Computer Science

Computer Science ›› 2023, Vol. 50 ›› Issue (9): 16-25.doi: 10.11896/jsjkx.230500239

• Data Security • Previous Articles     Next Articles

Study on Blockchain Based Access Control Model for Cloud Data

TONG Fei1,2,3, SHAO Ranran1,2   

  1. 1 School of Cyber Science and Engineering,Southeast University,Nanjing 211189,China
    2 Key Laboratory of Computer Network and Information Integration of Ministry of Education(Southeast University),Nanjing 211189,China
    3 Purple Mountain Laboratories,Nanjing 211111,China
  • Received:2023-05-31 Revised:2023-07-09 Online:2023-09-15 Published:2023-09-01
  • About author:TONG Fei,born in 1987,Ph.D,professor,Ph.D supervisor,is a member of China Computer Federation.His main research interests include Internet of Things and ubiquitous networking intelligence & security.
  • Supported by:
    National Natural Science Foundation of China(61971131) and “Zhishan” Scholars Programs of Southeast University(2242021R41157).

PDF (PC)

2151

Abstract: The combination of blockchain and ciphertext policy sttribute based rncryption(CP-ABE) schemes has been widely used in the access control of sharing data on the cloud,but the privacy protection of data users in these schemes has not been solved.Some studies introduce distributed multi-authority attribute based signature schemes(DMA-ABS) to protect the privacy of data users,but when the data user accesses the data multiple times,it is necessary to perform repeated permission verification,which will cause unnecessary time consumption.And when the attributes and access control policies of data users are relatively unchanged,data users can access shared data repeatedly and infinitely,system overload and affect normal request processing.This may cause the leakage of cloud data, posing a hidden danger to the security of cloud data.At the same time,the behavior of data users changes dynamically.A data user who once perform well may have some malicious behaviors such as frequent access to data,illegal access to data,which brings hidden dangers to data security.Firstly,the smart contract is combined with the CP-ABE scheme of multi-attribute authority center to realize the fine-grained access control of personal privacy data in the cloud,and the distributed multi-authority attribute based signature scheme is introduced.The anonymous identity verification of data users is completed to protect the identity privacy of data users.Secondly,based on the idea of unspent transaction output(UTXO ) of Bitcoin,the digital token is designed to realize once authorization and multiple access.Finally,this scheme implements an access control process based on hyperledger fabric,and compares it with existing schemes in terms of access time overhead.The results indicate that the proposed scheme can effectively reduce access time overhead and improve access efficiency.

Key words: Blockchain, Access control, Ciphertext policy attribute based encryption, Access token, Smart contract

CLC Number: 

  • TP18
[1]SHARMA S.Expanded cloud plumes hiding Big Data ecosystem[J].Future Generation Computer Systems,2016,59:63-92.
[2]数安时代GDCA.CapitalOne数据泄露影响1.06亿人[EB/OL].https://www.sohu.com/a/330584204_604699.2019-07.
[3]隐查查.2022年国内外个人信息泄露大事件盘点[EB/OL].https://zhuanlan.zhihu.com/p/598514200.2023-01.
[4]RASORI M,LAMANNA M,PERAZZO P,et al.A Survey onAttribute-Based Encryption Schemes Suitable for the Internet of Things[J].IEEE Internet of Things Journal,2022,9(11):8269-8290.
[5]LI J G,ZHANG Y C,NING J T,et al.Attribute Based Encryption with Privacy Protection and Accountability for CloudIoT[J].IEEE Transactionson Cloud Computing,2022,10(2):762-773.
[6]CHEN N Y,LI J G,ZHANG Y C,et al.Efficient CP-ABEScheme With Shared Decryption in Cloud Storage[J].IEEE Transactions on Computers,2022,71(1):175-184.
[7]BETHENCOURT J,SAHAI A,WATERS B.Ciphertext-PolicyAttribute-Based Encryption[C]//2007 IEEE Symposiumon Security and Privacy.2007:321-334.
[8]HUANG K Q.Secure Efficient Revocable Large UniverseMulti-Authority Attribute-Based Encryption for Cloud-Aided IoT[J].IEEE Access,2021,9:53576-53588.
[9]KAMALAKANTA S,ANKIT P,PADMALOCHAN B.PMTER-ABE:a Practical Multi-Authority CP-ABE with Traceability,Revocation and Outsourcing Decryption for Secure Access Control in Cloud Systems[J].Cluster Computing,2021,24(2):1525-1550.
[10]HIKHA M, ANSHUMAN K, GÜRKAN G,et al.A Survey on Role of Blockchain for IoT:Applications and Technical Aspects[J].Computer Networks,2023,227:109726.
[11]LSHEHRI S, RADZISZOWSKI S, RAJ R.Secure Access for Healthcare Datain the Cloud Using Ciphertext-Policy Attribute-Based Encryption[C]//2012 IEEE 28th Iternational Conference on Data Engineering Workshops.2012:143-146.
[12]EL GAFIF H,TOUMANARI A.Efficient Ciphertext-PolicyAttribute-Based Encryption Constructions with Outsourced Encryption and Decryption[J].Security and Communication Networks,2021,2021(3):1-17.
[13]LIU Z C,JIANG Z,WANG X,et al.Practical Attribute-Based Encryption:Outsourcing Decryption,Attribute Revocation and Policy Updating[J].Journal of Network and Computer Applications,2018,108:112-123.
[14]LI T,ZHANG J W,LIN Y X,et al.Blockchain-Based Fine-Grained Data Sharing for Multiple Groups in Internet of Things[J].Security and Communication Networks,2021,12(3):123-135.
[15]SREENIVASA Y R.A Secure and Efficient Ciphertext-Policy Attribute-Based Signcryption for Personal Health Records Sharing in Cloud Computing[J].Future Generation Computer Systems,2017,67(2):133-151.
[16]LI S X,LI R X,ZHANG Y,et al.CBI:A Data Access Control System Based on Cloud and Blockchain Integration[C]//2020 IEEE 22nd International Conferenceon High Performance Computing and Communications;IEEE 18th International Confe-rence on Smart City;IEEE 6th International Conference on Data Science and Systems.2020:715-721.
[17]ZOU Y P,PENG T,ZHONG W T,et al.Reliable and Controllable Data Sharing Based on Blockchain[C]//First International Conference on Ubiquitous Security.2021:448-461.
[18]MALAMAS V,KOTZANIKOLAOU P,DASAKLIS T,et al.A Hierarchical Multi Blockchain for Fine Grained Access to Medical Data[J].IEEE Access,2020,8:134393-134412.
[19]OKAMOTO T,TAKASHIMA K K.Decentralized Attribute-Based Signatures[C]//International Workshop on PublicKey Cryptography.2013:125-142.
[20]ZHANG Y R,HE D B,CHOO K R.BaDS:Blockchain-BasedArchitecture for Data Sharing with ABS and CP-ABE in IoT[J].Wireless Communications and Mobile Computing,2018,1(11):1-9.
[21]LI G,SATO H.A Privacy-Preserving And Fully Decentralized Storage and Sharing System on Blockchain[C]//2019 IEEE 43rd Annual Computer Software and Applications Conference.2019:694-699.
[22]BEIMEL A.Secure Schemes for Secret Sharing and Key Distribution[D].Technion:Israel Institute of Technology,1996.
[23]OKAMOTO T,KASUYUKI T.Decentralized Attribute-Based Encryption and Signatures[J].IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences,2020,E103.A(1):41-73.
[1] ZHAO Mingmin, YANG Qiuhui, HONG Mei, CAI Chuang. Smart Contract Fuzzing Based on Deep Learning and Information Feedback [J]. Computer Science, 2023, 50(9): 117-122.
[2] WANG Junlu, LIU Qiang, ZHANG Ran, JI Wanting, SONG Baoyan. Blockchain-based Dual-branch Structure Expansion Model [J]. Computer Science, 2023, 50(8): 365-371.
[3] YANG Jian, WANG Kaixuan. Tripartite Evolutionary Game Analysis of Medical Data Sharing Under Blockchain Architecture [J]. Computer Science, 2023, 50(6A): 221000080-7.
[4] TAN Pengliu, WANG Runshu, ZENG Wenhao, WANG Shikun, ZOU Wenshi. Overview of Blockchain Consensus Algorithms [J]. Computer Science, 2023, 50(6A): 220400200-12.
[5] ZHENG Hong, QIAN Shihui, LIU Zerun, DU Wen. Formal Verification of Supply Chain Contract Based on Coloured Petri Nets [J]. Computer Science, 2023, 50(6A): 220300220-7.
[6] HUANG Baohua, PENG Li, ZHAO Weihong, CHEN Ningjiang. Practical Byzantine Consensus Algorithm Based on Verifiable Random Functions [J]. Computer Science, 2023, 50(6A): 220300064-6.
[7] LIN Feilong, YUE Yuedong, ZHENG Jianhui, CHEN Zhongyu, LI Minglu. Blockchain-based Identity Authentication and Authorization Mechanism [J]. Computer Science, 2023, 50(6A): 220700158-9.
[8] PAN Lu, LUO Tao, NIU Xinzheng. Restart and Recovery Algorithm Based on Distributed Cluster Nodes [J]. Computer Science, 2023, 50(6A): 220300205-6.
[9] XIAO Jian, YANG Min. Multi-factor Blockchain Private Key Protection Scheme Based on Secret Sharing [J]. Computer Science, 2023, 50(6): 307-312.
[10] LIU Wei, GUO Lingbei, XIA Yujie, SHE Wei, TIAN Zhao. Raft Consensus Algorithm Based on Credit Evaluation Model [J]. Computer Science, 2023, 50(6): 322-329.
[11] ZHANG Shue, TIAN Chengwei, LI Baogang. Review of Identity Authentication Research Based on Blockchain Technology [J]. Computer Science, 2023, 50(5): 329-347.
[12] PEI Cui, FAN Guisheng, YU Huiqun, YUE Yiming. Auction-based Edge Cloud Deadline-aware Task Offloading Strategy [J]. Computer Science, 2023, 50(4): 241-248.
[13] LIU Zerun, ZHENG Hong, QIU Junjie. Smart Contract Vulnerability Detection Based on Abstract Syntax Tree Pruning [J]. Computer Science, 2023, 50(4): 317-322.
[14] MA Qican, WU Zehui, WANG Yunchao, WANG Xinlei. Approach of Web Application Access Control Vulnerability Detection Based on State Deviation Analysis [J]. Computer Science, 2023, 50(2): 346-352.
[15] LI Bei, WU Hao, HE Xiaowei, WANG Bin, XU Ergang. Survey of Storage Scalability in Blockchain Systems [J]. Computer Science, 2023, 50(1): 318-333.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.