摘要
为了解决开放云计算环境下用户属性变化导致的用户权限撤销及变更问题,提出一种基于代理重加密和密钥分割技术的属性基代理重加密方案,该方案支持用户权限的即时撤销,当发生用户撤销时,只需要更新云存储服务器中的密文组件以及代理服务器中未撤销用户的属性无关私钥组件.当发生用户属性撤销时,只需更新用户属性撤销列表,解密时根据用户属性撤销列表控制撤销属性用户的访问,可减少密文更新和用户私钥更新的计算量,提高系统撤销用户权限的执行效率,保护用户属性的隐私信息.
In order to solve the problem of user authorization revocation caused by user attributes change in open cloud computing environment,an attribute-based proxy re-encryption scheme based on proxy reencryption and key segmentation is proposed. Instant revocation of user authorization is supported in the scheme. When user revocation occurs,it is only necessary to update the ciphertext component in the cloud storage server and unrevoked users' attribute independence private key component in the proxy server. When the user attribute revocation occurs,it is necessary to update the user attribute revocation list from which the user authorization can be limited. Then the workload of updating ciphertext and the user private key is lessen to improve the execution efficiency of re-encryption and access control scheme,at the same time,the privacy information of user attributes are protected.
作者
陈红松
沈强磊
CHEN Hong-song;SHEN Qiang-lei(School of Computer and Communication Engineering,University of Science and Technology Beijing,Beijing 100083,China;Beijing Key Laboratory of Knowledge Engineering for Materials Science,Beijing 100083,China)
出处
《北京邮电大学学报》
EI
CAS
CSCD
北大核心
2018年第3期113-118,共6页
Journal of Beijing University of Posts and Telecommunications
基金
中央高校基本科研业务费专项项目(FRF-GF-17-B27)
关键词
属性基加密
用户-属性撤销
访问控制
代理重加密
attribute-based encryption
user-attribute revocation
access control
proxy re-encryption
