CN110391901A - A kind of proxy re-encryption method for supporting complex access controlling element to describe - Google Patents

A kind of proxy re-encryption method for supporting complex access controlling element to describe Download PDF

Info

Publication number
CN110391901A
CN110391901A CN201910602175.2A CN201910602175A CN110391901A CN 110391901 A CN110391901 A CN 110391901A CN 201910602175 A CN201910602175 A CN 201910602175A CN 110391901 A CN110391901 A CN 110391901A
Authority
CN
China
Prior art keywords
proxy
encryption
ciphertext
private key
parameter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910602175.2A
Other languages
Chinese (zh)
Other versions
CN110391901B (en
Inventor
苏铓
连政
汪良辰
付安民
俞研
赵银艳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Tech University
Original Assignee
Nanjing Tech University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Tech University filed Critical Nanjing Tech University
Priority to CN201910602175.2A priority Critical patent/CN110391901B/en
Publication of CN110391901A publication Critical patent/CN110391901A/en
Application granted granted Critical
Publication of CN110391901B publication Critical patent/CN110391901B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of proxy re-encryption methods for supporting complex access controlling element to describe, comprising the following steps: system is established;Data creation;Access control element obtains;Proxy re-encrypted private key parameter generates;Ciphertext data after generating description;Ciphertext data acquisition;User carries out the decryption of re-encryption ciphertext.The present invention introduces XML language in proxy re-encryption scheme and carries out unitized description, enhances flexibility and the expansibility of system by the analysis mode of more convenient and quicker;Meanwhile being added in the course of the description and attribute weight is considered, it realizes the further management to complex access controlling element, improves the formation efficiency of re-encrypted private key.

Description

A kind of proxy re-encryption method for supporting complex access controlling element to describe
Technical field
The invention belongs to access control descriptions and empowerment management field, especially a kind of support complex access controlling element to retouch The proxy re-encryption method stated.
Background technique
With the fast development of extensive use and the cloud computing of internet, cloud storage technology is also had become a hot topic of research.Cloud The most important point is to protect the safety and integrality of cloud data in calculating.A large amount of data are stored in cloud in the form of ciphertext In, how meet safety and it is efficient under the premise of, completed using access control technology appropriate ciphertext protection and Communication has important researching value.Meanwhile diversified application prospect will lead to the Continuous Innovation of IT industry.
, there is ciphertext access control technology, pass through designated pin in safety and integrity issue for cloud data Algorithm and data key are encrypted, and encrypted data are stored in Cloud Server in the form of ciphertext, guarantee cloud The safety of data.In conventional method, data are encrypted before using cloud service by data owner, are used by control The key at family carries out rights management.Such as, the mechanism (ABE) point such as the encryption of based role, Identity based encryption, the encryption of attribute base Not using user role, identity and attribute as decruption key parameter.The mechanism such as ABE by conjunction with access control model, can Guarantee the validity of delegated strategy to a certain extent, KP-ABE and CP-ABE mechanism can support sophisticated strategies, in fine granularity Data sharing and access control in terms of have very wide application prospect, be suitable for the unfixed situation of decryption side.Tradition Access control method rely on the structure of access control tree more, when system lateral magnification, the increase or deletion of every minor node are all It is once traversed, flexibility is poor.The especially structure of binary tree can for assigning with greater need for rearranging for node Expansion is low, and the efficiency of system is caused also to be difficult to get a promotion.
Summary of the invention
The purpose of the present invention is to provide a kind of proxy re-encryption methods for supporting complex access controlling element to describe.
Realize the technical solution of the object of the invention are as follows: a kind of proxy re-encryption side for supporting complex access controlling element to describe Method, this method realize that the system model includes Key Management Center, re-encrypted private key server and agency based on system model Re-encryption server;Key Management Center is that user generates public private key pair, and re-encrypted private key server is controlled for complex access The description of element and the generation of re-encrypted private key parameter and key, proxy re-encryption server are used to complete the fortune of proxy re-encryption It calculates;Method includes the following steps:
(1) system is established
System initialization calls algorithm Setup generation system common parameter proxy re-encryption phase based on given parameter k The public/private key pair parameter of pass;
(2) data creation
Founder submits key pair to generate request to Key Management Center, while providing parameter and carrying out system foundation, key It is that founder generates public private key pair that algorithm level function calls in administrative center, and data creator adds the progress of data for the first time It is close, call algorithm level function to generate ciphertext CAAnd it is transferred to proxy re-encryption server;
(3) access control element obtains
For data sharing user when accessing ciphertext data, system will acquire its related access control element, and pass through XML language Say that Unify legislation into file, is used for the generation of proxy re-encrypted private key parameter after parsing;
(4) proxy re-encrypted private key parameter generates
System analysis XML file generates relevant access control element to List, and to its body attribute collection { sub } In the element given assign weight, to generate access control condition parameter con, algorithm level function ReKeyGen is called to generate weight Encryption key;
(5) the ciphertext data after description are generated
Proxy re-encryption server obtains re-encrypted private key and ciphertext CA, algorithm level function ReEnc is called, operation obtains Shared cryptograph CB
(6) ciphertext data acquisition
Data sharer submits re-encryption ciphertext data acquisition request, proxy re-encryption service to proxy re-encryption server Device provides the shared cryptograph C after proxy re-encryption for it after obtaining the request of userB
(7) user carries out the decryption of re-encryption ciphertext
Legitimate user is with the ciphertext C after own private key and descriptionB, call algorithm level function Dec decryption ciphertext to obtain close Literary data.
Compared with prior art, remarkable advantage of the invention are as follows: (1) user sharing data only need to calculate basis for the first time Ciphertext relies on thereafter Cloud Server according to the key parameter that the access control element of sharer generates and carries out adding again for data It is close, mitigate the cloud computing cost of user;(2) the access control element for passing through XML language Unify legislation complexity borrows unitized Form make the more flexible convenience of access control structure, either transverse direction or vertical expansion system, all will not influence its efficiency; Meanwhile being concentrated in body attribute and introducing weight as reference value, its corresponding weight is assigned for different body attributes, makes to generate Key parametric process is more targeted.
Detailed description of the invention
Fig. 1 is system model schematic diagram of the invention.
Fig. 2 is the proxy re-encryption method flow diagram for supporting the description of complex access controlling element.
Fig. 3 is data creation and browsing process figure.
Fig. 4 is access control element description scheme schematic diagram
Fig. 5 is that re-encrypted private key parameter generates schematic diagram.
Specific embodiment
The present invention in view of the problems of the existing technology, by proxy re-encryption (Proxy Re-Encryption, PRE) Thought is introduced into complex access control, and proposes that the proxy re-encryption side of complex access controlling element description is supported in a kind of cloud Method.User sharing data only need to calculate basic ciphertext for the first time, rely on Cloud Server thereafter according to the access control of sharer The key parameter that element processed generates carries out the re-encryption of data, mitigates the cloud computing cost of user;Meanwhile passing through XML language The access control element of Unify legislation complexity, borrowing unitized form makes the more flexible convenience of access control structure, either Transverse direction or vertical expansion system, all will not influence its efficiency;Weight is introduced as reference value in addition, concentrating in body attribute, Its corresponding weight is assigned for different body attributes, keeps generation key parametric process more targeted.
A kind of complex access controlling element based on proxy re-encryption of the invention describes method, and this method is based on system mould Type is realized, as shown in Figure 1, the system model includes Key Management Center, re-encrypted private key server and proxy re-encryption clothes Business device;
Key Management Center (KMC): public private key pair is generated for user.
Re-encrypted private key server (REK): description and re-encrypted private key parameter for complex access controlling element and close The generation of key.
Proxy re-encryption server (Re-Enc): the operation of proxy re-encryption is completed.
Data creator A: accessed data M is created, and the safe handlings such as underlying cryptographic are carried out to it, is taken eventually by cloud Device progress data of being engaged in are shared, while being managed to the access control of data.
Data sharing user B: access application is proposed to message M, data are obtained by Cloud Server and are decrypted, finally Realize the acquisition of data or service.
The creation and access of data rely on internet: data owner A and shared user B may be connected to interconnection Net, so as to interacted with the clouds data server such as REK, Re-Enc and KMC trusted servers, realize data creation and Access etc..
Data sharer's not unloading and store authorized data privately: sharer carries out passing through network when data access The acquisition of parameter is carried out, and is decrypted, is saved thereafter and without the local of data, sublicense.
KMC, data owner and data sharing user be it is credible, KMC is responsible for the generation of common parameter and public private key pair, number It is the founder of basic ciphertext according to the owner;It is credible that access user will not actively reveal association key data .REK, Re-Enc half Server is responsible for generating re-encrypted private key generates, re-encryption ciphertext generates etc., which adds loyal carry out data ciphertext again Close implementation, while the possibility for having leakage user data, excavating privacy of user.
As shown in Fig. 2, the method for the present invention key step is as follows:
(1) system is established
System initialization calls algorithm Setup generation system common parameter proxy re-encryption phase based on given parameter k The public/private key pair parameter of pass
(2) data creation
Founder submits key pair to generate request to KMC, while providing parameter and carrying out system foundation, and KMC calls algorithm layer Surface function is that founder generates public private key pair, and algorithm level function is called in progress first time encryption of the data creator to data Generate ciphertext CAAnd it is transferred to Re-Enc server
(3) access control element obtains
For data sharing user when accessing ciphertext data, system will acquire its related access control element, and pass through XML language Unify legislation is sayed into file, structure is divided into main body, object and behavior three parts, and main body is for describing user's essential characteristic, visitor Body is for limiting main element, and behavior is for controlling user's operation;The generation of proxy re-encrypted private key parameter is used for after parsing.
(4) proxy re-encrypted private key parameter generates
System analysis XML file generates relevant access control element to List, and to its body attribute collection { sub } In the element given assign weight, to generate access control condition parameter con, algorithm level function ReKeyGen is called to generate weight Encryption key.
(5) the ciphertext data after description are generated
Re-Enc server obtains re-encrypted private key and ciphertext CA, algorithm level function ReEnc is called, operation is shared Ciphertext CB
(6) ciphertext data acquisition
Data sharer submits re-encryption ciphertext data acquisition request to Re-Enc server, and Re-Enc obtains asking for user Shared cryptograph C after proxy re-encryption is provided after asking for itB
(7) user carries out the decryption of re-encryption ciphertext
Legitimate user is with the ciphertext C after own private key and descriptionB, call algorithm level function Dec decryption ciphertext to obtain close Literary data.
The corresponding algorithmic function of above method step is as follows:
(1) parameter is established: Setup (k) → prama
Setup (k) → prama chooses the prime number k that length is q, groupFor multiplicative cyclic group, g, U areGeneration Member, hash function group H1,H2,H3,H4,H5, wherein ZqFor the integer cyclic group of mould q,Indicated mould q both About residue system set, q are natural number;WithIndicate multiplicative cyclic groupThe generation member power of selection.Open parameter
(2) foundation key generates: KeyGen (param) → (skA,pkA)
KeyGen(param)→(skA,pkA), it choosesThen skA=a, pkA=ga, similarly there is skB=b, pkB=gb.
(3) it encrypts for the first time: Enc (M, pkA)→CA
User A uses own public key pkAEncrypting plaintext information M choosesThen CA=(c1,c2,c3,c4) wherein,
c1=gr
c2=gu
c3=u+rH2(c1,c2);
(4) re-encrypted private key parameter con is generated:
ReKeyParam (XMLfile) → con, access control element are described after obtaining with xml language unity, parse this article Part obtains List={ sub, obj, act }={ { subi},{objj},{actk}};1≤i,j,k≤n;
For n element in the body attribute collection { sub } in list List, each element corresponds to its weightAnd constructorThen
It choosesCalculate subi=H2(u,H1(List.sub)) Lai Shengcheng proxy re-encrypted private key parameter con=f (subi)。
(5) proxy re-encrypted private key generates:
It choosesThen Y=gy
Enable U1=Ucon, then havez2=y-skA·z1
Therefore it generates by A to B proxy re-encrypted private key
(6) proxy re-encryption:
Encryption agents are to ciphertext CARe-encryption is carried out, generation can be by skBIt is decrypted Ciphertext CB=(c '1,c'2,c'3,c'4If)It is then calculated as follows, otherwise feedback information integrality is wrong Accidentally;Wherein,
c′4=c4
(7) it decrypts:
Dec(skB,CB, con) and → M, the ciphertext after user B decryption re-encryption, acquisition plaintext M.
IfIt is then calculated as follows, otherwise feedback information completeness error;
Sub property set in con has n element, enables
Then to all subi=H2(ui,H1(List.sub)) ∈ S is calculated
Calculate c "1With c "2Value
It calculatesIt then exports in plain text
2 implementations are generated below by the creation of description user data, data access and re-encrypted private key parameter in the process Example is to illustrate specific steps and algorithm application method.
Embodiment 1
It is creation data user with user A such as Fig. 3 left-hand component.
(1) A carries out system foundation, calls the relevant public/private key pair of algorithm Setup generation system common parameter proxy re-encryption Parameter;
(2) A submits key pair to generate request to KMC, while providing parameter K and carrying out system foundation, and KMC calls algorithm level Function KeyGen is that A generates public private key pair (skA,pkA);
(3) progress first time encryption of the A to clear data M calls algorithm level function Enc to generate ciphertext CAAnd it is transferred to Re-Enc server;
(4) user A is while creating data ciphertext, by the relevant access control policy of data (policy content: user angle Color B can carry out related access to the sensitive data in Department department before date 2019-12-31) it is sent to REK so as to the operation such as subsequent data access and proxy re-encryption, and completes data creation.
Embodiment 2
Data access process, such as Fig. 3 right-hand component:
(1) assume that user's B data sharer, B submit re-encryption ciphertext data acquisition request to Re-Enc;
(2) REK obtains the access control element of B, the management for the permission that accesses, if legal data access user, Then re-encrypted private key is generated for it;
Detailed process:
After getting the access control element of B, unitized description, parsing extraction and additional weight are carried out.
A. unitized description is carried out by complex access controlling element of the XML to B, generates XML file, structure is divided into master Body, object and behavior three parts, main body is for describing user's essential characteristic such as user name Bob, department Department and role Manager etc.;Object is for limiting main element, comprising access validity period and access times, as the role of user B is at validity period Before 2019-12-31;Behavior includes to download, upload, update and delete etc. to operate for controlling user B operation;Such as Fig. 4, if When the sensitive data of user's B access information department, main element was necessary for the Manager of information departments, and in 2019 12 Just Lawful access can be carried out to the data before the moon 31.
B. main body describes the visible Fig. 5 of details, and this document is parsed into available by the structural reference main body description of object and behavior In the List for generating proxy re-encrypted private key parameterB, and weight is added to main element;
C. algorithm level function ReKeyParam is called, parameter con is generatedB
(3) Re-Enc obtains rkA→B, call algorithm level function ReEnc, operation CB, and to B provide proxy re-encryption after Ciphertext CB
(4) ciphertext C is obtainedBAfterwards, user B its private key skB, algorithm level function Dec is called to decrypt CB, obtain plaintext number According to M.

Claims (6)

1. a kind of proxy re-encryption method for supporting complex access controlling element to describe, which is characterized in that this method is based on system Model realization, the system model include Key Management Center, re-encrypted private key server and proxy re-encryption server;Key Administrative center is that user generates public private key pair, and re-encrypted private key server is used for the description and re-encryption of complex access controlling element The generation of key parameter and key, proxy re-encryption server are used to complete the operation of proxy re-encryption;This method includes following Step:
(1) system is established
System initialization calls algorithm Setup generation system common parameter proxy re-encryption relevant based on given parameter k Public/private key pair parameter;
(2) data creation
Founder submits key pair to generate request to Key Management Center, while providing parameter and carrying out system foundation, key management It is that founder generates public private key pair that algorithm level function is called at center, and progress first time encryption of the data creator to data is adjusted Ciphertext C is generated with algorithm level functionAAnd it is transferred to proxy re-encryption server;
(3) access control element obtains
For data sharing user when accessing ciphertext data, system will acquire its related access control element, and be united by XML language One is described in file, and the generation of proxy re-encrypted private key parameter is used for after parsing;
(4) proxy re-encrypted private key parameter generates
System analysis XML file generates relevant access control element to List, and to giving in its body attribute collection { sub } Element assign weight, to generate access control condition parameter con, algorithm level function ReKeyGen is called to generate re-encryption Key;
(5) the ciphertext data after description are generated
Proxy re-encryption server obtains re-encrypted private key and ciphertext CA, algorithm level function ReEnc is called, operation is shared Ciphertext CB
(6) ciphertext data acquisition
Data sharer submits re-encryption ciphertext data acquisition request to proxy re-encryption server, and proxy re-encryption server obtains It takes and the shared cryptograph C after proxy re-encryption is provided for it after the request at familyB
(7) user carries out the decryption of re-encryption ciphertext
Legitimate user is with the ciphertext C after own private key and descriptionB, algorithm level function Dec decryption ciphertext is called to obtain ciphertext number According to.
2. the proxy re-encryption method according to claim 1 for supporting the description of complex access controlling element, which is characterized in that Public/private key pair parameter generating method are as follows:
Parameter is established: Setup (k) → prama
Setup (k) → prama chooses the prime number k that length is q, groupFor multiplicative cyclic group, g, U areGeneration member, Hash Group of functions H1,H2,H3,H4,H5, wherein H1:{0,1}*→{0,1}l, H2:H3:H4:H5:ZqFor the integer cyclic group of mould q,Indicate the reduced system of residues set of mould q, q is certainly So number;WithIndicate multiplicative cyclic groupThe generation member power of selection;Open parameter
3. the proxy re-encryption method according to claim 1 for supporting the description of complex access controlling element, which is characterized in that The detailed process of data creation are as follows:
Foundation key generates: KeyGen (param) → (skA,pkA)
KeyGen(param)→(skA,pkA), a is chosen,Then skA=a, pkA=ga, similarly there is skB=b, pkB= gb.
It encrypts for the first time: Enc (M, pkA)→CA
User A uses own public key pkAEncrypting plaintext information M chooses r,Then CA=(c1,c2,c3,c4);Wherein,
c1=gr
c2=gu
c3=u+rH2(c1,c2);
4. the proxy re-encryption method according to claim 1 for supporting the description of complex access controlling element, which is characterized in that The process that access control element obtains and proxy re-encrypted private key parameter generates are as follows:
Re-encrypted private key parameter con is generated:
ReKeyParam (XMLfile) → con, access control element are described after obtaining with xml language unity, and parsing this document obtains To List={ sub, obj, act }={ { subi},{objj},{actk}};1≤i,j,k≤n;
For n element in the body attribute collection { sub } in list List, each element corresponds to its weight And constructorThen
It choosesCalculate subi=H2(u,H1(List.sub)) Lai Shengcheng proxy re-encrypted private key parameter con=f (subi);
Proxy re-encrypted private key generates:
It choosesThen Y=gy
Enable U1=Ucon, then havez2=y-skA·z1
Therefore it generates by A to B proxy re-encrypted private key
5. the proxy re-encryption method according to claim 1 for supporting the description of complex access controlling element, which is characterized in that The production method of ciphertext data are as follows:
Encryption agents are to ciphertext CARe-encryption is carried out, generation can be by skBThe ciphertext decrypted CB=(c '1,c′2,c′3,c′4);IfIt is then calculated as follows, otherwise feedback information completeness error;Its In,
c′4=c4
6. the proxy re-encryption method according to claim 1 for supporting the description of complex access controlling element, which is characterized in that The method of re-encryption ciphertext decryption are as follows:
Dec(skB,CB, con) and → M, the ciphertext after user B decryption re-encryption, acquisition plaintext M.
IfIt is then calculated as follows, otherwise feedback information completeness error;
Sub property set in con has n element, enables
Then to all subi=H2(ui,H1(List.sub)) ∈ S is calculated
Calculate c "1With c "2Value
It calculatesIt then exports in plain text
CN201910602175.2A 2019-07-05 2019-07-05 Proxy re-encryption method supporting complex access control element description Active CN110391901B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910602175.2A CN110391901B (en) 2019-07-05 2019-07-05 Proxy re-encryption method supporting complex access control element description

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910602175.2A CN110391901B (en) 2019-07-05 2019-07-05 Proxy re-encryption method supporting complex access control element description

Publications (2)

Publication Number Publication Date
CN110391901A true CN110391901A (en) 2019-10-29
CN110391901B CN110391901B (en) 2021-09-21

Family

ID=68286252

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910602175.2A Active CN110391901B (en) 2019-07-05 2019-07-05 Proxy re-encryption method supporting complex access control element description

Country Status (1)

Country Link
CN (1) CN110391901B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115225364A (en) * 2022-07-15 2022-10-21 中国科学技术大学 High-efficiency dynamic access control method and system for cloud-oriented encrypted data

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150067330A1 (en) * 2012-03-30 2015-03-05 British Telecommunications Public Limited Company Method and system for network data access
CN106612175A (en) * 2016-08-25 2017-05-03 四川用联信息技术有限公司 Proxy re-encryption algorithm for multi-element access control in mobile cloud
CN106789058A (en) * 2016-12-09 2017-05-31 南京理工大学 One kind acts on behalf of re-encryption arthmetic statement and analytic method
CN108600217A (en) * 2018-04-23 2018-09-28 南京理工大学 A kind of data grant certainty update method of the high in the clouds based on proxy re-encryption
CN109660555A (en) * 2019-01-09 2019-04-19 上海交通大学 Content safety sharing method and system based on proxy re-encryption

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150067330A1 (en) * 2012-03-30 2015-03-05 British Telecommunications Public Limited Company Method and system for network data access
CN106612175A (en) * 2016-08-25 2017-05-03 四川用联信息技术有限公司 Proxy re-encryption algorithm for multi-element access control in mobile cloud
CN106789058A (en) * 2016-12-09 2017-05-31 南京理工大学 One kind acts on behalf of re-encryption arthmetic statement and analytic method
CN108600217A (en) * 2018-04-23 2018-09-28 南京理工大学 A kind of data grant certainty update method of the high in the clouds based on proxy re-encryption
CN109660555A (en) * 2019-01-09 2019-04-19 上海交通大学 Content safety sharing method and system based on proxy re-encryption

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
苏铓等: "基于代理重加密的云端多要素访问控制方案", 《通信学报》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115225364A (en) * 2022-07-15 2022-10-21 中国科学技术大学 High-efficiency dynamic access control method and system for cloud-oriented encrypted data
CN115225364B (en) * 2022-07-15 2023-11-17 中国科学技术大学 Efficient dynamic access control method and system for cloud encrypted data

Also Published As

Publication number Publication date
CN110391901B (en) 2021-09-21

Similar Documents

Publication Publication Date Title
CN108600217B (en) Cloud-based data authorization certainty updating method based on proxy re-encryption
US9129095B1 (en) Client-side encryption with DRM
CN104486315B (en) A kind of revocable key outsourcing decryption method based on contents attribute
US9894040B2 (en) Trust services for securing data in the cloud
CN108810004A (en) More authorization center access control methods, cloud storage system can be revoked based on agency
CN108833393A (en) A kind of revocable data sharing method calculated based on mist
Ezhilarasi et al. A secure data sharing using IDSS CP-ABE in cloud storage
Shen et al. Multi-security-level cloud storage system based on improved proxy re-encryption
Pradeep et al. An efficient framework for sharing a file in a secure manner using asymmetric key distribution management in cloud environment
CN108111540A (en) The hierarchical access control system and method for data sharing are supported in a kind of cloud storage
CN106302411A (en) The secure cloud storage method and system of support file encryption based on windows platform
CN106612169A (en) Safe data sharing method in cloud environment
CN103516523A (en) Data encryption system structure based on cloud storage
CN109039614A (en) A kind of proxy re-encryption method based on optimal ate
CN114679340B (en) File sharing method, system, device and readable storage medium
Wise et al. Cloud docs: secure scalable document sharing on public clouds
Pervez et al. SAPDS: self-healing attribute-based privacy aware data sharing in cloud
CN104935588B (en) A kind of hierarchical encryption management method of safe cloud storage system
CN106612175A (en) Proxy re-encryption algorithm for multi-element access control in mobile cloud
CN110391901A (en) A kind of proxy re-encryption method for supporting complex access controlling element to describe
Chinnasamy et al. Secure and Efficient Data Sharing Scheme in Cloud for Protecting Data in Smart Cities
Fan et al. Secure and private key management scheme in big data networking
Charanya et al. Attribute based encryption for secure sharing of E-health data
Chennam et al. Cloud security in crypt database server using fine grained access control
Wang et al. A CP-ABE access control scheme based on proxy re-encryption in cloud storage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant