云存储平台下基于属性的数据库访问控制策略

doi:10.11896/j.issn.1002-137X.2016.03.032

Abstract

Abstract: Cloud storage becomes more and more popular in large scale Database’s data store recently because it has features as low-cost,high efficiency,easy-to-use.To shift database from local to cloud storage server is still facing many challenges,especially in access control of database.We designed a “Weight Cipertext-Policy Attribute-Based Encryption” (WCPABE) scheme and proposed a database access control policy based on WCPABE under the cloud storage platform.Through introducing the concept of attribute weight,WCPABE can dynamically reflect each property’s important degrees in database and enhance the ability for database access control.We proposed three kinds of access control strategies based on WCPABE,and proposed WCPABE’s database encryption model in cloud storage platform and achieved effective and safe access control for database,enhancing database security and solving users’ private key problem in distribution and management.Experimental results show that WCPABE has feasibility and effectiveness and the database owner has more diversified means of enhancing security of the database under cloud storage platform.

Key words: Database security,Attribute-based encryption,Access control,Cloud storage

HUANG Bao-hua, JIA Feng-wei and WANG Tian-jing. Database Access Control Policy Based on Attribute in Cloud Storage Platform[J].Computer Science, 2016, 43(3): 167-173.

References

[1] Krutz R L,Vines R D.Cloud security:a comprehensive guide to secure cloud computing[M].Indianapolis,IN:Wiley Publishing,2010:358
[2] Toosi A N,Calheiros R N,Rajkumar B.Interconnected cloud computing environments:challenges,taxonomy,and survey[J].ACM Computing Surveys,2014,47(1):1-47
[3] Zhu Qin,Yu Shou-jian,Le Jia-jin,et al.Research on Security Mechanisms of Outsourced Database[J].Computer Science,2007,34(2):152-156(in Chinese) 朱勤,于守健,乐嘉锦,等.外包数据库系统安全机制研究[J].计算机科学,2007,34(2):152-156
[4] Sahai A,Waters B.Fuzzy Identity-Based encryption [M]∥Advance in Cryptology-EUROCRYPT 2005.Berlin,Germany:Springer-Verlag,2005:557-557
[5] Boneh D,Boyen X.Efficient selective Identity-Based encryption without random oracles[J].J.Cryptology,2011,24(4):659-693
[6] Boneh D,Boyen X.Efficient Selective-ID secure Identity-Based encryption without random oracles[M]∥ Advances in Cryptology-EUROCRYTP 2004.Switzerland:Springer Berlin Heidelberg,2004:223-238
[7] Boneh D,Franklin M.Identity-Based encryption from the weil pairing[J].SIAM Journal on Computing,2003,32(3):586-615
[8] Backes M,Gagn M,Thyagarajan S A K.Fully secure Inner-Product proxy Re-Encryption with constant size ciphertext[C]∥SCC’15.Singapore:ACM,2015:31-40
[9] Goyal V,Pandey O,Amit S,et al.Attribute-Based encryption for fine-grained access control of encrypted data[C]∥13th ACM Conference on Computer and Communications Security.Alexandria,VA,United states:ACM,2006:89-98
[10] Bethencourt J,Amit S,Brent W.Ciphertext-policy attribute-based encryption[C]∥ IEEE Symposium on Security and Privacy,2007(SP ’07).Berkeley,CA,United states,2007:321-334
[11] Cheung L,Newport C.Provably secure ciphertext policy ABE[C]∥14th ACM Conference on Computer and Communications Security.Alexandria,Virginia,USA:ACM,2007:456-465
[12] Khader D.Attribute based search in encrypted data[C]∥2014 ACM Workshop on Information Sharing and Colla.Scottsdale,AZ,United States:ACM,2014:31-40
[13] Chase M,Chow S M.Improving privacy and security in multi-authority attribute-based encryption[C]∥16th ACM Confe-rence on Computer and Communications.Chicago,IL,United States:ACM,2009:121-130
[14] De Caro A,Vincenzo I.Jpbc:Java pairing based cryptography[C]∥2011 IEEE Symposium on Computer and Communications.Kerkyra,Corfu,Greece,2011:850-855

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed

Comments

Recommended 0

No Suggested Reading articles found!

Database Access Control Policy Based on Attribute in Cloud Storage Platform

PDF (PC)

Abstract

Cite this article

share this article

References

Related Articles 0

Metrics

Comments

Recommended 0