摘要
命名数据网络中信息缓存技术使数据发布者和数据解耦,导致存储节点中的数据由于缺少安全控制而面临安全威胁。针对该问题提出一种基于密文策略的属性加密(CP-ABE)的访问控制方法,将改进的CP-ABE算法与对称加密算法相结合,在边缘路由器引入一个重加密模块协调访问受保护数据和实现权限撤销,同时构建哈希表兴趣包过滤机制,在半可信缓存路由器上实现了细粒度访问控制和权限撤销。实验结果表明:该方法减少了数据发布、数据请求处理的开销,同时提高了数据访问效率。
Information caching technology in NDN improves data distribution efficiency.However,information caching decouples data publishers from data.The data in the storage node is at risk due to lack of security controls.Therefore,an access control method based on CP-ABE is proposed in NDN,which combines the improved CP-ABE algorithm with symmetric encryption,and introduces a re-encryption module in the edge router for protected data access coordination and privilege revocation.At the same time,a hash table-based interest packet filtering mechanism is built,implementing fine-grained access control and privilege revocation on a semi-trusted cache router.Theoretical analysis and experimental simulation results show that the proposed method reduces the overhead of data publishing and data request processing and improves data access efficiency.
作者
吴志军
许恩中
WU Zhijun;XU Enzhong(College of Electronic Information and Automation,CAUC,Tianjin 300300,China)
出处
《中国民航大学学报》
CAS
2020年第2期18-23,共6页
Journal of Civil Aviation University of China
基金
国家自然科学基金项目(61601467)
天津市自然科学基金项目(17JCZDJC30900)
中央高校基本科研业务费专项(3122018D007)。
