| 面向云存储的安全密文访问控制方案 |
| |
| 引用本文: | 陈燕俐,杨庚,陈军军,杜英杰.面向云存储的安全密文访问控制方案[J].南京邮电学院学报(自然科学版),2013(5):49-55,62. |
| |
| 作者姓名: | 陈燕俐 杨庚 陈军军 杜英杰 |
| |
| 作者单位: | 南京邮电大学计算机学院,江苏南京210023 |
| |
| 基金项目: | 国家重点基础研究发展计划(973计划)(2011CB302903)、国家自然科学基金(61272084)和江苏省自然科学基金(BK2009426)资助项目 |
| |
| 摘 要: | 存储在云端服务器中的敏感数据的保密和安全访问是云存储安全研究的重要内容.针对真实的云存储环境中云服务提供商不可信的情况,采用基于属性的加密算法,提出了一种安全、高效、细粒度的云存储密文访问控制方案.与现有方案相比,该方案在用户撤销时,通过引入广播加密技术,使得撤销用户即使和云服务提供商共谋,也不能对私钥进行更新,保证了数据的安全性;方案将大部分密文重加密和用户私钥更新工作转移给云服务提供商执行,在保证安全性的前提下,降低了数据属主的计算代价;另外该方案还可支持多用户的同时撤销.最后分析了方案的安全性和计算复杂性,并测试了用户撤销时的运行效率.
|
| 关 键 词: | 云存储 密文访问控制 基于属性的加密 重加密 广播加密 |
A Secure and Fine-grained Cryptographic-based Access Control Scheme for Cloud Storage |
| |
| Affiliation: | CHEN Yan-li,YANG Geng,CHEN Jun-jun,DU Yin-jie( 1.School of Computer Science & Technology, Nanjing University of Posts and Telecommunications, Nanjing 210023, China;) |
| |
| Abstract: | Keeping secret and access control for the stored sensitive data play a key role in the field of cloud storage security.Combat the problem of the untrusted cloud service providers (CSP),this paper presents a secure,efficient and fine-grained access control scheme using the attribute-based encryption (ABE).Compared with the current solutions,the revoked users in our cheme could not update their secret keys any more even conspiracy with CSP,which protects the data security.This solution transfers most of computing overwork involved in re-encryption and secret key updating to CSP,which greatly reduces the computing cost of the data owners (DO) while keeping the security.Additionally,our scheme might support the simultaneous revoking from multi-users.Finally we analyze the performance of the proposed scheme,and test the computing complexity in the scenario of user revoking operations. |
| |
| Keywords: | cloud stroage cryptographic access control attribute-based encryption (ABE) re-encryption broadcasting encryption |
| 本文献已被 维普 等数据库收录! |
|
