摘要
云存储作为一种新兴的网络存储技术,其优点得到了广大用户的关注与认可。然而,频繁暴露的各大云盘隐私泄露等安全问题严重阻碍了云存储服务的应用与发展。文章提出了一种基于属性加密且支持密文检索的安全云存储系统。用户首先从可信中心申请属性密钥,然后将加密的隐私数据外包给云服务器。授权用户通过属性密钥生成关键字陷门,只有授权用户的属性满足规定的访问控制树时,该授权用户才被允许通过此陷门搜索云端加密数据。为了有效管理系统内的授权用户,新系统采用重加密技术实现了系统内特定用户的废除与添加。安全性分析表明,该系统能够有效保护用户的隐私和数据安全。性能分析表明,该系统具有较高的效率。
As a new kind of network storage technologies, cloud storage gets most people's attentions. However, the privacy and security issues have seriously hindered the application and development of cloud storage service. We present a secure attribute-based encryption enabled cloud storage system with ciphertext search. The basic idea is that users first outsource encrypted private data to cloud servers, then cloud services distribute an attribute key to an authorized user. The user generates a trapdoor based on his attribute keys. Only the attributes of authorized users satisfy the access tree integrated in the ciphertext, and the authorized users are allowed to search on cloud encrypted data by the trapdoor. In order to effectively manage authorized users in the system, the idea of re-encryption is adopted to achieve the revocation and addition of the authorized user. Security analysis shows that the system can effectively protect the user*s privacy, and performance analysis indicate that the system has desirable performance.
作者
刘建华
郑晓坤
郑东
敖章衡
LIU Jianhua;ZHENG Xiaokun;ZHENG Dong;AO Zhangheng(Department of Information Center,Xi'an University of Posts and Telecommunications,Xi'an Shannxi 710121,China;School of Computer Science and Technology,Xi'an University of Posts and Telecommunications,Xfan Shannxi 710121,China;National Engineering Laboratory for Wireless Security,Xi'an University of Posts and Telecommunications,Xfan Shannxi 710121,China)
出处
《信息网络安全》
CSCD
北大核心
2019年第7期50-58,共9页
Netinfo Security
基金
国家自然科学基金[61472472]
关键词
云存储
隐私泄露
属性加密
重加密
cloud storage
privacy leakage
attribute-based encryption
re-encryption
