摘要
随着互联网技术的飞速发展,数据隐私安全受到了广泛关注。医疗行业与人们生活息息相关,医疗信息系统中存储着大量有价值且涉及患者隐私的数据,而属性基加密技术是解决细粒度一对多访问控制加密问题非常好的方法。但当前的属性基加密技术尚存在一些问题,如密文访问策略暴露、解密效率低下等。因此,提出一个支持访问策略隐藏和高效解密的属性基加密访问控制模型(HO-CP-ABE),基于LSSS线性秘密共享对访问策略进行隐藏,以保证密文访问策略隐私安全。同时引入外包解密技术,将大部分解密任务交给云服务器,以缓解用户端的计算压力。在性能分析中对比传统方案,该方案不仅提升了密文数据存储的安全性,而且成功使用户端的解密开销降低到恒定水平,有效提升了系统整体效率。
Nowadays,with the rapid development of Internet technology,data privacy security is widely concerned.The medical industry is closely related to people′s lives,and a large amount of valuable and private patient data is stored in medical information systems,and attribute-based encryption is a very good solution to the problem of fine-grained one-to-many access control encryption.However,there are some issues with current attribute-based encryption techniques,such as exposed ciphertext access policy and inefficient decryption.Therefore,this paper proposes an attribute-based encryption access control model(HO-CP-ABE)that supports access policy hiding and efficient decryption,which addresses the current problem of hiding access policy based on LSSS linear secret sharing to ensure ciphertext access policy privacy and security,and introduces outsourcing decryption technology to give most of the decryption tasks to cloud servers to relieve the computing pressure on the user side.In the performance analysis,compared with traditional solutions,this solution not only improves the security of ciphertext data storage,but also successfully reduces the user decryption overhead to a constant level,which effectively improving the overall system efficiency.
作者
董涵宁
张伟
DONG Hanning;ZHANG Wei(School of Computer Science,Beijing Information Science&Technology University;Beijing Advanced Innovation Center for Fu-ture Blockchain and Privacy Computing,Beijing Information Science&Technology University,Beijing 100101,China)
出处
《软件导刊》
2024年第5期108-113,共6页
Software Guide
基金
国家重大研发计划项目(2022YFC3320900)。
关键词
属性基加密
访问控制
隐私保护
策略隐藏
外包解密
attribute-based encryption
access control
privacy protection
policy hiding
outsourcing decryption