计算机科学 ›› 2014, Vol. 41 ›› Issue (9): 152-157.doi: 10.11896/j.issn.1002-137X.2014.09.029
陈燕俐,宋玲玲,杨庚
CHEN Yan-li,SONG Ling-ling and YANG Geng
摘要: 存储在云端服务器中的敏感数据的保密和安全访问是云计算安全研究的重要内容。提出了一种安全、高效、细粒度的云计算访问控制方案。密文的加密采用了借助线性秘密共享矩阵的CP-ABE加密算法,并将大部分密文重加密工作转移给云服务提供商执行,在保证安全性的前提下,降低了数据属主的计算代价。该方案在用户属性撤销时,引入SD广播加密技术,有效降低了撤销时的计算开销和通信开销。理论分析表明该方案具有数据机密性、抗合谋攻击性、前向安全和后向安全,最后的实验结果验证了方案具有较高的撤销效率。
[1] Yu Shu-cheng,Wang Cong,Ren Kui,et al.Achiving secure,scalable,and fine-grained data access control in cloud computing[C]∥ INFOCOM,2010 Proceedings IEEE.San Diego,CA,2010:1-9 [2] Do Jeong-min,Song You-jin,Park N.Attribute based Proxy Re-Encryption for Data Confidentiality in Cloud Computing Environments[C]∥2011 First ACIS/JNU International Conference on Computers,Networks,Systems and Industrial Engineering (CNSI).IEEE,Jeju Island,2011:248-251 [3] Wan Zhi-guo,Liu Jun’e,Deng R H.HASBE:A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing[J].IEEE Transaction on Information Forensics and Security,2012,7(2):743-754 [4] Liang Xiao-hui,Lu Rong-xing,Lin Xiao-dong,et al.Ciphertext Policy Attribute Based Encryption with Efficient Revocation[R].Technical Report,University of Waterloo,2010 [5] Sahai A,Seyalioglu H,Waters B.Dynamic Credentials and Ci-phertext Delegation for Attribute-Based Encryption[M]∥Advances in Cryptology-CRYPTO 2012.Springer Berlin Heidelberg,2012:199-217 [6] Goyal V,Pandey O,Sahai A,et al.Attribute-based encryptionfor fine-grained access control of encrypted data[C]∥Procee-dings of the 13th ACM conference on Computer and communications security.ACM,New York,NY,USA,2006:89-98 [7] Bethencourt J,Sahai A,Waters B.Ciphertext-policy attribute- based encryption[C]∥IEEE Symposium on Security and Privacy,2007(SP’07).Berkeley,CA,United states,2007:321-334 [8] Hur J,Noh D K.Attribute-based access control with efficient revocation in data outsourcing systems[J].IEEE Transaction on Parallel and Distributed Systems,2011,2(7):1214-1221 [9] Eissa T,Cho G-H.A Fine Grained Access Control and Flexible Revocation Scheme for Data Security on Public Cloud Storage Services[C]∥2012 International Conference on Cloud Computing Technologies,Applications and Management(ICCCTAM).Dubai,2012:27-33 [10] Attrapadung N,Imai H.Conjunctive broadcast and attribute-based encryption[M]∥Pairing-Based Cryptography-Pairing 2009.Springer Berlin Heidelberg,2009:248-265 [11] Waters B.Ciphertext-policy attribute-based encryption:An expressive,efficient,and provably secure realization[M]∥Public Key Cryptography-PKC 2011.Springer Berlin Heidelberg,2011:53-70 (下转第168页)(上接第157页) [12] Rafaeli S,Hutchison D.A survey of key management for secure group communication[J].ACM Computing Surveys(CSUR),2003,5(3):309-329 [13] Naor D,Naor M,Lotspiech J.Revocation and tracing schemesfor stateless receivers[M]∥Advances in Cryptology-CRYPTO 2001.Springer Berlin Heidelberg,2001:41-62 [14] Beimel A.Secure Schemes for Secret Sharing and Key Distribution[D].Israel Institute of Technology,Technion,Haifa,Israel,1996 [15] Goldreich O,Goldwasser S,Micali S.How to Construct Random Functions[J].JACM,1986,33(4):792-807 [16] Yang Kan,Jia Xiao-hua,Kui Ren.Attributed-based fine-grained access control with efficient revocation in cloud storage systems[C]∥Proceedings of the 8th ACM SIGSAC Symposium on Information,Computer and Communications Security.ACM,New York,NY,USA,2013:523-528 |
No related articles found! |
|