摘要
为解决现有研究中用户权限分类的云存储数据共享的研究少,且已存研究算法复杂、通信开销大、安全漏洞多等问题,提出一种去中心化的用户自定义读写权限的数据安全共享方案.本文采用密文政策的基于属性的加密算法与短群签名相结合,使数据拥有者自定义只读用户和修改用户的属性条件,并将条件绑定密文托管至云服务器中,使得符合条件的用户能够自行解密数据.实验结果表明,所提云数据共享方案保证数据读写机密性,算法简单、计算量通信量小、参数少、签名长度短并且能弥补同类方案的安全漏洞.
In order to solve complex algorithm,huge communication overheads,and security loopholes for CP-ABE-based data sharing scheme problem,a decentralized data sharing system was proposed to custom read and write permissions.The CP-ABE(ciphertext policy-attribute based encryption)algorithm was combined with BLS signature algorithm for the data owner to define read or write strategy of users freely and bind the strategy with ciphertexts,making the matched user decrypt the ciphertexts personally.Experiment results show that,the data sharing scheme can outperform another in computation and communication overheads,number of system parameters,signatures length,and security level.
作者
胡奥婷
胡爱群
HU Ao-ting;HU Ai-qun(School of Cyberspace Security,Southeast University,Nanjing,Jiangsu 210096,China)
出处
《北京理工大学学报》
EI
CAS
CSCD
北大核心
2019年第7期719-724,共6页
Transactions of Beijing Institute of Technology
基金
国家自然科学基金资助项目(61571110)
关键词
基于属性加密
数据共享
云存储安全
云计算
attribute-based encryption
data sharing
cloud storage security
cloud computing
