CN110391901A - A kind of proxy re-encryption method for supporting complex access controlling element to describe - Google Patents
A kind of proxy re-encryption method for supporting complex access controlling element to describe Download PDFInfo
- Publication number
- CN110391901A CN110391901A CN201910602175.2A CN201910602175A CN110391901A CN 110391901 A CN110391901 A CN 110391901A CN 201910602175 A CN201910602175 A CN 201910602175A CN 110391901 A CN110391901 A CN 110391901A
- Authority
- CN
- China
- Prior art keywords
- proxy
- encryption
- ciphertext
- private key
- parameter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of proxy re-encryption methods for supporting complex access controlling element to describe, comprising the following steps: system is established;Data creation;Access control element obtains;Proxy re-encrypted private key parameter generates;Ciphertext data after generating description;Ciphertext data acquisition;User carries out the decryption of re-encryption ciphertext.The present invention introduces XML language in proxy re-encryption scheme and carries out unitized description, enhances flexibility and the expansibility of system by the analysis mode of more convenient and quicker;Meanwhile being added in the course of the description and attribute weight is considered, it realizes the further management to complex access controlling element, improves the formation efficiency of re-encrypted private key.
Description
Technical field
The invention belongs to access control descriptions and empowerment management field, especially a kind of support complex access controlling element to retouch
The proxy re-encryption method stated.
Background technique
With the fast development of extensive use and the cloud computing of internet, cloud storage technology is also had become a hot topic of research.Cloud
The most important point is to protect the safety and integrality of cloud data in calculating.A large amount of data are stored in cloud in the form of ciphertext
In, how meet safety and it is efficient under the premise of, completed using access control technology appropriate ciphertext protection and
Communication has important researching value.Meanwhile diversified application prospect will lead to the Continuous Innovation of IT industry.
, there is ciphertext access control technology, pass through designated pin in safety and integrity issue for cloud data
Algorithm and data key are encrypted, and encrypted data are stored in Cloud Server in the form of ciphertext, guarantee cloud
The safety of data.In conventional method, data are encrypted before using cloud service by data owner, are used by control
The key at family carries out rights management.Such as, the mechanism (ABE) point such as the encryption of based role, Identity based encryption, the encryption of attribute base
Not using user role, identity and attribute as decruption key parameter.The mechanism such as ABE by conjunction with access control model, can
Guarantee the validity of delegated strategy to a certain extent, KP-ABE and CP-ABE mechanism can support sophisticated strategies, in fine granularity
Data sharing and access control in terms of have very wide application prospect, be suitable for the unfixed situation of decryption side.Tradition
Access control method rely on the structure of access control tree more, when system lateral magnification, the increase or deletion of every minor node are all
It is once traversed, flexibility is poor.The especially structure of binary tree can for assigning with greater need for rearranging for node
Expansion is low, and the efficiency of system is caused also to be difficult to get a promotion.
Summary of the invention
The purpose of the present invention is to provide a kind of proxy re-encryption methods for supporting complex access controlling element to describe.
Realize the technical solution of the object of the invention are as follows: a kind of proxy re-encryption side for supporting complex access controlling element to describe
Method, this method realize that the system model includes Key Management Center, re-encrypted private key server and agency based on system model
Re-encryption server;Key Management Center is that user generates public private key pair, and re-encrypted private key server is controlled for complex access
The description of element and the generation of re-encrypted private key parameter and key, proxy re-encryption server are used to complete the fortune of proxy re-encryption
It calculates;Method includes the following steps:
(1) system is established
System initialization calls algorithm Setup generation system common parameter proxy re-encryption phase based on given parameter k
The public/private key pair parameter of pass;
(2) data creation
Founder submits key pair to generate request to Key Management Center, while providing parameter and carrying out system foundation, key
It is that founder generates public private key pair that algorithm level function calls in administrative center, and data creator adds the progress of data for the first time
It is close, call algorithm level function to generate ciphertext CAAnd it is transferred to proxy re-encryption server;
(3) access control element obtains
For data sharing user when accessing ciphertext data, system will acquire its related access control element, and pass through XML language
Say that Unify legislation into file, is used for the generation of proxy re-encrypted private key parameter after parsing;
(4) proxy re-encrypted private key parameter generates
System analysis XML file generates relevant access control element to List, and to its body attribute collection { sub }
In the element given assign weight, to generate access control condition parameter con, algorithm level function ReKeyGen is called to generate weight
Encryption key;
(5) the ciphertext data after description are generated
Proxy re-encryption server obtains re-encrypted private key and ciphertext CA, algorithm level function ReEnc is called, operation obtains
Shared cryptograph CB;
(6) ciphertext data acquisition
Data sharer submits re-encryption ciphertext data acquisition request, proxy re-encryption service to proxy re-encryption server
Device provides the shared cryptograph C after proxy re-encryption for it after obtaining the request of userB;
(7) user carries out the decryption of re-encryption ciphertext
Legitimate user is with the ciphertext C after own private key and descriptionB, call algorithm level function Dec decryption ciphertext to obtain close
Literary data.
Compared with prior art, remarkable advantage of the invention are as follows: (1) user sharing data only need to calculate basis for the first time
Ciphertext relies on thereafter Cloud Server according to the key parameter that the access control element of sharer generates and carries out adding again for data
It is close, mitigate the cloud computing cost of user;(2) the access control element for passing through XML language Unify legislation complexity borrows unitized
Form make the more flexible convenience of access control structure, either transverse direction or vertical expansion system, all will not influence its efficiency;
Meanwhile being concentrated in body attribute and introducing weight as reference value, its corresponding weight is assigned for different body attributes, makes to generate
Key parametric process is more targeted.
Detailed description of the invention
Fig. 1 is system model schematic diagram of the invention.
Fig. 2 is the proxy re-encryption method flow diagram for supporting the description of complex access controlling element.
Fig. 3 is data creation and browsing process figure.
Fig. 4 is access control element description scheme schematic diagram
Fig. 5 is that re-encrypted private key parameter generates schematic diagram.
Specific embodiment
The present invention in view of the problems of the existing technology, by proxy re-encryption (Proxy Re-Encryption, PRE)
Thought is introduced into complex access control, and proposes that the proxy re-encryption side of complex access controlling element description is supported in a kind of cloud
Method.User sharing data only need to calculate basic ciphertext for the first time, rely on Cloud Server thereafter according to the access control of sharer
The key parameter that element processed generates carries out the re-encryption of data, mitigates the cloud computing cost of user;Meanwhile passing through XML language
The access control element of Unify legislation complexity, borrowing unitized form makes the more flexible convenience of access control structure, either
Transverse direction or vertical expansion system, all will not influence its efficiency;Weight is introduced as reference value in addition, concentrating in body attribute,
Its corresponding weight is assigned for different body attributes, keeps generation key parametric process more targeted.
A kind of complex access controlling element based on proxy re-encryption of the invention describes method, and this method is based on system mould
Type is realized, as shown in Figure 1, the system model includes Key Management Center, re-encrypted private key server and proxy re-encryption clothes
Business device;
Key Management Center (KMC): public private key pair is generated for user.
Re-encrypted private key server (REK): description and re-encrypted private key parameter for complex access controlling element and close
The generation of key.
Proxy re-encryption server (Re-Enc): the operation of proxy re-encryption is completed.
Data creator A: accessed data M is created, and the safe handlings such as underlying cryptographic are carried out to it, is taken eventually by cloud
Device progress data of being engaged in are shared, while being managed to the access control of data.
Data sharing user B: access application is proposed to message M, data are obtained by Cloud Server and are decrypted, finally
Realize the acquisition of data or service.
The creation and access of data rely on internet: data owner A and shared user B may be connected to interconnection
Net, so as to interacted with the clouds data server such as REK, Re-Enc and KMC trusted servers, realize data creation and
Access etc..
Data sharer's not unloading and store authorized data privately: sharer carries out passing through network when data access
The acquisition of parameter is carried out, and is decrypted, is saved thereafter and without the local of data, sublicense.
KMC, data owner and data sharing user be it is credible, KMC is responsible for the generation of common parameter and public private key pair, number
It is the founder of basic ciphertext according to the owner;It is credible that access user will not actively reveal association key data .REK, Re-Enc half
Server is responsible for generating re-encrypted private key generates, re-encryption ciphertext generates etc., which adds loyal carry out data ciphertext again
Close implementation, while the possibility for having leakage user data, excavating privacy of user.
As shown in Fig. 2, the method for the present invention key step is as follows:
(1) system is established
System initialization calls algorithm Setup generation system common parameter proxy re-encryption phase based on given parameter k
The public/private key pair parameter of pass
(2) data creation
Founder submits key pair to generate request to KMC, while providing parameter and carrying out system foundation, and KMC calls algorithm layer
Surface function is that founder generates public private key pair, and algorithm level function is called in progress first time encryption of the data creator to data
Generate ciphertext CAAnd it is transferred to Re-Enc server
(3) access control element obtains
For data sharing user when accessing ciphertext data, system will acquire its related access control element, and pass through XML language
Unify legislation is sayed into file, structure is divided into main body, object and behavior three parts, and main body is for describing user's essential characteristic, visitor
Body is for limiting main element, and behavior is for controlling user's operation;The generation of proxy re-encrypted private key parameter is used for after parsing.
(4) proxy re-encrypted private key parameter generates
System analysis XML file generates relevant access control element to List, and to its body attribute collection { sub }
In the element given assign weight, to generate access control condition parameter con, algorithm level function ReKeyGen is called to generate weight
Encryption key.
(5) the ciphertext data after description are generated
Re-Enc server obtains re-encrypted private key and ciphertext CA, algorithm level function ReEnc is called, operation is shared
Ciphertext CB。
(6) ciphertext data acquisition
Data sharer submits re-encryption ciphertext data acquisition request to Re-Enc server, and Re-Enc obtains asking for user
Shared cryptograph C after proxy re-encryption is provided after asking for itB。
(7) user carries out the decryption of re-encryption ciphertext
Legitimate user is with the ciphertext C after own private key and descriptionB, call algorithm level function Dec decryption ciphertext to obtain close
Literary data.
The corresponding algorithmic function of above method step is as follows:
(1) parameter is established: Setup (k) → prama
Setup (k) → prama chooses the prime number k that length is q, groupFor multiplicative cyclic group, g, U areGeneration
Member, hash function group H1,H2,H3,H4,H5, wherein ZqFor the integer cyclic group of mould q,Indicated mould q both
About residue system set, q are natural number;WithIndicate multiplicative cyclic groupThe generation member power of selection.Open parameter
(2) foundation key generates: KeyGen (param) → (skA,pkA)
KeyGen(param)→(skA,pkA), it choosesThen skA=a, pkA=ga, similarly there is skB=b,
pkB=gb.
(3) it encrypts for the first time: Enc (M, pkA)→CA
User A uses own public key pkAEncrypting plaintext information M choosesThen CA=(c1,c2,c3,c4) wherein,
c1=gr;
c2=gu;
c3=u+rH2(c1,c2);
(4) re-encrypted private key parameter con is generated:
ReKeyParam (XMLfile) → con, access control element are described after obtaining with xml language unity, parse this article
Part obtains List={ sub, obj, act }={ { subi},{objj},{actk}};1≤i,j,k≤n;
For n element in the body attribute collection { sub } in list List, each element corresponds to its weightAnd constructorThen
It choosesCalculate subi=H2(u,H1(List.sub)) Lai Shengcheng proxy re-encrypted private key parameter con=f
(subi)。
(5) proxy re-encrypted private key generates:
It choosesThen Y=gy;
Enable U1=Ucon, then havez2=y-skA·z1;
Therefore it generates by A to B proxy re-encrypted private key
(6) proxy re-encryption:
Encryption agents are to ciphertext CARe-encryption is carried out, generation can be by skBIt is decrypted
Ciphertext CB=(c '1,c'2,c'3,c'4If)It is then calculated as follows, otherwise feedback information integrality is wrong
Accidentally;Wherein,
c′4=c4。
(7) it decrypts:
Dec(skB,CB, con) and → M, the ciphertext after user B decryption re-encryption, acquisition plaintext M.
IfIt is then calculated as follows, otherwise feedback information completeness error;
Sub property set in con has n element, enables
Then to all subi=H2(ui,H1(List.sub)) ∈ S is calculated
Calculate c "1With c "2Value
It calculatesIt then exports in plain text
2 implementations are generated below by the creation of description user data, data access and re-encrypted private key parameter in the process
Example is to illustrate specific steps and algorithm application method.
Embodiment 1
It is creation data user with user A such as Fig. 3 left-hand component.
(1) A carries out system foundation, calls the relevant public/private key pair of algorithm Setup generation system common parameter proxy re-encryption
Parameter;
(2) A submits key pair to generate request to KMC, while providing parameter K and carrying out system foundation, and KMC calls algorithm level
Function KeyGen is that A generates public private key pair (skA,pkA);
(3) progress first time encryption of the A to clear data M calls algorithm level function Enc to generate ciphertext CAAnd it is transferred to
Re-Enc server;
(4) user A is while creating data ciphertext, by the relevant access control policy of data (policy content: user angle
Color B can carry out related access to the sensitive data in Department department before date 2019-12-31) it is sent to
REK so as to the operation such as subsequent data access and proxy re-encryption, and completes data creation.
Embodiment 2
Data access process, such as Fig. 3 right-hand component:
(1) assume that user's B data sharer, B submit re-encryption ciphertext data acquisition request to Re-Enc;
(2) REK obtains the access control element of B, the management for the permission that accesses, if legal data access user,
Then re-encrypted private key is generated for it;
Detailed process:
After getting the access control element of B, unitized description, parsing extraction and additional weight are carried out.
A. unitized description is carried out by complex access controlling element of the XML to B, generates XML file, structure is divided into master
Body, object and behavior three parts, main body is for describing user's essential characteristic such as user name Bob, department Department and role
Manager etc.;Object is for limiting main element, comprising access validity period and access times, as the role of user B is at validity period
Before 2019-12-31;Behavior includes to download, upload, update and delete etc. to operate for controlling user B operation;Such as Fig. 4, if
When the sensitive data of user's B access information department, main element was necessary for the Manager of information departments, and in 2019 12
Just Lawful access can be carried out to the data before the moon 31.
B. main body describes the visible Fig. 5 of details, and this document is parsed into available by the structural reference main body description of object and behavior
In the List for generating proxy re-encrypted private key parameterB, and weight is added to main element;
C. algorithm level function ReKeyParam is called, parameter con is generatedB。
(3) Re-Enc obtains rkA→B, call algorithm level function ReEnc, operation CB, and to B provide proxy re-encryption after
Ciphertext CB;
(4) ciphertext C is obtainedBAfterwards, user B its private key skB, algorithm level function Dec is called to decrypt CB, obtain plaintext number
According to M.
Claims (6)
1. a kind of proxy re-encryption method for supporting complex access controlling element to describe, which is characterized in that this method is based on system
Model realization, the system model include Key Management Center, re-encrypted private key server and proxy re-encryption server;Key
Administrative center is that user generates public private key pair, and re-encrypted private key server is used for the description and re-encryption of complex access controlling element
The generation of key parameter and key, proxy re-encryption server are used to complete the operation of proxy re-encryption;This method includes following
Step:
(1) system is established
System initialization calls algorithm Setup generation system common parameter proxy re-encryption relevant based on given parameter k
Public/private key pair parameter;
(2) data creation
Founder submits key pair to generate request to Key Management Center, while providing parameter and carrying out system foundation, key management
It is that founder generates public private key pair that algorithm level function is called at center, and progress first time encryption of the data creator to data is adjusted
Ciphertext C is generated with algorithm level functionAAnd it is transferred to proxy re-encryption server;
(3) access control element obtains
For data sharing user when accessing ciphertext data, system will acquire its related access control element, and be united by XML language
One is described in file, and the generation of proxy re-encrypted private key parameter is used for after parsing;
(4) proxy re-encrypted private key parameter generates
System analysis XML file generates relevant access control element to List, and to giving in its body attribute collection { sub }
Element assign weight, to generate access control condition parameter con, algorithm level function ReKeyGen is called to generate re-encryption
Key;
(5) the ciphertext data after description are generated
Proxy re-encryption server obtains re-encrypted private key and ciphertext CA, algorithm level function ReEnc is called, operation is shared
Ciphertext CB;
(6) ciphertext data acquisition
Data sharer submits re-encryption ciphertext data acquisition request to proxy re-encryption server, and proxy re-encryption server obtains
It takes and the shared cryptograph C after proxy re-encryption is provided for it after the request at familyB;
(7) user carries out the decryption of re-encryption ciphertext
Legitimate user is with the ciphertext C after own private key and descriptionB, algorithm level function Dec decryption ciphertext is called to obtain ciphertext number
According to.
2. the proxy re-encryption method according to claim 1 for supporting the description of complex access controlling element, which is characterized in that
Public/private key pair parameter generating method are as follows:
Parameter is established: Setup (k) → prama
Setup (k) → prama chooses the prime number k that length is q, groupFor multiplicative cyclic group, g, U areGeneration member, Hash
Group of functions H1,H2,H3,H4,H5, wherein H1:{0,1}*→{0,1}l, H2:H3:H4:H5:ZqFor the integer cyclic group of mould q,Indicate the reduced system of residues set of mould q, q is certainly
So number;WithIndicate multiplicative cyclic groupThe generation member power of selection;Open parameter
3. the proxy re-encryption method according to claim 1 for supporting the description of complex access controlling element, which is characterized in that
The detailed process of data creation are as follows:
Foundation key generates: KeyGen (param) → (skA,pkA)
KeyGen(param)→(skA,pkA), a is chosen,Then skA=a, pkA=ga, similarly there is skB=b, pkB=
gb.
It encrypts for the first time: Enc (M, pkA)→CA
User A uses own public key pkAEncrypting plaintext information M chooses r,Then CA=(c1,c2,c3,c4);Wherein,
c1=gr;
c2=gu;
c3=u+rH2(c1,c2);
4. the proxy re-encryption method according to claim 1 for supporting the description of complex access controlling element, which is characterized in that
The process that access control element obtains and proxy re-encrypted private key parameter generates are as follows:
Re-encrypted private key parameter con is generated:
ReKeyParam (XMLfile) → con, access control element are described after obtaining with xml language unity, and parsing this document obtains
To List={ sub, obj, act }={ { subi},{objj},{actk}};1≤i,j,k≤n;
For n element in the body attribute collection { sub } in list List, each element corresponds to its weight
And constructorThen
It choosesCalculate subi=H2(u,H1(List.sub)) Lai Shengcheng proxy re-encrypted private key parameter con=f
(subi);
Proxy re-encrypted private key generates:
It choosesThen Y=gy;
Enable U1=Ucon, then havez2=y-skA·z1;
Therefore it generates by A to B proxy re-encrypted private key
5. the proxy re-encryption method according to claim 1 for supporting the description of complex access controlling element, which is characterized in that
The production method of ciphertext data are as follows:
Encryption agents are to ciphertext CARe-encryption is carried out, generation can be by skBThe ciphertext decrypted
CB=(c '1,c′2,c′3,c′4);IfIt is then calculated as follows, otherwise feedback information completeness error;Its
In,
c′4=c4。
6. the proxy re-encryption method according to claim 1 for supporting the description of complex access controlling element, which is characterized in that
The method of re-encryption ciphertext decryption are as follows:
Dec(skB,CB, con) and → M, the ciphertext after user B decryption re-encryption, acquisition plaintext M.
IfIt is then calculated as follows, otherwise feedback information completeness error;
Sub property set in con has n element, enables
Then to all subi=H2(ui,H1(List.sub)) ∈ S is calculated
Calculate c "1With c "2Value
It calculatesIt then exports in plain text
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910602175.2A CN110391901B (en) | 2019-07-05 | 2019-07-05 | Proxy re-encryption method supporting complex access control element description |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910602175.2A CN110391901B (en) | 2019-07-05 | 2019-07-05 | Proxy re-encryption method supporting complex access control element description |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110391901A true CN110391901A (en) | 2019-10-29 |
CN110391901B CN110391901B (en) | 2021-09-21 |
Family
ID=68286252
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910602175.2A Active CN110391901B (en) | 2019-07-05 | 2019-07-05 | Proxy re-encryption method supporting complex access control element description |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110391901B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115225364A (en) * | 2022-07-15 | 2022-10-21 | 中国科学技术大学 | High-efficiency dynamic access control method and system for cloud-oriented encrypted data |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150067330A1 (en) * | 2012-03-30 | 2015-03-05 | British Telecommunications Public Limited Company | Method and system for network data access |
CN106612175A (en) * | 2016-08-25 | 2017-05-03 | 四川用联信息技术有限公司 | Proxy re-encryption algorithm for multi-element access control in mobile cloud |
CN106789058A (en) * | 2016-12-09 | 2017-05-31 | 南京理工大学 | One kind acts on behalf of re-encryption arthmetic statement and analytic method |
CN108600217A (en) * | 2018-04-23 | 2018-09-28 | 南京理工大学 | A kind of data grant certainty update method of the high in the clouds based on proxy re-encryption |
CN109660555A (en) * | 2019-01-09 | 2019-04-19 | 上海交通大学 | Content safety sharing method and system based on proxy re-encryption |
-
2019
- 2019-07-05 CN CN201910602175.2A patent/CN110391901B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150067330A1 (en) * | 2012-03-30 | 2015-03-05 | British Telecommunications Public Limited Company | Method and system for network data access |
CN106612175A (en) * | 2016-08-25 | 2017-05-03 | 四川用联信息技术有限公司 | Proxy re-encryption algorithm for multi-element access control in mobile cloud |
CN106789058A (en) * | 2016-12-09 | 2017-05-31 | 南京理工大学 | One kind acts on behalf of re-encryption arthmetic statement and analytic method |
CN108600217A (en) * | 2018-04-23 | 2018-09-28 | 南京理工大学 | A kind of data grant certainty update method of the high in the clouds based on proxy re-encryption |
CN109660555A (en) * | 2019-01-09 | 2019-04-19 | 上海交通大学 | Content safety sharing method and system based on proxy re-encryption |
Non-Patent Citations (1)
Title |
---|
苏铓等: "基于代理重加密的云端多要素访问控制方案", 《通信学报》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115225364A (en) * | 2022-07-15 | 2022-10-21 | 中国科学技术大学 | High-efficiency dynamic access control method and system for cloud-oriented encrypted data |
CN115225364B (en) * | 2022-07-15 | 2023-11-17 | 中国科学技术大学 | Efficient dynamic access control method and system for cloud encrypted data |
Also Published As
Publication number | Publication date |
---|---|
CN110391901B (en) | 2021-09-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108600217B (en) | Cloud-based data authorization certainty updating method based on proxy re-encryption | |
US9129095B1 (en) | Client-side encryption with DRM | |
CN104486315B (en) | A kind of revocable key outsourcing decryption method based on contents attribute | |
US9894040B2 (en) | Trust services for securing data in the cloud | |
CN108810004A (en) | More authorization center access control methods, cloud storage system can be revoked based on agency | |
CN108833393A (en) | A kind of revocable data sharing method calculated based on mist | |
Ezhilarasi et al. | A secure data sharing using IDSS CP-ABE in cloud storage | |
Shen et al. | Multi-security-level cloud storage system based on improved proxy re-encryption | |
Pradeep et al. | An efficient framework for sharing a file in a secure manner using asymmetric key distribution management in cloud environment | |
CN108111540A (en) | The hierarchical access control system and method for data sharing are supported in a kind of cloud storage | |
CN106302411A (en) | The secure cloud storage method and system of support file encryption based on windows platform | |
CN106612169A (en) | Safe data sharing method in cloud environment | |
CN103516523A (en) | Data encryption system structure based on cloud storage | |
CN109039614A (en) | A kind of proxy re-encryption method based on optimal ate | |
CN114679340B (en) | File sharing method, system, device and readable storage medium | |
Wise et al. | Cloud docs: secure scalable document sharing on public clouds | |
Pervez et al. | SAPDS: self-healing attribute-based privacy aware data sharing in cloud | |
CN104935588B (en) | A kind of hierarchical encryption management method of safe cloud storage system | |
CN106612175A (en) | Proxy re-encryption algorithm for multi-element access control in mobile cloud | |
CN110391901A (en) | A kind of proxy re-encryption method for supporting complex access controlling element to describe | |
Chinnasamy et al. | Secure and Efficient Data Sharing Scheme in Cloud for Protecting Data in Smart Cities | |
Fan et al. | Secure and private key management scheme in big data networking | |
Charanya et al. | Attribute based encryption for secure sharing of E-health data | |
Chennam et al. | Cloud security in crypt database server using fine grained access control | |
Wang et al. | A CP-ABE access control scheme based on proxy re-encryption in cloud storage |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |