计算机科学 ›› 2016, Vol. 43 ›› Issue (9): 165-168.doi: 10.11896/j.issn.1002-137X.2016.09.032
印凯泽,汪海航
YIN Kai-ze and WANG Hai-hang
摘要: 针对将单个云内基于密文策略属性基加密(CP-ABE)的访问控制机制应用到多云存储系统中时遇到的策略冲突问题,设计了一个属性映射机制,通过扩展CP-ABE机制,提出了一个适用于多云存储系统的访问控制模型。这里的映射机制主要针对CP-ABE的树形访问结构以及其支持的属性值类型。最后,详细描述了该模型的框架及工作流程,通过构建一个简单的原型系统验证了该模型的有效性,同时对该原型系统进行了性能分析。该模型的提出对于多云存储系统的访问控制研究具有理论价值和实际意义。
| [1] SNIA Technical Position.Cloud data management interface (cdmi) v1.0.2 [EB/OL].[2015-11-13].http://snia.org/sites/default/files/CDMI%20v1.0.2.pdf [2] Sahai B J A,Waters B.Ciphertext-policy attribute-based encryption [C]∥Proceedings of the 28th IEEE Symposium on Security and Privacy.Piscataway:IEEE,2007:321-334 [3] Cloudfuze [EB/OL].[2015-11-13].http://www.cloudfuze.com [4] Livenson I,Erwin L.Towards transparent integration of heterogeneous cloud storage platforms [C]∥Proceedings of the 4th International Workshop on Data-intensive Distributed Computing.New York:ACM,2011:27-34 [5] Bethencourt J,Sahai A,Waters B.The cpabe toolkit [EB/OL].[2015-11-13].http://acsc.csl.sri.com/cpabe [6] Wang G,Liu Q,Wu J.Hierarchical attribute-based encryptionfor fine-grained access control in cloud storage services [C]∥Proceedings of the 17th ACM Conference on Computer and Communications Security.Chicago:ACM,2010:735-737 [7] Wan Z,Liu J E,Deng R H.HASBE:a hierarchical attribute-based solution for flexible and scalable access control in cloud computing [J].Information Forensics and Security,2012,7(2):743-754 [8] Li M,Yu S,Ren K,et al.Securing personal health records incloud computing:Patient-centric and fine-grained data access control in multi-owner settings [M]∥Security and Privacy in Communication Networks.Berlin:Springer,2010:89-106 [9] Barua M,Liang X,Lu R,et al.ESPAC:Enabling Security and Patient-centric Access Control for eHealth in cloud computing [J].International Journal of Security and Networks,2011,6(2/3):67-76 [10] Yin K Z,Wang H H.A cloud storage system with fine-grained access control and low storage space overhead [J].Journal of Computer Applications,2015,35(12):3413-3418(in Chinese) 印凯泽,汪海航.具有细粒度访问控制和低存储空间开销的云存储系统[J].计算机应用,2015,35(12):3413-3418 [11] Doan A H,Madhavan J,Domingos P,et al.Learning to map between ontologies on the semantic web [C]∥Proceedings of the 11th International Conference on World Wide Web.Honolulu:ACM,2002:662-673 [12] Wiederhold G.An algebra for ontology composition [C]∥Pro-ceedings of 1994 Monterey Workshop on Formal Methods.Monterey,1994,56:61 [13] Borthakur D.The hadoop distributed file system:architectureand design [EB/OL].[2015-12-15].http://hadoop.apache.org/docs/r1.2.1/hdfs_design.html [14] Noessner J,Niepert M.CODI:Combinatorial Optimization forData Integration-Results for OAEI 2010 [C]∥Proceedings of the 5th International Workshop on Ontology Matching.Shanghai,2010:142-149 [15] Enterprise Ontology [EB/OL].[2016-04-25].http://www.aiai.ed.ac.uk/project/enterprise/enterprise/ontology.html |
| No related articles found! |
|
||
首页