| DACPCC:一种包含访问权限的云计算数据访问控制方案 |
| |
| 引用本文: | 王于丁,杨家海.DACPCC:一种包含访问权限的云计算数据访问控制方案[J].电子学报,2018,46(1):236-244. |
| |
| 作者姓名: | 王于丁 杨家海 |
| |
| 作者单位: | 清华大学网络科学与网络空间研究院, 北京 100084 |
| |
| 摘 要: | 目前云计算访问控制技术最常用的加密体系是CP-ABE,但传统的CP-ABE加密体系中没有涉及用户的访问权限问题,数据提供者只能让用户去读取数据而不能写数据,访问控制机制不灵活,且效率低.针对这一不足,本文提出了一种包含访问权限的高效云计算访问控制方案DACPCC,该方案在CP-ABE基础上设置了权限控制密钥来加密云中的数据,数据提供者通过对权限控制密钥的选择来控制数据的访问权限.文章对DACPCC进行了详细的设计,并做了安全性证明和实验验证,结果表明DACPCC能够让数据提供者对其数据资源进行权限控制,并且是安全和高效的.
|
| 关 键 词: | 云计算 访问控制 属性基加密 访问权限 属性撤销 |
| 收稿时间: | 2016-08-30 |
DACPCC:A Data Access Control Scheme with Access Permission for Cloud Computing |
| |
| WANG Yu-ding,YANG Jia-hai.DACPCC:A Data Access Control Scheme with Access Permission for Cloud Computing[J].Acta Electronica Sinica,2018,46(1):236-244. |
| |
| Authors: | WANG Yu-ding YANG Jia-hai |
| |
| Affiliation: | Institute for Network Sciences and Cyberspace, Tsinghua University, Beijing 100084, China |
| |
| Abstract: | Currently,the most common encryption scheme of cloud computing access control system is CP-ABE,but the conventional CP-ABE encryption did not deal with the issue of user's access permission; data owners only allow the users to read the data but not to write,such kind of coarse access control mechanism is not flexible and low efficiency.To deal with this issue,the paper proposes a Data Access Control scheme with access Permission for Cloud Computing (DACPCC),it sets permission control keys to encrypt the data in cloud based on CP-ABE; the data owner controls the data's access permission by choosing the permission control keys.The paper illustrates the design details of the proposed scheme,then theoretically proves the security and evaluates the performance through simulated experiments; the results show that DACPCC allows the data owners to control the access permission of the data,and it is safe and more efficient. |
| |
| Keywords: | cloud computing access control CP-ABE access permission attribute revocation |
|
| 点击此处可从《电子学报》浏览原始摘要信息 |
|
点击此处可从《电子学报》下载全文 |
