计算机科学 ›› 2019, Vol. 46 ›› Issue (8): 194-200.doi: 10.11896/j.issn.1002-137X.2019.08.032
章园园, 秦岭
ZHANG Yuan-yuan, QIN Ling
摘要: 物联网搜索技术在日常生活中有着广泛应用,但由于物联网搜索引擎的开放性和搜索后台的不完全可信性,存储于搜索后台的信息存在严重的安全问题。针对该问题,提出一种安全、高效的支持密文搜索的属性基访问控制方案。在数据保护方面,为了确保用户属性信息和数据的安全,使用了访问策略部分隐藏和属性授权机构去中心化等方法,并且使用密文定长的方式提高算法效率和节约存储空间。同时,提出一种支持策略对比的属性撤销方案,降低了传统撤销方案中的计算复杂度,提高了重加密效率。在密文搜索方面,引入超级节点并使用混合索引的方式提高了检索效率。实验分析表明,该方案高效地解决了物联网搜索技术中的安全问题。
中图分类号:
[1]WANG J H,LIU C Y,FANG B X.A Survey of Research on Data Privacy Protection for Internet of Things Search[J].Journal of Communications,2016,37(9):142-153.(in Chinese) 王佳慧,刘川意,方滨兴.面向物联网搜索的数据隐私保护研究综述[J].通信学报,2016,37(9):142-153. [2]GORLATYKH A,ZAPECHNIKOV S.Building access tree for attribute-based encryption schemes over multidimensional data objects[C]∥IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering.IEEE,2018:1496-1499. [3]CANARD S,PHAN D H,TRINH V C.Attribute-based broadcast encryption scheme for lightweight devices[J].IET Information Security,2018,12(1):52-59. [4]LUAN I,PETKOVIC M,NIKOVA S,et al.Mediated Ciphertext-Policy Attribute-Based Encryption and Its Application[C]∥Information Security Applications,International Workshop.Wisa 2009,2009. [5]YANG F,YUAN Q,DU S,et al.Reserving relief supplies for earthquake:a multi-attribute decision making of China Red Cross[J].Annals of Operations Research,2016,247(2):759-785. [6]EWENIKE S,BENKHELIFA E,CHIBELUSHI C.Cloud Based Collaborative Software Development:A Review,Gap Analysis and Future Directions[C]∥IEEE/ACS,International Confe-rence on Computer Systems and Applications.IEEE,2018:901-909. [7]WANG S,ZHOU J,LIU J K,et al.An Efficient File Hierarchy Attribute-Based Encryption Scheme in Cloud Computing[J].IEEE Transactions on Information Forensics & Security,2017,11(6):1265-1277. [8]XU X,ZHANG Q,ZHOU J.NC-MACPABE:Non-centered multi-authority proxy re-encryption based on CP-ABE for cloud storage systems[J].Journal of Central South University,2017,24(4):807-818. [9]GAO W,WANG G,CHEN K,et al.Efficient identity-based threshold decryption scheme from bilinear pairings[J].Frontiers of Computer Science,2018,12(2):1-13. [10]GUO F,MU Y,SUSILO W,et al.Optimized Identity-Based Encryption from Bilinear Pairing for Lightweight Devices[J].IEEE Transactions on Dependable & Secure Computing,2017,14(2):211-220. [11]MALLUHI Q M,TRINH V C.A Ciphertext-Policy Attribute-based Encryption Scheme with Optimized Ciphertext Size And Fast Decryption[C]∥ACM on Asia Conference on Computer and Communications Security.ACM,2017:230-240. [12]ZIRTOL K A,NOROOZI M,ESLAMI Z.Multi-user searchable encryption scheme with general access structure[C]∥International Conference on Knowledge-Based Engineering and Innovation.IEEE,2016:399-404. [13]MEI Z,ZHU H,CUI Z,et al.Executing multi-dimensional range query efficiently and flexibly over outsourced ciphertexts in the cloud[J].Information Sciences,2018,432(1):79-96. [14]LIN S,ZHANG R,MA H,et al.Revisiting Attribute-Based Encryption With Verifiable Outsourced Decryption[J].IEEE Transactions on Information Forensics & Security,2017,10(10):2119-2130. [15]WANG N,FU J,BHARGAVA B K,et al.Efficient Retrieval over Documents Encrypted by Attributes in Cloud Computing[J].IEEE Transactions on Information Forensics and Security,2018,13(10):2653-2667. [16]FAN K,WANG X,SUTO K,et al.Secure and Efficient Privacy-Preserving Ciphertext Retrieval in Connected Vehicular Cloud Computing[J].IEEE Network,2018,32(3):52-57. [17]MA H,ZHANG R,WAN Z,et al.Verifiable and Exculpable Outsourced Attribute-Based Encryption for Access Control in Cloud Computing[J].IEEE Transactions on Dependable & Secure Computing,2017,14(6):679-692. [18]YAN X X,LIU Y,LI Z C,et al.Multi-attribute attribute-based encryption scheme supporting dynamic update of policies[J].Journal of Communications,2017,38(10):94-101.(in Chinese) 闫玺玺,刘媛,李子臣,等.支持策略动态更新的多机构属性基加密方案[J].通信学报,2017,38(10):94-101. [19]CHI P W,LEI C L.Audit-Free Cloud Storage via Deniable Attribute-based Encryption[J].IEEE Transactions on Cloud Computing,2018,6(2):414-427. [20]HAN J,YANG Y,LIU J K,et al.Expressive attribute-based keyword search with constant-size ciphertext[J].Soft Computing,2018,22(15):5163-5177. |
[1] | 乔毛,秦岭. 云存储服务中一种高效属性撤销的AB-ACCS方案 AB-ACCS Scheme for Revocation of Efficient Attributes in Cloud Storage Services 计算机科学, 2019, 46(7): 96-101. https://doi.org/10.11896/j.issn.1002-137X.2019.07.015 |
[2] | 江泽涛,黄锦,胡硕,徐智. 云计算下可撤销的全外包CP-ABE方案 Fully-outsourcing CP-ABE Scheme with Revocation in Cloud Computing 计算机科学, 2019, 46(7): 114-119. https://doi.org/10.11896/j.issn.1002-137X.2019.07.018 |
[3] | 刘胜杰, 王静. 云环境下SNS隐私保护方案 Privacy Preserving Scheme for SNS in Cloud Environment 计算机科学, 2019, 46(2): 133-138. https://doi.org/10.11896/j.issn.1002-137X.2019.02.021 |
[4] | 王静, 司书建. 面向脑机接口技术的属性可撤销访问控制方案 Attribute Revocable Access Control Scheme for Brain-Computer Interface Technology 计算机科学, 2018, 45(9): 187-194. https://doi.org/10.11896/j.issn.1002-137X.2018.09.031 |
[5] | 张光华, 刘会梦, 陈振国. 云计算环境下基于属性的撤销方案 Attribute-based Revocation Scheme in Cloud Computing Environment 计算机科学, 2018, 45(8): 134-140. https://doi.org/10.11896/j.issn.1002-137X.2018.08.024 |
[6] | 张柄虹,张串绒,焦和平,张欣威. 一种属性可撤销的安全云存储模型 Secure Model of Cloud Storage Supporting Attribute Revocation 计算机科学, 2015, 42(7): 210-215. https://doi.org/10.11896/j.issn.1002-137X.2015.07.046 |
|