摘要
【目的】云端存储数据的安全性是用户使用云存储服务的重要条件,一般用户与云服务提供商之间需要相互信任,而中心化的云服务器存在单点故障问题并且云端的数据存在泄露、丢失的风险。【方法】为解决上述问题,提出了一种基于Fabric区块链的云端数据动态访问控制方案。【结果】方案利用区块链难以篡改的特性解决了用户与云端的信任问题,使用去中心化云存储解决了云服务器的单点故障问题,利用智能合约实现了方案的自动执行,并采用属性基加密的方式实现了对云端数据的动态访问控制。【结论】通过对方案的安全分析与实验验证,方案具有良好的安全性与可用性。
[Objective]The security of cloud storage is an important condition for users to use cloud storage services.Generally,mutual trust is required between users and cloud service providers,but centralized cloud servers have a single point of failure problem and cloud data has the risk of leakage and loss.[Methods]In order to solve the above problems,a dynamic access control scheme for cloud data based on Fabric blockchain is proposed.[Results]The scheme solves the trust problem between users and the cloud by using the characteristics of blockchains that are difficult to tamper with.The scheme also uses decentralized cloud storage to solve the single point of failure problem of cloud servers,uses smart contracts to realize the automatic execution of the solution,and uses attribute-based encryption to realize dynamic access control to cloud data.[Conclusions]Through the security analysis and experimental verification of the scheme,the scheme has shown good security and usability.
作者
胡睿
张功萱
寇小勇
HU Rui;ZHANG Gongxuan;KOU Xiaoyong(School of Cyber Science and Engineering,Nanjing University of Science and Technology,Nanjing,Jiangsu 210094,China;School of Computer Science and Engineering,Nanjing University of Science and Technology,Nanjing,Jiangsu 210094,China)
出处
《数据与计算发展前沿》
CSCD
2024年第1期150-161,共12页
Frontiers of Data & Computing
基金
国家自然科学基金资助项目(62272232):IaaS可信虚拟化平台构建及其工作流任务调度。
关键词
区块链
属性基加密
数据访问控制
云存储
智能合约
block chain
attribute-based encryption
data access control
cloud storage
smart contract
