计算机科学 ›› 2019, Vol. 46 ›› Issue (8): 194-200.doi: 10.11896/j.issn.1002-137X.2019.08.032

• 信息安全 • 上一篇    下一篇

面向物联网搜索技术的高效访问控制方案

章园园, 秦岭   

  1. (南京工业大学计算机科学与技术学院 南京211816)
  • 收稿日期:2018-07-17 出版日期:2019-08-15 发布日期:2019-08-15
  • 通讯作者: 秦岭(1980-),男,硕士,讲师,主要研究方向为工业信息化、工业系统集成,E-mail:ql@njtech.edu.cn
  • 作者简介:章园园(1994-),女,硕士,主要研究方向为信息安全,E-mail:1427369987@qq.com

Efficient Access Control Scheme for Internet of Things Search Technology

ZHANG Yuan-yuan, QIN Ling   

  1. (School of Computer Science and Technology,Nanjing Tech University,Nanjing 211816,China)
  • Received:2018-07-17 Online:2019-08-15 Published:2019-08-15

摘要: 物联网搜索技术在日常生活中有着广泛应用,但由于物联网搜索引擎的开放性和搜索后台的不完全可信性,存储于搜索后台的信息存在严重的安全问题。针对该问题,提出一种安全、高效的支持密文搜索的属性基访问控制方案。在数据保护方面,为了确保用户属性信息和数据的安全,使用了访问策略部分隐藏和属性授权机构去中心化等方法,并且使用密文定长的方式提高算法效率和节约存储空间。同时,提出一种支持策略对比的属性撤销方案,降低了传统撤销方案中的计算复杂度,提高了重加密效率。在密文搜索方面,引入超级节点并使用混合索引的方式提高了检索效率。实验分析表明,该方案高效地解决了物联网搜索技术中的安全问题。

关键词: 访问策略部分隐藏, 密文搜索, 物联网搜索技术, 属性撤销, 属性授权机构

Abstract: Internet of Things search technology is widely used in daily life,however,due to the openness of the Internet of Things search engine and the incomplete credibility of the search center,information stored in the search background has serious security issues.This paper proposed a secure and efficient attribute-based access control scheme for suppor-ting ciphertext search to solve this problem.In terms of data protection,in order to ensure the security of user attribute information and data,access policy partial hiding and attribute authority decentralization are used.Besides,ciphertext fixed length is used to improve algorithm efficiency and save storage space.At the same time,this paper proposed an attribute revocation scheme that supports policy comparison,which can reduce the computational complexity in the traditional revocation scheme and improve the efficiency of re-encryption.In the ciphertext search,the super peer is introduced and the hybrid index is used to improve the retrieval efficiency.The analysis results show that the solution effectively solves the security problem in the Internet of Things search technology

Key words: Access strategy partially hidden, Attribute authority, Ciphertext search, Internet of Things search technology, Property revocation

中图分类号: 

  • TP393
[1]WANG J H,LIU C Y,FANG B X.A Survey of Research on Data Privacy Protection for Internet of Things Search[J].Journal of Communications,2016,37(9):142-153.(in Chinese) 王佳慧,刘川意,方滨兴.面向物联网搜索的数据隐私保护研究综述[J].通信学报,2016,37(9):142-153.
[2]GORLATYKH A,ZAPECHNIKOV S.Building access tree for attribute-based encryption schemes over multidimensional data objects[C]∥IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering.IEEE,2018:1496-1499.
[3]CANARD S,PHAN D H,TRINH V C.Attribute-based broadcast encryption scheme for lightweight devices[J].IET Information Security,2018,12(1):52-59.
[4]LUAN I,PETKOVIC M,NIKOVA S,et al.Mediated Ciphertext-Policy Attribute-Based Encryption and Its Application[C]∥Information Security Applications,International Workshop.Wisa 2009,2009.
[5]YANG F,YUAN Q,DU S,et al.Reserving relief supplies for earthquake:a multi-attribute decision making of China Red Cross[J].Annals of Operations Research,2016,247(2):759-785.
[6]EWENIKE S,BENKHELIFA E,CHIBELUSHI C.Cloud Based Collaborative Software Development:A Review,Gap Analysis and Future Directions[C]∥IEEE/ACS,International Confe-rence on Computer Systems and Applications.IEEE,2018:901-909.
[7]WANG S,ZHOU J,LIU J K,et al.An Efficient File Hierarchy Attribute-Based Encryption Scheme in Cloud Computing[J].IEEE Transactions on Information Forensics & Security,2017,11(6):1265-1277.
[8]XU X,ZHANG Q,ZHOU J.NC-MACPABE:Non-centered multi-authority proxy re-encryption based on CP-ABE for cloud storage systems[J].Journal of Central South University,2017,24(4):807-818.
[9]GAO W,WANG G,CHEN K,et al.Efficient identity-based threshold decryption scheme from bilinear pairings[J].Frontiers of Computer Science,2018,12(2):1-13.
[10]GUO F,MU Y,SUSILO W,et al.Optimized Identity-Based Encryption from Bilinear Pairing for Lightweight Devices[J].IEEE Transactions on Dependable & Secure Computing,2017,14(2):211-220.
[11]MALLUHI Q M,TRINH V C.A Ciphertext-Policy Attribute-based Encryption Scheme with Optimized Ciphertext Size And Fast Decryption[C]∥ACM on Asia Conference on Computer and Communications Security.ACM,2017:230-240.
[12]ZIRTOL K A,NOROOZI M,ESLAMI Z.Multi-user searchable encryption scheme with general access structure[C]∥International Conference on Knowledge-Based Engineering and Innovation.IEEE,2016:399-404.
[13]MEI Z,ZHU H,CUI Z,et al.Executing multi-dimensional range query efficiently and flexibly over outsourced ciphertexts in the cloud[J].Information Sciences,2018,432(1):79-96.
[14]LIN S,ZHANG R,MA H,et al.Revisiting Attribute-Based Encryption With Verifiable Outsourced Decryption[J].IEEE Transactions on Information Forensics & Security,2017,10(10):2119-2130.
[15]WANG N,FU J,BHARGAVA B K,et al.Efficient Retrieval over Documents Encrypted by Attributes in Cloud Computing[J].IEEE Transactions on Information Forensics and Security,2018,13(10):2653-2667.
[16]FAN K,WANG X,SUTO K,et al.Secure and Efficient Privacy-Preserving Ciphertext Retrieval in Connected Vehicular Cloud Computing[J].IEEE Network,2018,32(3):52-57.
[17]MA H,ZHANG R,WAN Z,et al.Verifiable and Exculpable Outsourced Attribute-Based Encryption for Access Control in Cloud Computing[J].IEEE Transactions on Dependable & Secure Computing,2017,14(6):679-692.
[18]YAN X X,LIU Y,LI Z C,et al.Multi-attribute attribute-based encryption scheme supporting dynamic update of policies[J].Journal of Communications,2017,38(10):94-101.(in Chinese) 闫玺玺,刘媛,李子臣,等.支持策略动态更新的多机构属性基加密方案[J].通信学报,2017,38(10):94-101.
[19]CHI P W,LEI C L.Audit-Free Cloud Storage via Deniable Attribute-based Encryption[J].IEEE Transactions on Cloud Computing,2018,6(2):414-427.
[20]HAN J,YANG Y,LIU J K,et al.Expressive attribute-based keyword search with constant-size ciphertext[J].Soft Computing,2018,22(15):5163-5177.
[1] 乔毛,秦岭.
云存储服务中一种高效属性撤销的AB-ACCS方案
AB-ACCS Scheme for Revocation of Efficient Attributes in Cloud Storage Services
计算机科学, 2019, 46(7): 96-101. https://doi.org/10.11896/j.issn.1002-137X.2019.07.015
[2] 江泽涛,黄锦,胡硕,徐智.
云计算下可撤销的全外包CP-ABE方案
Fully-outsourcing CP-ABE Scheme with Revocation in Cloud Computing
计算机科学, 2019, 46(7): 114-119. https://doi.org/10.11896/j.issn.1002-137X.2019.07.018
[3] 刘胜杰, 王静.
云环境下SNS隐私保护方案
Privacy Preserving Scheme for SNS in Cloud Environment
计算机科学, 2019, 46(2): 133-138. https://doi.org/10.11896/j.issn.1002-137X.2019.02.021
[4] 王静, 司书建.
面向脑机接口技术的属性可撤销访问控制方案
Attribute Revocable Access Control Scheme for Brain-Computer Interface Technology
计算机科学, 2018, 45(9): 187-194. https://doi.org/10.11896/j.issn.1002-137X.2018.09.031
[5] 张光华, 刘会梦, 陈振国.
云计算环境下基于属性的撤销方案
Attribute-based Revocation Scheme in Cloud Computing Environment
计算机科学, 2018, 45(8): 134-140. https://doi.org/10.11896/j.issn.1002-137X.2018.08.024
[6] 张柄虹,张串绒,焦和平,张欣威.
一种属性可撤销的安全云存储模型
Secure Model of Cloud Storage Supporting Attribute Revocation
计算机科学, 2015, 42(7): 210-215. https://doi.org/10.11896/j.issn.1002-137X.2015.07.046
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!