议论文集,2021(2):240-259.
3李静元.基于时释性的代理重加密多用户数据共享[J].现代电子技术,2022,45(21):77-82.

1HAO Jianguo DAI Yiqi.Achieving Controllable Privacy Protection in Position Service for VANETs[J].Chinese Journal of Electronics,2011,20(3):395-400. 被引量：4
2Yan Gao Li Fu Zhenwei Zhang Shengmei Luo Ping Lu.A Case for Cloud-Based Mobile Search[J].ZTE Communications,2011,9(1):33-36.
3云端运算服务为批发电信市场带来荣景[J].中国电子商情（通信市场）,2010(5):18-18.
4Zhaoji Lin Ping Lu Shengmei Luo Feng Gao Jianyong Chen.An On-Demand Security Mechanism for Cloud-Based Telecommunications Services[J].ZTE Communications,2011,9(1):37-40. 被引量：3
5云端运算服务为批发电信市场带来繁荣[J].通讯世界,2010(10):12-12.
6BI Yuanguo,Xuemin (Sherman) SHEN,ZHAO Hai.Explicit Rate Based Transmission Control Scheme in Vehicle-to-lnfrastructure Communication Networks[J].China Communications,2014,11(1):46-59. 被引量：2
7高枫,何泾沙,吕欣,张峰.Privacy Protection through Appropriate Interaction Patterns[J].China Communications,2011,8(4):141-152.
8A.Y.Al-nahari,S.A.El-Dolil,M.I.Dessouky,F.E.Abd El-Samie.Reservation-based dynamic admission control scheme for wideband code division multiple access systems[J].Journal of Central South University,2012,19(2):393-401.
9赵宜升,纪红,陈忠辉.Admission Control Scheme for Handover Service in High-Speed Train Communication System[J].Journal of Shanghai Jiaotong university(Science),2015,20(6):670-675. 被引量：1
10罗铭,邹春华,胡军,闻英友.Concurrent Signcryption Using Bilinear Pairings for E-commerce[J].China Communications,2011,8(2):1-11.

China Communications

2017年第1期

浏览历史

内容加载中请稍等...