属性可撤销且密文长度恒定的属性基加密方案

密文策略属性基加密（ciphertext-policy attribute-based encryption,CP-ABE）类似于基于角色访问控制,可以为云存储系统提供灵活细粒度的访问控制.但大多数CP-ABE方案中,密文长度与访问策略复杂度成正相关,系统属性同时被多个用户共享而导致属性难以被撤销.针对上述问题,本文提出一种支持属性撤销且密文长度恒定的属性基加密方案.该方案中每个用户的属性群密钥不能通用,可以有效抵抗撤销用户与未撤销用户的合谋攻击.为减少属性授权机构和数据拥有者的计算负担,属性撤销过程所需的计算量外包给数据服务管理者;同时该方案采用支持多值属性和通配符的"AND"门策略,实现了密文长度恒定.所提方案基于决策性q-BDHE（q-bilinear Diffie-Hellman exponent）假设对方案进行了选择明文攻击的安全性证明.最后对方案进行了理论分析与实验验证,分析结果表明本文方案可以有效抵制用户合谋攻击,增加了方案的安全性.同时所提方案在功能和计算效率方面具有一定优势,适用于实际应用情况.     

通信的传媒属性

介绍了通信与传媒(媒体)的概念,通信与传播的界定,以及从技术、业务和产业发展的角度详细分析了通信的传媒属性.认为传媒是传播的渠道,通信技术的创新促进了传媒的演变,通信业务已具有传媒属性,凸显了丰富的传媒功能.认为通信产业正在融合传媒产业的内容资源.在技术进步、业务创新以及产业融合的驱动下,通信的范围会进一步向传媒延伸.     

基于属性相关性划分的多敏感属性隐私保护方法

近年来,基于l-多样性的多维敏感属性的隐私保护研究日趋增多,然而大部分多敏感属性隐私保护方法都是基于有损分解的思想,破坏了数据间的关系,降低了数据效用.为此,提出了一种面向多敏感属性的隐私模型,首先给出一种l-maximum原则用以满足多敏感属性l-多样性要求;其次,为了保护属性间的相关性,根据属性间的依赖度对属性进行划分;最后设计并实现了MSA l-maximum（Multiple Sensitive Attributes l-maximum）算法.实验结果表明,提出的模型在保护隐私不泄露的同时,减少了元组的隐匿率,并且保护了数据间的关系.     

基于多属性模糊C均值聚类的属性约简算法

模糊C均值聚类算法在处理高维数据集时,存在计算复杂度高,算法泛化能力差,计算精度低等问题。考虑到特征属性对聚类的贡献程度的差异,在多属性模糊C均值聚类的思想上,提出一种基于属性重要性的约简算法。为验证有效性,在UCI数据集上,将新算法与因子分析法和粗糙集理论约简方法进行比较分析。实验结果表明,该方法具有更好的泛用性,在平均标准差大或类间中心距离较远的数据集上具有更好的性能。     

多属性机构环境下的属性基认证密钥交换协议

已有基于属性的认证密钥交换协议都是在单属性机构环境下设计的,而实际应用中不同属性机构下的用户也有安全通信的需求。该文在Waters属性基加密方案的基础上提出了一个多属性机构环境下的属性基认证密钥交换协议,并在基于属性的eCK(extended Canetti-Krawczyk)模型中将该协议的安全性归约到GBDH(Gap Bilinear Diffie-Hellman)和CDH(Computational Diffie-Hellman)假设,又通过布尔函数传输用线性秘密共享机制设计的属性认证策略,在制订灵活多样的认证策略的同时,显著地降低了通信开销。     

基于外观属性和交互属性浅议GUI的客体判断标准

图形用户界面(GUI)包括界面外观属性和界面交互属性,其中界面外观属性又分为静态界面外观属性和动态界面外观属性,界面交互属性又分为界面交互规则和界面交互技术.从图形用户界面的界面外观属性和界面交互属性入手,通过选取正反两方面的案例,深入分析了涉及图形用户界面的申请在何种情况下属于专利保护的客体.对于与图形用户界面相关的权利要求的撰写有一定的指导意义.     

播音主持语言属性之我见

长期以来播音主持语言面貌对于本专业的初学者亦或是大多数专业从业人员而言,都是一个入门难的问题。介于播音主持语言作为一种艺术表现形式,正确的入门方式和延伸探究是在其学习和提升过程中至关重要的环节。同时介于其艺术表现形式的独特性,作者认为其不存在仅有唯一一种入门形式的观点。因为播音主持语言是以二次创作为主的创作形式,因此学习和研究方法的多样性也是其学习特点之一。     

基于属性的访问控制研究进展

 基于属性的访问控制(ABAC)能够解决开放网络环境下资源保护所面临的细粒度问题以及网络系统所面临的大规模用户问题,为未来的开放网络环境提供了较为理想的访问控制策略方案．本文从ABAC理论和应用研究两个方面详细分析和总结了ABAC国内外的现有研究成果,分析了ABAC研究尚待解决的问题及未来研究趋势,为未来开放网络环境中的复杂信息系统访问控制研究提供借鉴和文献参考．     

基于遗传算法的属性约简

属性约简是知识发现的重要步骤。但从属性集中选择最优子集属于NP-hard问题。文章提出的遗传属性抽取算法，以属性的可分性度量为偏置，并引入禁忌表搜索策略，降低了搜索空间；采用退火选择来保持种群的个体多样性，防止未成熟收敛；算法内置的分类器采用人工神经网络，并提出了基于有监督聚类的人工神经网络分类算法，有效地降低了人工神经网络分类器的训练时间。实验分析表明，算法能够从高维数、大数据集合中有效降低数据维数。提高数据的分类准确性。     

台湾网络电视及其粉丝属性

随着网络带宽技术的进步,多样化的影音应用软件已使得消费者可以借助网络收看全球的电视节目。丰富且即时的数字影音节目,造就网络电视粉丝群的诞生并使得网络电视成为一股风潮。台湾的有线电视与无线电视普及,已具备多样的影音内容产品,但即使如此,网络电视所带来的即时性与丰富内容,依旧吸引多数消费者加入网络电视行列。     

支持直接撤销的密文策略属性基加密方案

提出一种支持直接撤销的属性基加密方案,首先给出支持直接撤销的属性基加密定义和安全模型,其次给出具体的支持撤销的密文策略——属性基加密方案并对安全性进行证明,最后,与其他方案对比显示,该方案在密文和密钥长度方面都有所减少。该方案可以实现对用户进行即时撤销,当且仅当用户所拥有的属性满足密文的访问结构且不在用户撤销列表内时,才能使用自己的私钥解密出明文。     

数据外包环境下一种支持撤销的属性基加密方案

In order to support fine-grained attribute revocation in data outsourcing systems,an attribute-based encryption scheme with efficient revocation in indirect revocation model was proposed.The model of ABE supporting attribute revocation was given,and a concrete scheme was constructed which proved its security under the standard model.Compared to the existing related schemes,the size of ciphertext and private/secret key is reduced,and the new scheme achieves fine-grained and immediate attribute revocation which is more suitable for the practical applications.     

Attribute-based encryption scheme supporting attribute revocation in cloud storage environment

Attribute-based encryption (ABE) scheme is widely used in the cloud storage due to its fine-grained access control.Each attribute in ABE may be shared by multiple users at the same time.Therefore,how to achieve attribute-level user revocation is currently facing an important challenge.Through research,it has been found that some attribute-level user revocation schemes currently can’t resist the collusion attack between the revoked user and the existing user.To solve this problem,an attribute-based encryption scheme that supported the immediate attribute revocation was proposed.The scheme could achieve attribute-level user revocation and could effectively resist collusion attacks between the revoked users and the existing users.At the same time,this scheme outsourced complex decryption calculations to cloud service providers with powerful computing ability,which reduced the computational burden of the data user.The scheme was proved secure based on computational Diffie-Hellman assumption in the standard model.Finally,the functionality and efficiency of the proposed scheme were analyzed and verified.The experimental results show that the proposed scheme can safely implement attribute-level user revocation and has the ability to quickly decrypt,which greatly improves the system efficiency.     

Access control scheme with attribute revocation for SWIM

Access control scheme is proposed for System Wide Information Management (SWIM) to address the problem of attribute revocation in practical applications. Based on the attribute based encryption (ABE), this scheme introduces the proxy re-encryption mechanism and key encrypting key (KEK) tree to realize fine-grained access control with attribute revocation. This paper defines the attributes according to the status quo of civil aviation. Compared with some other schemes proposed before, this scheme not only shortens the length of ciphertext (CT) and private key but also improves the efficiency of encryption and decryption. The scheme can resist collusion attacks and ensure the security of data in SWIM.     

云存储系统中支持用户隐私保护的细粒度访问控制

从云存储实际需求出发,设计了一个云存储环境下支持用户隐私保护和用户属性撤销的多属性权威的属性加密机制,为了保证系统实现的效率和减轻数据持有者的负担,在属性撤销中,复杂的计算任务都委托给可信第三方或云服务器完成。所提方案在DBDH假设下被证明是安全的。     

Data sharing scheme supporting secure outsourced computation in wireless body area network

How to effectively protect the security of data sharing in WBAN was a key problem to be solved urgently.The traditional CP-ABE mechanism had a 〝one to many〝 data security communication function which was suitable for access control in WBAN,but it had high computational complexity and did not support attribute revocation.Fully considering of limitations on computation and storage of sensor nodes and dynamic user attribute in WBAN,a CP-ABE scheme was proposed which was provably secure against CPA under the standard model and supported attributes revocation,outsourced encryption and decryption.Compared with the proposed schemes,the computation burden on senor nodes is greatly reduced and the user's attribution can be revoked immediately and fine grained while meeting the demand of its security in the proposed scheme.     

SecCloudSharing: Secure data sharing in public cloud using ciphertext‐policy attribute‐based proxy re‐encryption with revocation

An efficient cryptography mechanism should enforce an access control policy over the encrypted data to provide flexible, fine‐grained, and secure data access control for secure sharing of data in cloud storage. To make a secure cloud data sharing solution, we propose a ciphertext‐policy attribute‐based proxy re‐encryption scheme. In the proposed scheme, we design an efficient fine‐grained revocation mechanism, which enables not only efficient attribute‐level revocation but also efficient policy‐level revocation to achieve backward secrecy and forward secrecy. Moreover, we use a multiauthority key attribute center in the key generation phase to overcome the single‐point performance bottleneck problem and the key escrow problem. By formal security analysis, we illustrate that our proposed scheme achieves confidentiality, secure key distribution, multiple collusions resistance, and policy‐ or attribute‐revocation security. By comprehensive performance and implementation analysis, we illustrate that our proposed scheme improves the practical efficiency of storage, computation cost, and communication cost compared to the other related schemes.     

云存储环境下无密钥托管可撤销属性基加密方案研究

属性基加密因其细粒度访问控制在云存储中得到广泛应用。但原始属性基加密方案存在密钥托管和属性撤销问题。为解决上述问题,该文提出一种密文策略的属性基加密方案。该方案中属性权威与中央控制通过安全两方计算技术构建无密钥托管密钥分发协议解决密钥托管问题。通过更新属性版本密钥的方式达到属性级用户撤销,同时通过中央控制可以实现系统级用户撤销。为减少用户解密过程的计算负担,将解密运算过程中复杂对运算外包给云服务商,提高解密效率。该文基于q-Parallel BDHE假设在随机预言机模型下对方案进行了选择访问结构明文攻击的安全性证明。最后从理论和实验两方面对所提方案的效率与功能性进行了分析。实验结果表明所提方案无密钥托管问题,且具有较高系统效率。     

快速解密的自适应安全KP-ABE方案

已有的自适应安全ABE(attribute-based encryption)方案的解密开销随着解密时用到的属性数量呈线性增长。针对该问题,提出了一种快速解密的自适应安全key-policy ABE(FKP-ABE)方案,在合数阶群上构造,支持任意可以表达为线性秘密分享体制(LSSS, linear secret sharing schemes)的单调访问策略,将解密开销降为常数级,并在标准模型下证明该方案是自适应安全的。     

Searchable ciphertext‐policy attribute‐based encryption with revocation in cloud storage

To protect the sensitive data outsourced to cloud server, outsourcing data in an encrypted way has become popular nowadays. However, it is not easy to find the corresponding ciphertext efficiently, especially the large ciphertext stored on cloud server. Besides, some data owners do not want those users who attempt to decrypt to know the sensitive access structure of the ciphertext because of some business or private reasons. In addition, the user attributes revocation and key updating are important issues, which affect application of ciphertext‐policy attribute‐based encryption (CP‐ABE) in cloud storage systems. To overcome the previous problems in cloud storage, we present a searchable CP‐ABE with attribute revocation, where access structures are partially hidden so that receivers cannot extract sensitive information from the ciphertext. The security of our scheme can be reduced to the decisional bilinear Diffie–Hellman (DBDH) assumption and decisional linear (DL) assumption. Copyright © 2015 John Wiley & Sons, Ltd.