CN104901942B - A kind of distributed access control method based on encryption attribute - Google Patents
A kind of distributed access control method based on encryption attribute Download PDFInfo
- Publication number
- CN104901942B CN104901942B CN201510106880.5A CN201510106880A CN104901942B CN 104901942 B CN104901942 B CN 104901942B CN 201510106880 A CN201510106880 A CN 201510106880A CN 104901942 B CN104901942 B CN 104901942B
- Authority
- CN
- China
- Prior art keywords
- user
- attribute
- private key
- gid
- cloud server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
- H04L9/3073—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Mathematical Physics (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Physics & Mathematics (AREA)
- Pure & Applied Mathematics (AREA)
- Algebra (AREA)
- Computing Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention proposes a kind of distributed access control methods based on encryption attribute; this method is mainly used to solve the safety and Privacy Protection of mass data in cloud environment; the present invention proposes the CP-ABE mechanism of more authoritys a kind of on the basis of Ciphertext policy is based on encryption attribute mechanism (Ciphertext-Policy Attribute-Based Encryption, CP-ABE).The mechanism shares the workload of single authority using multiple authoritys, and efficient outsourcing decryption and user's revocation may be implemented and support being dynamically added and exiting for attribute authority (aa) (Attribute Authority, AA).Access control mechanisms provided by the invention are while protecting the safety and privacy of mass data, additionally it is possible to the features such as realizing efficient, distributed, expansible and fine-grained access control.
Description
Technical field
The present invention relates to the data security arts in Computer Subject, Information security discipline, in particular to cloud computing environment
Under data safety and secret protection.
Background technique
With the fast development of computer technology, internet and wireless network, the mass data generated daily is with number
The form storage of change is on computers.Cloud computing technology provides an effective solution side for the storage and processing of mass data
Case.But when user the storage of their data to third party cloud server when, it is contemplated that third party cloud server is incomplete
Believable and user typically only allows for Accessor Access their data of authorization, therefore, the safety of user's sensitive data and
Privacy faces great challenge, such as the individual on social network sites in the personal preference and friend circle and mailbox server of user
Mail etc..When these servers are by hacker attack, the sensitive data of user will be leaked or even some cloud service provider meetings
Interests are obtained by selling the data of user.
Access control and data encryption technology can satisfy demand of the above-mentioned user to data secret protection.Traditional access
The safety of control system and performance are typically based on a complete believable server, and the permission and data of user is all by system
Administrator distributes and manages, but when number of users is huge, this will seriously affect the efficiency of system.If the server is captured
When, the data of user will be revealed.Data encryption technology can be effectively protected secure user data, when use public key encryption machine
When making (such as RSA), then encipherer needs to know in advance the public key of recipient, as use asymmetric encryption mechanisms (such as AES
(Advanced Encryption Standard)) when, encipherer needs to distribute key to recipient online, that is to say, that tradition
Encryption mechanism be it is one-to-one, for different recipients, encipherer needs using different keys, file identical in this way
It can be encrypted repeatedly generate different ciphertext storages on the server, when the data and huge number of users in system, can give
Key management brings huge expense.And in many application environments, especially cloud environment, data owner only need basis to add
Close strategy encrypts the data of sharing, and identity and which user without knowing recipient in advance can access the data.
And construct the encryption mechanism based on strategy based on traditional encryption mechanism and be difficult, because working as data owner's encryption data
When, there is still a need for all users for having and accessing its data permission are known in advance, it is then based on user collection and carrys out encryption data,
But when newly addition user has access authority, data then need re-encrypted.And traditional encryption mechanism cannot be fine
The fine granularity access of user data is supported on ground, so traditional access control system and encryption mechanism cannot be efficiently applied to point
In the cloud environment of cloth.
Therefore, realize that the safety of mass data and secret protection need a particulate on incomplete believable Cloud Server
Access control mechanisms system that is degree, expansible, distributed and can realizing one-to-many encryption.Currently, being added based on attribute
Close (Attribute-Based Encryption, ABE) is considered as being best suited for solving data safety and privacy in cloud environment
Protect and realize one of the technology of fine-grained data access control.There are two types of structures, the respectively ABE of key strategy by ABE
The ABE (CP-ABE) of (Key-PolicyABE, KP-ABE) and Ciphertext policy.In KP-ABE mechanism, the key of each user with
Access structure is related, and each ciphertext is related to one group of property set;Then on the contrary, each user key and one group in CP-ABE mechanism
Property set is related, and ciphertext is related to access structure.When ABE is applied in cloud environment, it is contemplated that the data of data owner
It is stored on Cloud Server, in order to enable data owner to control and manage data, CP-ABE has more advantage.
However when being applied in cloud environment CP-ABE mechanism, inevitably need to consider some practical problems.Example
Such as, in systems in practice, user's position can change, and then the permission of user can change.In CP-ABE mechanism, use
The permission and attribute at family correspond, so the variation of user right can regard the variation of user property as, i.e. user property is removed
Pin problem.Simultaneously in view of the computing capability of user terminal is limited, and in CP-ABE, attribute in decryption time and access structure
Quantity is linearly related, and when number of attributes is more, heavy computation burden can be brought to user.Therefore, it is designed for cloud environment
When CP-ABE mechanism, efficient user's revocation and efficient decryption problems are all urgently to be resolved.Currently, having some CP-ABE machine
The method being applied in cloud environment is made, but is all haveed the defects that certain.
Current existing method can be divided into the CP-ABE of single authority, as Chinese patent literature CN201210389845.5,
CN201310132586.2, CN201410055341.9, CN201410330696.4, and the CP-ABE of more authoritys, such as
CN201310647570.5, in the CP-ABE method of single authority, attribute management and key distribution in system are all by single
Complete believable attribute authority (aa) (AttributeAuthority, AA) Lai Zhihang, the AA have the ability for decrypting all ciphertexts, when
The AA is attacked or delay machine, and whole system will be affected and user key may be revealed, so single AA will
It is the performance bottleneck and security vulnerabilities of system.Therefore, the CP-ABE of more authoritys is more suitable for cloud environment.
Document CN201210389845.5, CN201310132586.2, CN201410330696.4 consider user and remove
Pin problem, but do not account for efficiently decrypting, and CN201410055341.9 is proposed outside one kind on the basis of CP-ABE
The method for wrapping decryption realizes efficient decryption, but there is no consider user's revocation problem.CN201310647570.5 is proposed
A kind of CP-ABE method of more authoritys applied to cloud environment, this method can be realized efficiently decryption and user cancels, but
When carrying out user's revocation, this method not only needs to carry out private key update to the user containing revocation attribute, it is also necessary to tie to access
Ciphertext containing revocation attribute in structure is updated, and when the mass data in view of being stored in cloud environment, the user revocation side
Method can bring huge expense.
Summary of the invention
In view of this, to solve the above-mentioned problems, the magnanimity number being both able to satisfy the invention proposes one kind on Cloud Server
According to safety and secret protection demand, and be able to achieve fine granularity and expansible Distributed access control mechanism.
In order to realize that Distributed access control mechanism, the present invention devise a kind of support outsourcing decryption and efficient user revocation
More authoritys CP-ABE.In the encryption mechanism, when encryption data can define an access structure, and (access structure is based on description
The property set of property) so that ciphertext is related to access structure;The decruption key of generation is then related to one group of descriptive property set,
When the property set in decruption key meets the access structure in ciphertext, decruption key can just be decrypted correctly ciphertext.When
When the permission of user changes, then key revocation update can be carried out to user.In order to mitigate the expense of user, ciphertext is decrypted
Most of work has been delegated to Cloud Server.And the encryption mechanism distributes attribute key using multiple AA, which reduce
The workload of single AA, while improving safety and the robustness of system.
CP-ABE is built upon on two-wire group, meets the property of bilinear map.The definition of bilinear map is given below:
If G1And G2It is the multiplicative cyclic group that two ranks are prime number p.G is G1Generation member, bilinear map e:G1×G1→G2, the mapping
There is following characteristic:
(1) bilinearity: for any u, v ∈ G1,a,b∈Zp,e(ua,vb)=e (u, v)ab;
(2) non degenerate: e (g, g) ≠ 1;
(3) computability: for any u, v ∈ G1, can effectively calculate e (u, v).
Further, system model of the invention is as shown in Figure 1, the model is made of five entities, and respectively believable
Tripartite's certificate server (TP), attribute authority (aa) (AA), data owner's Cloud Server and user.Wherein TP is responsible for recognizing for user
Card and registration, and distribute global identity (GID), certificate and user's overall situation private key to legitimate user;Each AA is independent
Attribute in operation and responsible management own domain, while they are also responsible for distributing attribute key to the legitimate user of registration,
And in the storage to Cloud Server of the attribute key of user;Data owner based on the access structure of definition come encryption data, and
In the data storage to Cloud Server of encryption;Cloud Server then provides the service of storing and accessing, when a legitimate user accesses
The data of authorization, Cloud Server retrieve the attribute key of user first, then utilize attribute key decryption ciphertext and generation one
The TK and ciphertext are simultaneously issued user by a decrypted token (TK), and then user decrypts ciphertext using global private key and TK, finally
Obtain the data for needing to access.
Distributed access control mechanism provided by the invention based on encryption attribute, including the following steps:
S1: system initialization generates the public private key-pair of system common parameter, the public private key-pair of TP and each attribute;
S2: data encryption, data owner's encryption data, and data are stored on Cloud Server in an encrypted form;
S3: user key generates, and TP is to legitimate user one GID of distribution and gives user's distributing certificates and global private key,
AA then distributes attribute private key to it based on the permission of user;
S4: access data, user access to server request data, and the property set and if only if user meets in ciphertext
Access structure, user could decrypt ciphertext using global private key and attribute private key;
S5: user's revocation when the permission of user changes, is then updated the private key of user, makes it with one
New identity rejoins system.
Further, the step S1 includes the following steps:
S11:TP initialization, inputs security parameter, generates the public private key-pair of system common parameter and TP;
S12:AA initialization.
Wherein S12 includes the following steps:
S121: each AA receives system common parameter and the public key of TP from TP;
S122: each AA generates public private key-pair for each attribute of its management.
Further, the step S2 includes the following steps:
S21: data owner receives the public key of system common parameter and each attribute from TP and AA respectively;
S22: data owner be based on global property collection U, to data definition one access structure A, A by access matrix (M,
It ρ) indicates, the wherein mapping between the every a line of function ρ representing matrix M and attribute x;
S23: from ZpFor middle selection random number s as encryption exponent, enabling s is vectorFirst member
Element;
S24: it calculatesWherein MiIt is the i-th row of matrix M;
S25: random number r is choseni∈Zp;
S26: output ciphertext CT;
S27: data owner uploads to ciphertext CT on Cloud Server.
Further, the step S3 includes the following steps:
S31: system is added in user, submits identity information to be registered to TP;
The legitimacy of S32:TP certification user;
S33: if user is legal, distributing a GID to user, and distribute a certificate and global private key to user,
Middle certificate includes GID, the attribute list of user and the global public key of user of user;If the user is illegal, refusal adds
Enter system;
S34: when user receives certificate that TP is sent and global private key, certificate is just issued its each AA being subordinate to;
S35: after AA receives certificate, AA uses the public key decryptions certificate of TP, and verifies user GID and whether belong to user and remove
It sells list (UL);
S36: ifThen AA generates attribute private key to user based on the attribute list of user;If GID ∈ UL, AA
Terminate operation;
S37: and then the attribute private key of user is sent to Cloud Server by AA, and is stored on Cloud Server.
Further, the step S4 includes the following steps:
S41: user GID sends data access request to Cloud Server, and certificate is issued Cloud Server;
S42: Cloud Server uses the public key decryptions certificate of TP, and verifies whether user GID belongs to user's revocation list
(UL);
S43: ifThen continue following operation;If GID ∈ UL, Cloud Server terminates operation;
S44: the attribute private key of Cloud Server retrieval user;
S45: ciphertext then is decrypted using the attribute private key of user, and generates decrypted token TK;
Wherein S45 includes the following steps:
S451: it enablesAnd I={ i: ρ (i) ∈ RA, if according to access matrix M, { λi}i∈IIt is encryption exponent s
Effective sharing, then there is recovery coefficient { wi∈Zp}i∈IEncryption exponent, which can be reconstructed, isCloud service first
Device chooses { wi∈Zp}i∈I;
S452: then Cloud Server calculates decrypted token TK;
S46: and then TK and ciphertext are sent to user by Cloud Server;
S47: ciphertext is decrypted using global private key and TK by end user, if the attribute of user meets the access knot in ciphertext
Structure, then user's successful decryption;Fail if not satisfied, then decrypting.
Further, the step S5 includes the following steps:
S51: when the permission of user changes, its changed identity information is sent to TP by user, and in TP
Place is re-registered;
S52:TP user original GID is written in UL, and announces UL;
S53:TP is one new global identity GID ' of user's distribution, and for one new certificate of user's distribution and entirely
Office's private key, wherein new certificate includes GID ', new Customer attribute row form and new global public key, then TP is new user
Global private key and certificate issue user simultaneously;
S54: after user receives the new certificate that TP is sent and global private key, it is subordinate to again with it using new certificate
Each AA is interacted.
S55: when AA receives certificate ACertGID′Afterwards, AA uses the public key decryptions certificate of TP, and whether verifies user GID '
Belong to UL;
S56: ifAA continues following operation;If GID ' ∈ UL, AA terminate operation;
S57: for the step as S37, AA generates new attribute private key to revocation user based on the attribute list of user;
S58: and then each attribute private key of user is sent to Cloud Server by AA, Cloud Server is distributed from participation key
The attribute private key of user is received at AA and is stored, while Cloud Server deletes the attribute private key for increasing revocation user in UL newly.
The present invention has the advantages that the invention proposes more than one authority based on encryption attribute mechanism, each AA is
Independent operating is independent of each other, and does not need a center authority (Central Authority, CA), and the CA is equivalent to list
Authority based on the single AA in encryption attribute mechanism, have the ability for decrypting all system ciphertexts, therefore CA must completely may be used
Letter.The present invention shares the workload of single AA using multiple AA, and it is possible to prevente effectively from CA becomes the bottleneck and peace of system
Full weakness improves the robustness of system, while also supporting being dynamically added and exiting for AA.And the present invention is utilized and is distributed to user
The method of one global identity GID prevents user from conspiring.
In the present invention, the private key of user is divided into user's overall situation private key and user property private key using cipher key separation,
Middle user property private key is stored by Cloud Server, and user need to only save global private key.Therefore, four in addition to data owner
A entity all has part decryption capabilities, but this four entity each party do not have the ability for fully decrypting ciphertext, when
When user wants decryption ciphertext, user needs the assistance of Cloud Server and meets the visit in ciphertext and if only if the attribute of user
When asking structure, user can just be decrypted correctly ciphertext, and this method strengthens the safety of system to a certain extent.The present invention is not only
The characteristics of being able to achieve the safety and secret protection of mass data in cloud environment, and being also fully utilized by cloud computing, it is close decrypting
Most of workload during text has all entrusted to Cloud Server, and since the attribute for possessing user of Cloud Server is close
Key, Cloud Server can only partially decrypt ciphertext, both improve decryption efficiency in this way, also ensure the safety of system.
The present invention devises novel user's cancelling method, and the revocation of user is equivalent to the identity for updating user.When
When user right changes, TP can be re-registered to user, and distribute a new global identity, and then the revocation is used
Family obtains new certificate, new global private key and new attribute private key, and revocation user is equivalent to a new identity again
It is added in system.The cancelling method is only related to the revocation attribute of user, and in practical applications, the revocation of user is not
It is very frequently.Therefore the cancelling method can be efficiently applied in cloud environment, and forward secrecy (revocation user may be implemented
The ciphertext containing revocation attribute in access structure cannot be decrypted) and backward security (if user, which is newly added, possesses enough attributes, it can
Enough decrypt its be added previous existence at ciphertext).
Further advantage, target and feature of the invention will be illustrated in the following description to a certain extent, and
And to a certain extent, based on will be apparent to those skilled in the art to investigating hereafter, Huo Zheke
To be instructed from the practice of the present invention.The objects and other advantages of the present invention can be wanted by following specification, right
Specifically noted structure is sought in book and attached drawing to be achieved and obtained.
Detailed description of the invention
To make the objectives, technical solutions, and advantages of the present invention clearer, below in conjunction with attached drawing to the present invention make into
The detailed description of one step, in which:
Fig. 1 is system model;
In figure: (1) announcing attribute public key;(2) encryption data is uploaded;(3) user's registration;(4) distribute to user global private
Key and certificate;(5) attribute key request is sent;(6) distribute attribute key;(7) access request is sent;(8) decrypted token is provided.
Fig. 2 is flow diagram of the invention;
Fig. 3 is system initialization;
Fig. 4 is data encryption;
Fig. 5 is user key generation;
Fig. 6 is access data;
Fig. 7 is user's revocation.
Specific embodiment
With will be in conjunction with attached drawing, a preferred embodiment of the present invention will be described in detail;It should be appreciated that preferred embodiment is only
In order to illustrate the present invention, rather than limiting the scope of protection of the present invention.
Distributed access control mechanism provided by the invention based on encryption attribute, includes the following steps, referring to fig. 2:
S1: system initialization generates the public private key-pair of system common parameter, the public private key-pair of TP and each attribute,
Referring to Fig. 3;
Further, the step S1 includes the following steps:
S11:TP initialization, inputs security parameter λ, generates the public private key-pair of system common parameter and TP, and wherein system is public
Parameter includes the Bilinear Groups G that two ranks are p altogether1,G2、G1In generation member g and bilinear map e:G1×G1→G2, TP's
Public private key-pair is (skTP,pkTP), enable x indicate attribute;
S12:AA initialization;
Wherein S12 includes the following steps:
S121: each AA receives system common parameter { g, G from TP1,G2, e (g, g) } and TP public key pkTP;
S122: each AA chooses three random number αx,βx,γx∈ZpAs the private key of attribute x, as { αx,βx,γx,
Then public key is generated for attribute x
S2: data encryption, data owner's encryption data, and data are stored on Cloud Server in an encrypted form,
Referring to fig. 4;
Further, the step S2 includes the following steps:
S21: data owner receives system common parameter { g, G from TP and AA respectively1,G2, e (g, g) } and each category
The public key of property
S22: data owner be based on global property collection U, for data m define access structure an A, A by access matrix (M,
It ρ) indicates, the wherein mapping between the every a line of function ρ representing matrix M and attribute x;
S23: from ZpFor middle selection random number s as encryption exponent, enabling s is vectorFirst member
Element;
S24: it calculatesWherein MiIt is the i-th row of matrix M;
S25: random number r is choseni∈Zp;
S26: output ciphertext CT is
Wherein RAIndicate the property set in access structure A;
S27: data owner uploads to ciphertext CT on Cloud Server.
S3: user key generates, and TP is to legitimate user one GID of distribution and gives user's distributing certificates and global private key,
AA then distributes attribute private key to it based on the permission of user, referring to Fig. 5;
Further, the step S3 includes the following steps:
S31: system is added in user, submits identity information to be registered to TP;
The legitimacy of S32:TP certification user;
S33: if user is legal, a GID is distributed to user, and select a random number uGID∈ZpIt is complete as user
Office private key UGSKGID, then generate user's overall situation public keyThen TP uses private key skTPGenerate certificate
ACertGID=SignskTP(GID,ALGID,UGPKGID), wherein ALGIDIndicate the attribute list of user;If the user is illegal,
Then refuse addition system;TP is UGSKGIDWith certificate ACertGIDUser is issued simultaneously;
S34: when user receives certificate that TP is sent and global private key, certificate is just issued its each AA being subordinate to;
S35: when AA receives certificate ACertGIDAfterwards, AA uses the public key pk of TPTPDecrypt certificate ACertGID, and verify user
Whether GID belongs to user's revocation list (UL);
S36: ifThen AA continues following operation;If GID ∈ UL, AA terminate operation;
S37:AA generates attribute private key to user based on the attribute list of user
S38: and then each attribute private key of user is sent to Cloud Server by AA, Cloud Server receives use from the AA of participation
The attribute key at familyAnd it stores.Note that even if Cloud Server possesses user's
Attribute key can not be decrypted correctly ciphertext.
S4: access data, user access to server request data, and the property set and if only if user meets in ciphertext
Access structure, user could decrypt ciphertext using global private key and attribute private key, referring to Fig. 6;
Further, the step S4 includes the following steps:
S41: user GID sends data access request to Cloud Server, and its certificate ACertGIDIssue Cloud Server;
S42: Cloud Server uses the public key pk of TPTPDecrypt certificate ACertGID, and verify whether user GID belongs to user
Revocation list (UL);
S43: ifThen continue following operation;If GID ∈ UL, Cloud Server terminates operation;
S44: the attribute private key UASK of Cloud Server retrieval userGID;
S45: the attribute private key UASK of user is then usedGIDCiphertext is decrypted, and generates decrypted token TK;
Wherein, S45 includes the following steps:
S451: it enablesAnd I={ i: ρ (i) ∈ RA, if according to access matrix M, { λi}i∈IIt is encryption exponent s
Effective sharing, then there is recovery coefficient { wi∈Zp}i∈IEncryption exponent, which can be reconstructed, isCloud service first
Device chooses { wi∈Zp}i∈I;
S452: then Cloud Server calculates decrypted token
S46: and then TK and ciphertext are sent to user by Cloud Server;
S47: end user uses global private key UGSKGIDCiphertext is decrypted with TK, if the attribute of user meets the visit in ciphertext
Ask structure, then user's successful decryption, end user obtains dataFail if not satisfied, then decrypting.
S5: user's revocation when the permission of user changes, is then updated the private key of user, makes it with one
New identity rejoins system, referring to Fig. 7.
Further, the step S5 includes the following steps:
S51: when the permission of user changes, its changed identity information is sent to TP by user, and in TP
Place is re-registered;
S52:TP user original GID is written in UL, and announces UL;
S53:TP is that user distributes a new global identity GID ', reselects a random number uGID′∈ZpMake
For the new global private key UGSK of userGID′, and generate new user's overall situation public keyThen TP is user point
With a new attribute list ALGID′, then TP uses private key skTPGenerate new certificateTP is UGSKGID′With certificate ACertGID′User is issued simultaneously;
S54: when user receives the new certificate ACert that TP is sentGID′And UGSKGID′Afterwards, using new certificate again with its
The each AA being subordinate to is interacted.
S55: when AA receives certificate ACertGID′Afterwards, AA uses the public key pk of TPTPDecrypt ACertGID′, and verify user
Whether GID ' belongs to user's revocation list (UL);
S56: ifAA continues following operation;If GID ' ∈ UL, AA terminate operation;
S57: for the step as S37, AA generates new attribute private key to revocation user based on the attribute list of user
S58: and then each attribute private key of user is sent to Cloud Server by AA, Cloud Server is distributed from participation key
The attribute private key of user is received at AAAnd it stores, while Cloud Server is deleted
The attribute private key of user is cancelled in UL.
Claims (5)
1. a kind of distributed access control method based on encryption attribute, it is characterised in that: include the following steps
S1: system initialization generates the public/private of system common parameter, the public private key-pair of trusted third party TP and each attribute
Key pair;
S2: data encryption, data owner's encryption data, and data are stored on Cloud Server in an encrypted form;
S3: user key generates, and trusted third party TP distributes a global identification presentation GID to legitimate user, and gives the user
Distributing certificates and global private key, attribute authority (aa) AA then distribute attribute private key to it based on the permission of user;The step S3 includes
Following steps:
S31: system is added in user, submits identity information to be registered to trusted third party TP;
S32: the legitimacy of trusted third party TP certification user;
S33: if user is legal, a global identification presentation GID is distributed to user, and distribute a certificate and the overall situation to user
Private key, wherein certificate includes global identification presentation GID, the attribute list of user and the global public key of user of user;If should
User is illegal, then refuses addition system;
S34: when user receives certificate that trusted third party TP is sent and global private key, certificate is just issued its each category being subordinate to
Property authority AA;
S35: after attribute authority (aa) AA receives certificate, attribute authority (aa) AA uses the public key decryptions certificate of trusted third party TP, and tests
Whether the global identification presentation GID of card user belongs to user's revocation list UL;
S36: ifThen attribute authority (aa) AA generates attribute private key to user based on the attribute list of user;IfAttribute authority (aa) AA terminates operation;
S37: and then the attribute private key of user is sent to Cloud Server by attribute authority (aa) AA, and is stored on Cloud Server;
S4: access data, user access to server request data, and the property set and if only if user meets the access in ciphertext
Structure, user could decrypt ciphertext using global private key and attribute private key;
S5: user's revocation when the permission of user changes, is then updated the private key of user, keeps it new with one
Identity rejoins system.
2. the distributed access control method according to claim 1 based on encryption attribute, it is characterised in that: the step
S1 includes the following steps:
S11: trusted third party TP initialization inputs security parameter, generates the public/private key pair of system common parameter and trusted third party
It is right;
S12: attribute authority (aa) AA initialization;
Wherein S12 includes the following steps:
S121: each attribute authority (aa) AA receives the public key of system common parameter and trusted third party TP from TP;
S122: each attribute authority (aa) AA generates public private key-pair for each attribute of its management.
3. the distributed access control method according to claim 1 based on encryption attribute, it is characterised in that: the step
S2 includes the following steps:
S21: data owner receives system common parameter and each category from trusted third party TP and attribute authority (aa) AA respectively
The public key of property;
S22: data owner is based on global property collection U, is come to data definition one access structure A, A by access matrix (M, ρ)
It indicates, the wherein mapping between the every a line of function ρ representing matrix M and attribute x;
S23: from ZpFor middle selection random number s as encryption exponent, enabling s is vectorFirst element;
S24: it calculatesWherein MiIt is the i-th row of matrix M;
S25: random number r is choseni∈Zp;
S26: output ciphertext CT;
S27: data owner uploads to ciphertext CT on Cloud Server.
4. the distributed access control method according to claim 1 based on encryption attribute, it is characterised in that: the step
S4 includes the following steps:
S41: the global identification presentation GID of user sends data access request to Cloud Server, and certificate is issued Cloud Server;
S42: Cloud Server uses the public key decryptions certificate of trusted third party TP, and whether verifies user's overall situation identification presentation GID
Belong to user's revocation list UL;
S43: ifThen continue following operation;If GID ∈ UL, Cloud Server terminates operation;
S44: the attribute private key of Cloud Server retrieval user;
S45: ciphertext then is decrypted using the attribute private key of user, and generates decrypted token TK;
Wherein S45 includes the following steps:
S451: it enablesAnd I={ i: ρ (i) ∈ RA, if according to access matrix M, { λi}i∈IIt is the effective of encryption exponent s
Share, then there is recovery coefficient { wi∈Zp}i∈IEncryption exponent, which can be reconstructed, isCloud Server is chosen first
{wi∈Zp}i∈I;Wherein RAIndicate the property set in access structure A;
S452: then Cloud Server calculates decrypted token TK;
S46: and then TK and ciphertext are sent to user by Cloud Server;
S47: ciphertext is decrypted using global private key and TK by end user, if the attribute of user meets the access structure in ciphertext,
User's successful decryption;Fail if not satisfied, then decrypting.
5. the distributed access control method according to claim 1 based on encryption attribute, it is characterised in that: the step
S5 includes the following steps:
S51: when the permission of user changes, its changed identity information is sent to trusted third party TP by user,
And it is re-registered at trusted third party TP;
S52: trusted third party TP user original global identification presentation GID is written in UL, and announces UL;
S53: trusted third party TP is that user distributes a new global identity GID ', and distributes a new card for user
Book and global private key, wherein new certificate includes GID ', new Customer attribute row form and new global public key, then credible the
The new global private key of user and certificate are issued user by tripartite TP simultaneously;
S54: after user receives new certificate that trusted third party TP is sent and global private key, using new certificate again with its
The each attribute authority (aa) AA being subordinate to is interacted;
S55: when attribute authority (aa) AA receives certificate ACertGID′Afterwards, attribute authority (aa) AA uses the public key decryptions certificate of TP, and verifies use
Whether family GID ' belongs to UL;
S56: ifAA continues following operation;If GID ' ∈ UL, AA terminate operation;
S57: for the step as S37, attribute authority (aa) AA generates new attribute private to revocation user based on the attribute list of user
Key;
S58: and then each attribute private key of user is sent to Cloud Server by attribute authority (aa) AA, Cloud Server divides from key is participated in
The attribute private key of user is received at the attribute authority (aa) AA of hair and is stored, while Cloud Server deletes the category for increasing revocation user in UL newly
Property private key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510106880.5A CN104901942B (en) | 2015-03-10 | 2015-03-10 | A kind of distributed access control method based on encryption attribute |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510106880.5A CN104901942B (en) | 2015-03-10 | 2015-03-10 | A kind of distributed access control method based on encryption attribute |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104901942A CN104901942A (en) | 2015-09-09 |
| CN104901942B true CN104901942B (en) | 2019-03-12 |
Family
ID=54034340
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510106880.5A Active CN104901942B (en) | 2015-03-10 | 2015-03-10 | A kind of distributed access control method based on encryption attribute |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104901942B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111371548A (en) * | 2020-03-04 | 2020-07-03 | 贵州弈趣云创科技有限公司 | Method for encrypting and decrypting chained tracking member file based on identity code |
Families Citing this family (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105357002A (en) * | 2015-12-29 | 2016-02-24 | 武汉大学 | Sensitive information security outsourcing method based on cloud storage biological characteristic authentication |
| CN105681355B (en) * | 2016-03-25 | 2019-02-01 | 西安电子科技大学 | The access control system and its access control method of cloud storage digital library based on encryption attribute |
| CN109074463A (en) * | 2016-04-27 | 2018-12-21 | 三菱电机株式会社 | Attribute cooperation device, conveyer system, attribute collaboration method and attribute program interoperability |
| CN106790185B (en) * | 2016-12-30 | 2021-06-15 | 深圳市风云实业有限公司 | CP-ABE-based method and device for safely accessing authority dynamic update centralized information |
| CN106911702B (en) * | 2017-03-08 | 2019-08-02 | 福建师范大学 | Based on the cloud storage block encryption access control method for improving CP-ABE |
| WO2018165835A1 (en) * | 2017-03-14 | 2018-09-20 | 深圳大学 | Cloud ciphertext access control method and system |
| CN107508667B (en) * | 2017-07-10 | 2019-09-17 | 中国人民解放军信息工程大学 | Ciphertext policy ABE base encryption method and its device of the fix duty without key escrow can be disclosed |
| CN107395627B (en) * | 2017-08-22 | 2020-07-17 | 河海大学 | Lightweight authentication protocol based on one-way function |
| CN109525388B (en) * | 2017-09-19 | 2022-07-15 | 中兴通讯股份有限公司 | Combined encryption method and system with separated keys |
| CN107659574A (en) * | 2017-10-10 | 2018-02-02 | 郑州云海信息技术有限公司 | A kind of data access control system |
| CN107864139B (en) | 2017-11-09 | 2020-05-12 | 北京科技大学 | Cryptographic attribute base access control method and system based on dynamic rules |
| CN108418784B (en) * | 2017-12-04 | 2020-09-25 | 重庆邮电大学 | Distributed cross-domain authorization and access control method based on attribute password |
| CN108347426B (en) * | 2017-12-28 | 2021-10-26 | 广州华夏职业学院 | Teaching system information security management system based on big data and access method |
| CN108494733B (en) * | 2018-02-11 | 2021-10-29 | 上海全程玖玖健康服务有限公司 | Message queue subscription method for communication between health management systems |
| CN108390876B (en) * | 2018-02-13 | 2021-12-14 | 西安电子科技大学 | Multi-authorization-center access control method capable of supporting outsourcing revocation and verification and cloud server |
| CN108365959B (en) * | 2018-02-14 | 2020-09-15 | 东北大学 | Full-proxy outsourcing polynomial verification method in cloud environment |
| CN108429749B (en) * | 2018-03-12 | 2021-03-16 | 重庆邮电大学 | Outsourcing mandatory access control method based on hierarchical attribute encryption |
| CN109728903B (en) * | 2018-12-22 | 2021-09-17 | 复旦大学 | Block chain weak center password authorization method using attribute password |
| CN109936630B (en) * | 2019-02-27 | 2021-09-28 | 重庆邮电大学 | Distributed service access authorization and access control method based on attribute-based password |
| CN109818757A (en) * | 2019-03-18 | 2019-05-28 | 广东工业大学 | Cloud storage data access control method, Attribute certificate awarding method and system |
| CN110519283A (en) * | 2019-08-30 | 2019-11-29 | 广东工业大学 | A kind of ciphertext policy ABE base encryption method, apparatus and system |
| CN112532591B (en) * | 2020-11-06 | 2022-03-11 | 西安电子科技大学 | Cross-domain access control method, system, storage medium, computer equipment and terminal |
| CN115001730B (en) * | 2022-03-02 | 2023-09-05 | 上海交通大学 | Access control system and method based on role attribute in distributed scene |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103618609A (en) * | 2013-09-09 | 2014-03-05 | 南京邮电大学 | User timely revocation method based on attribute-based encryption in cloud environment |
| CN103618728A (en) * | 2013-12-04 | 2014-03-05 | 南京邮电大学 | Attribute-based encryption method for multiple authority centers |
| CN104378386A (en) * | 2014-12-09 | 2015-02-25 | 浪潮电子信息产业股份有限公司 | Method for cloud data confidentiality protection and access control |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2898624B1 (en) * | 2012-09-21 | 2018-02-07 | Nokia Technologies Oy | Method and apparatus for providing access control to shared data based on trust level |
-
2015
- 2015-03-10 CN CN201510106880.5A patent/CN104901942B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103618609A (en) * | 2013-09-09 | 2014-03-05 | 南京邮电大学 | User timely revocation method based on attribute-based encryption in cloud environment |
| CN103618728A (en) * | 2013-12-04 | 2014-03-05 | 南京邮电大学 | Attribute-based encryption method for multiple authority centers |
| CN104378386A (en) * | 2014-12-09 | 2015-02-25 | 浪潮电子信息产业股份有限公司 | Method for cloud data confidentiality protection and access control |
Non-Patent Citations (1)
| Title |
|---|
| DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems;Yang Kan等;《IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY》;20131130;第8卷(第11期);全文 |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111371548A (en) * | 2020-03-04 | 2020-07-03 | 贵州弈趣云创科技有限公司 | Method for encrypting and decrypting chained tracking member file based on identity code |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104901942A (en) | 2015-09-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104901942B (en) | A kind of distributed access control method based on encryption attribute | |
| Kumar et al. | Secure storage and access of data in cloud computing | |
| Zhou et al. | Achieving secure role-based access control on encrypted data in cloud storage | |
| Zhu et al. | A secure anti-collusion data sharing scheme for dynamic groups in the cloud | |
| CN108418784B (en) | Distributed cross-domain authorization and access control method based on attribute password | |
| CN114039790B (en) | Fine-grained cloud storage security access control method based on blockchain | |
| Hwang et al. | Achieving dynamic data guarantee and data confidentiality of public auditing in cloud storage service | |
| Swathy et al. | Providing advanced security mechanism for scalable data sharing in cloud storage | |
| KR101615137B1 (en) | Data access method based on attributed | |
| Qinlong et al. | Improving security and efciency for encrypted data sharing in online social networks | |
| Kumar | Cryptography during data sharing and accessing over cloud | |
| US20240048367A1 (en) | Distributed anonymized compliant encryption management system | |
| Malarvizhi et al. | Secure file sharing using cryptographic techniques in cloud | |
| Dhal et al. | RACC: An efficient and revocable fine grained access control model for cloud storage | |
| Salim et al. | An efficient public auditing scheme for cloud storage with secure access control and resistance against DOS attack by iniquitous TPA | |
| Pareek et al. | Proxy re-encryption scheme for access control enforcement delegation on outsourced data in public cloud | |
| Parhi et al. | Mp3: A more efficient private presence protocol | |
| CN107769915B (en) | Data encryption and decryption system and method with fine-grained user control | |
| Feng et al. | Secure data sharing solution for mobile cloud storage | |
| Mercy et al. | An efficient data security system for group data sharing in cloud system environment | |
| Sathana et al. | Three level security system for dynamic group in cloud | |
| Mishra et al. | Towards a secure, transparent and privacy-preserving DRM system | |
| Sathana et al. | Automated Security Providence for Dynamic Group in Cloud | |
| Patil et al. | Survey Paper On Modoc: Multi Owner Data Sharing Over Cloud | |
| Liu et al. | Coarser-grained multi-user searchable encryption in hybrid cloud |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |