摘要
有越来越多的用户选择云为其进行存储、运算、共享等数据处理工作,因此云端数据量与日俱增,其中不乏敏感数据和隐私信息.如何对用户托管于云端的数据进行授权管理,保证数据机密性、访问授权有效性等至关重要.为此,提出一种基于代理重加密(proxy re-encryption,简称PRE)的云端数据访问授权的确定性更新方案(proxy re-encryption based assured update scheme of authorization,简称PAUA).首先将提出PAUA方案的前提假设和目标,其次论述系统模型和算法,最后对PAUA进行讨论和分析.PAUA方案将减轻用户在数据共享时的计算量,同时将重加密密钥进行分割管理,实现授权变更时,密钥的确定性更新.
More and more people select cloud as an important tool for data storing, processing and sharing, as a result, the data in cloud increases rapidly, including some sensitive and privacy information. It is a vital problem to manage the authorizations of hosted data in cloud for confidentiality and effectiveness of access control. This study proposes a proxy re-encryption based assured update scheme of authorization for cloud data(PAUA) in light to solve the above mentioned problem. Firstly, the aims and assumptions of PAUA are given. Secondly, the system model and algorithm are shown. Finally, the comparisons with PAUA and the current status are carried out. The PAUA reduces the encryption and decryption work of personal users. Meanwhile, it ensures the permission updating by dividing the parameters of re-encryption key generation.
作者
苏铓
吴槟
付安民
俞研
张功萱
SU Mang;WU Bin;FU An-Min;YU Yan;ZHANG Gong-Xuan(School of Computer Science and Engineering,Nanjing University of Science and Technology,Nanjing 210094,China;State Key Laboratory of Information Security(Institute of Information Engineering,Chinese Academy of Sciences),Beijing 100093,China;School of Cyber Security,University of Chinese Academy of Sciences,Beijing 100049,China)
出处
《软件学报》
EI
CSCD
北大核心
2020年第5期1563-1572,共10页
Journal of Software
基金
国家自然科学基金(61702266,61572255)
江苏省自然科学基金(BK20150787,BK20141404)
赛尔网络下一代互联网技术创新项目(NGII20170404)。
关键词
代理重加密
确定性更新
密文访问控制
授权管理
云计算
proxy re-encryption
assured update
cipher text access control
authorization management
cloud computing
