摘要
属性加密是在云环境下实现细粒度访问控制的有效工具,但同类方案并未较好地解决数据所有者的隐私保护和解密权限临时授权问题。文章将属性代理重加密技术与Nishide等的属性加密方案相结合,提出同时支持访问策略隐藏和解密权限临时授权的密文策略属性加密方案。此外,文章利用新方案解决了医疗云环境下属性访问控制系统的构造问题。安全性分析表明,新的属性加密方案并未破坏底层方案的安全性,而且不会向代理服务器泄露数据所有者的解密私钥。
Attribute-based encryption(ABE)is an effective tool for fine-grained access control in cloud environments.Nevertheless,existing schemes do not address the problems of users’privacy protection and temporary decryption authorization well.By incorporating the technique of attribute-based proxy re-encryption with Nishide et al.’s ABE,the paper proposes a ciphertext-policy ABE that supports both access policy hiding and temporary decryption authorization.Additionally,the new scheme can help to construct an attribute-based access control system oriented to a healthcare cloud environment.Security analysis shows that the new scheme does not compromise the security of the underlying scheme and does not disclose the data owner’s decryption key to proxy servers.
作者
王思雨
邢玉杰
李超会
贾萍
柳欣
Wang Siyu;Xing Yujie;Li Chaohui;Jia Ping;Liu Xin(School of Information Engineering,Shandong Youth University of Political Science,Jinan 250013,China;New Technology Research and Development Center of Intelligent Information Controlling in Universities of Shandong,Jinan 250103,China;Smart Healthcare Big Data Engineering and Ubiquitous Computing Characteristic Laboratory in Universities of Shandong,Jinan 250103,China)
出处
《无线互联科技》
2023年第20期165-168,共4页
Wireless Internet Technology
基金
山东青年政治学院大学生创新创业训练计划项目,项目名称:医疗云环境下的可问责属性访问控制系统设计,项目编号:S2023142771109
山东省本科教学改革研究项目,项目名称:融合“两性一度”理念的实践课程混合式教学改革研究——以“单片机原理与应用”课程为例,项目编号:M2022246
山东青年政治学院教学成果奖培育项目,项目名称:面向计科专业创新能力培养的算法系列课程群“3+1”教学模式研究与实践,项目编号:CGPY202208。
关键词
隐私保护
属性加密
代理重加密
属性访问控制
privacy protection
attribute-based encryption
proxy re-encryption
attribute-based access control