CN112087422A - Outsourcing access control method based on attribute encryption in edge calculation - Google Patents
Outsourcing access control method based on attribute encryption in edge calculation Download PDFInfo
- Publication number
- CN112087422A CN112087422A CN202010738981.5A CN202010738981A CN112087422A CN 112087422 A CN112087422 A CN 112087422A CN 202010738981 A CN202010738981 A CN 202010738981A CN 112087422 A CN112087422 A CN 112087422A
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- key
- encryption
- data
- outsourcing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an outsourcing access control method based on attribute encryption in edge computing, which encrypts user data participating in shared data behaviors in edge computing by adopting an attribute encryption method so as to protect the privacy of the data. According to the characteristics of wide distribution and considerable computing power of fog computing, the computing burden of a data owner and a consumer is reduced by adopting a method of outsourcing encryption and decryption to a fog server. The invention has the advantages that: compared with the existing encryption algorithm, the attribute encryption can protect the privacy information of the group users more simply and effectively, achieves fine-grained access control on data, and has practical feasibility. The method fully considers the problem of resource limitation of the mobile terminal in the edge computing environment, and has strong use value; the method partially hides the access strategy which possibly reveals sensitive information, and better protects the privacy information of the user.
Description
Technical Field
The invention belongs to the field of network communication, and particularly provides an outsourcing access control method based on attribute encryption in edge computing.
Background
Edge computing is widely used in modern social life, however untrusted edge devices may cause data security and privacy protection problems. Some encryption methods are therefore needed to protect the security of data, but general conventional encryption methods are not suitable for edge computing, because the receiving group tends to be dynamic in edge computing, much data is accessed by a group of users, can only be described by certain attributes, and data access does not need to be controlled according to each connection. On the other hand, the encryption and decryption of the existing encryption method are computationally expensive, and the mobile device usually has limited computing resources and cannot support highly complex encryption algorithms.
The attribute encryption is a research hotspot in the field of privacy protection at present, and compared with the existing encryption algorithm, the attribute encryption can protect the privacy information of group users more simply and effectively, realizes fine-grained access control on data, and has practical feasibility. The task of encrypting and decrypting highly complex computing data is outsourced to a fog server with stronger computing power, so that the mobile equipment can realize encryption and decryption only by simple computation. Meanwhile, in order to prevent some external observers or attackers from learning the sensitive information of the user through the access control policy in the attribute encryption, the access control policy is necessary to be hidden. Therefore, the access control method based on the attribute encryption in the edge calculation is beneficial to the security of shared data and the privacy of user information, and reduces the calculation burden of the user.
Disclosure of Invention
The invention provides an outsourcing access control method based on attribute encryption in edge computing, aiming at the problems of data security and privacy protection of edge equipment in the existing edge computing.
The technical scheme of the invention is as follows:
an outsourcing access control method based on attribute encryption in edge computing comprises the following steps:
step 1: the trusted authority initializes the whole system, including assigning corresponding roles to each user, generating parameters such as related public key, secret key and conversion secret key, and sending the parameters obtained by the trusted authority to each role in the system;
step 2: the data owner applies for an encryption request to the mist server closest to the mist server, carries out correctness verification and integration on a result returned by the mist server, and uploads an integrated ciphertext to the cloud server;
and step 3: and the data consumer applies for the ciphertext to the cloud server, sends the obtained ciphertext to the nearest fog server to apply for partial outsourcing decryption, performs correctness verification after obtaining partial decrypted ciphertext, and finally performs simple decryption to obtain the plaintext.
Further, an outsourcing access control method based on attribute encryption in edge computing, where the step 1 specifically is:
step 1-1: the trusted authority firstly selects the number of attributes in the system and selects a bilinear mapping D ═ P, G, GT, e, wherein P is the order of G and GT; then selecting three random generators g, h, u and an index alpha (alpha belongs to Zp); public key parameters are disclosed:
PK={D,e(g,g)α,g,h,u,H,L,KDF1};
where H is the collision-resistant hash function, KDF1 is the key derivation function, and sets the master key: MSK ═ (PK, α);
step 1-2: the trusted authority chooses a random K +1 number (r, r)1,···,rk) E.g. Zp, from the master key MSK and a set of attributes S ═ a1,···,An}, calculating K0=gαur,K1=gr,Ki,2=gri,Ki,3=(uhAi)riAnd generating a private key:
SK=(S,PK,K0,K1,{Ki,2,Ki,3}i∈[1,k]);
step 1-3: trusted authority random selectionThe transformation key TK is calculated according to the private key SK as follows:
K'0=gα/τur/τ,K'1=gr/τ,K'i,2=gri/τ,K'i,3=(uhAi)ri/τ
when the system carries out outsourcing decryption, the TK is sent to a fog server which needs to carry out partial decryption tasks; and the recovery key is set as follows:
RK=(TK,τ)
and sending to the data consumer for final decryption.
Further, an outsourcing access control method based on attribute encryption in edge computing, where the step 2 specifically is:
step 2-1: after the data owner sends the outsourced encryption request, the fog server F1, which is the closest two to the user, selects four random numbers xi',yi',λi',s'∈ZpC is calculated based on the public key parameter PK already published0'=gs',
IT1=(s',C'0,{x′i,y′i,λ'i,C′i,1,C′i,2}i∈[1,K]);
and sends IT1 to the data owner;
step 2-2: after the data owner sends the outsourced encryption request, the fog server F2, which is the closest two to the user, selects four random numbers xi”,yi”,λi”,s”∈ZpC is calculated based on the public key parameter PK already published0”=gs”,The intermediate ciphertext IT2 is generated as follows:
IT2=(s”,C″0,{x″i,y″i,λ″i,C″i,1,C″i,2}i∈[1,K]);
and sends IT2 to the data owner;
step 2-3: after the data owner receives IT1 and IT2, IT1 and IT2 are integrated into an intermediate ciphertext IT as follows:
IT=(s,C0,{xi,yi,λi,Ci,1,Ci,2}i∈[1,K])
then, v2 is randomly selected, vn belongs to Zp, and the vector is setFrom the access structure (A, ρ, τ), computeCi,3=bi-λi,Ci,4=τρ(i)yi-xiyi,Ci,5=-yiWhere A is a matrix of λ n, and ρ is A per row AiAttribute name of mapping, τ ═ τρ(1),...,τρ(λ)I.e. the set of attribute values ρ (i); then, the SSk is calculated and set by using a key derivation function KDF1d is the length of SSk; the complete ciphertext is finally obtained as follows:
and sends it to the cloud server.
Further, an outsourcing access control method based on attribute encryption in edge computing, where the step 3 specifically is:
step 3-1: the data consumer takes the ciphertext CT from the cloud server and sends the ciphertext CT to the nearest fog server F3 to apply for partial decryption; the fog server F3 recovers the encapsulated key by partial decryption using the transfer key TK obtained from the trusted authority:
setting a part of decrypted ciphertext and returning the ciphertext to the data consumer;
step 3-2: after the data consumer takes the partially decrypted ciphertext, the correctness verification and verification of the decryption outsourcing are carried out firstlyIf yes, then using the recovery key to decrypt the data:
compared with the prior art, the invention has the technical advantages that:
1. the security of the data shared by the users is protected under the condition that the users do not spend high calculation amount and communication overhead;
2. by adopting a method of partially hiding the access control strategy, the data sharing with the data consumer is realized on the premise of not revealing sensitive information of the data owner;
3. compared with the existing attribute encryption outsourcing method, the method has better performance in the aspects of accuracy of outsourcing results and privacy protection of participants.
Drawings
FIG. 1 is a block diagram of the mechanism of the present invention.
FIG. 2 is a graph of time spent generating outsourced keys versus number of attributes.
FIG. 3 is a graph of the time spent in encrypting outsourced computations.
FIG. 4 is a graph of the time spent decrypting outsourced computations.
Fig. 5 is a graph of how long it takes for encryption computation at the user side.
Fig. 6 is a graph of how long decryption computation takes.
Detailed Description
The invention is further described with reference to the following figures and detailed description.
The invention designs an outsourcing access control method based on attribute encryption in edge calculation according to the technical characteristics of the edge calculation and the attribute encryption, and mainly solves the following two problems:
(1) when the data owner sends the ciphertext to the cloud server, the access control policy and the ciphertext are sent together, and other participants may deduce sensitive information of the data consumer attribute according to the access control policy, so that the data owner suffers from the problem of key information leakage.
(2) Existing attribute encryption outsourcing methods lack verifiable considerations for encryption and decryption outsourcing.
The main idea of the invention is as follows: and attribute encryption and edge calculation are combined to realize data security of shared data and privacy protection of participants.
Specifically, the outsourcing access control method based on attribute encryption in edge computing comprises the following steps:
step 1: the trusted authority initializes the whole system, including assigning corresponding roles to each user, generating parameters such as related public key, secret key and conversion secret key, and sending the parameters obtained by the trusted authority to each role in the system;
step 1-1: the trusted authority firstly selects the number of attributes in the system and selects a bilinear mapping D ═ P, G, GT, e, wherein P is the order of G and GT; then selecting three random generators g, h, u and an index alpha (alpha belongs to Zp); public key parameters are disclosed:
PK={D,e(g,g)α,g,h,u,H,L,KDF1};
where H is the collision-resistant hash function, KDF1 is the key derivation function, and sets the master key: MSK ═ (PK, α);
step 1-2: the trusted authority chooses a random K +1 number (r, r)1,···,rk) E.g. Zp, from the master key MSK and a set of attributes S ═ a1,···,An}, calculating K0=gαur,K1=gr,Ki,2=gri,Ki,3=(uhAi)riAnd generating a private key:
SK=(S,PK,K0,K1,{Ki,2,Ki,3}i∈[1,k]);
step 1-3: trusted authority random selectionThe transformation key TK is calculated according to the private key SK as follows:
K'0=gα/τur/τ,K'1=gr/τ,K'i,2=gri/τ,K'i,3=(uhAi)ri/τ
when the system carries out outsourcing decryption, the TK is sent to a fog server which needs to carry out partial decryption tasks; and the recovery key is set as follows:
RK=(TK,τ)
and sending to the data consumer for final decryption.
Step 2: the data owner applies for an encryption request to the mist server closest to the mist server, carries out correctness verification and integration on a result returned by the mist server, and uploads an integrated ciphertext to the cloud server;
step 2-1: after the data owner sends the outsourced encryption request, the fog server F1, which is the closest two to the user, selects four random numbers xi',yi',λi',s'∈ZpC is calculated based on the public key parameter PK already published0'=gs',The intermediate ciphertext IT1 is generated as follows:
IT1=(s',C'0,{x′i,y′i,λ'i,C′i,1,C′i,2}i∈[1,K]);
and sends IT1 to the data owner;
step 2-2: after the data owner sends the outsourced encryption request, the fog server F2, which is the closest two to the user, selects four random numbers xi”,yi”,λi”,s”∈ZpC is calculated based on the public key parameter PK already published0”=gs”,The intermediate ciphertext IT2 is generated as follows:
IT2=(s”,C″0,{x″i,y″i,λ″i,C″i,1,C″i,2}i∈[1,K]);
and sends IT2 to the data owner;
step 2-3: after the data owner receives IT1 and IT2, IT1 and IT2 are integrated into an intermediate ciphertext IT as follows:
IT=(s,C0,{xi,yi,λi,Ci,1,Ci,2}i∈[1,K])
then, v2 is randomly selected, vn belongs to Zp, and the vector is setFrom the access structure (A, ρ, τ), computeCi,3=bi-λi,Ci,4=τρ(i)yi-xiyi,Ci,5=-yiWhere A is a matrix of λ n, and ρ is A per row AiAttribute name of mapping, τ ═ τρ(1),...,τρ(λ)I.e. the set of attribute values ρ (i); then, the SSk is calculated and set by using a key derivation function KDF1d is the length of SSk; the complete ciphertext is finally obtained as follows:
and sends it to the cloud server.
And step 3: and the data consumer applies for the ciphertext to the cloud server, sends the obtained ciphertext to the nearest fog server to apply for partial outsourcing decryption, performs correctness verification after obtaining partial decrypted ciphertext, and finally performs simple decryption to obtain the plaintext.
Step 3-1: the data consumer takes the ciphertext CT from the cloud server and sends the ciphertext CT to the nearest fog server F3 to apply for partial decryption; the fog server F3 recovers the encapsulated key by partial decryption using the transfer key TK obtained from the trusted authority:
setting a part of decrypted ciphertext and returning the ciphertext to the data consumer;
step 3-2: after the data consumer takes the partially decrypted ciphertext, the correctness verification and verification of the decryption outsourcing are carried out firstlyIf yes, then using the recovery key to decrypt the data:
the invention uses charm frame and PBC library to simulate the process shown in figure 1 in Ubuntu, and tests the performance of the proposed method. We set up 10 different access policies and the number of attribute values N is increased from 10 to 100, each instance is repeated 10 times and averaged. All examples were kept completely independent of each other during the experiment, time in seconds and milliseconds.
In order to embody the advantages of the PPAC (privacy access control) method provided by the invention, the conventional attribute encryption outsourcing method OABE (outsourcing ABE encryption) is compared. Only outsource decryption is performed in the OABE, and the outsource result is not verified for correctness.
Figure 2 shows the result of the time it takes to run the generation of the outsource key. As can be seen from the figure, as the number of system attribute values increases, the time taken to outsource the key also increases, and the trend is linear. The calculation amount of encryption and decryption is related to the number of attributes set by the system, as shown in fig. 3 and 4, the number of attributes is continuously increased, and the time spent on calculation is also continuously increased. The performance of the algorithm in the PPAC is evaluated by calculating the time spent on encryption and decryption at a user terminal, and the less time spent is better in terms of the experience of the user. Fig. 5 shows that the time spent by encryption computation at the user end increases almost linearly with the number of attributes, and our scheme is feasible at the user end with a slightly higher computation time than the original OABE scheme, which is caused by the additional computation cost of the verification function for verifying the correctness of the result returned by encryption.
Fig. 6 shows how the computation of encryption takes time at the user end, and it can be seen that our scheme is feasible at the user end in computation time, which is also slightly higher than the time taken by the original OABE scheme, and this occurs because the verification function for verifying the correctness of the result returned by decryption incurs some extra computation cost.
In conclusion: the PPAC provided by the invention can not only protect the safety of shared data and the privacy of users in edge calculation, but also reduce the calculation burden of the users to a great extent.
While the preferred embodiments of the present invention have been illustrated and described in detail, it is not intended to limit the invention to the exact details shown and described, and various equivalents (e.g., in number, shape, location, etc.) may be substituted for elements thereof without departing from the spirit and scope of the present invention.
Claims (4)
1. An outsourcing access control method based on attribute encryption in edge computing is characterized by comprising the following steps:
step 1: the trusted authority initializes the whole system, including assigning corresponding roles to each user, generating parameters such as related public key, secret key and conversion secret key, and sending the parameters obtained by the trusted authority to each role in the system;
step 2: the data owner applies for an encryption request to the mist server closest to the mist server, carries out correctness verification and integration on a result returned by the mist server, and uploads an integrated ciphertext to the cloud server;
and step 3: and the data consumer applies for the ciphertext to the cloud server, sends the obtained ciphertext to the nearest fog server to apply for partial outsourcing decryption, performs correctness verification after obtaining partial decrypted ciphertext, and finally performs simple decryption to obtain the plaintext.
2. The outsourcing access control method based on attribute encryption in edge computing according to claim 1, wherein the step 1 specifically comprises:
step 1-1: the trusted authority firstly selects the number of attributes in the system and selects a bilinear mapping D ═ P, G, GT, e, wherein P is the order of G and GT; then selecting three random generators g, h, u and an index alpha (alpha belongs to Zp); public key parameters are disclosed:
PK={D,e(g,g)α,g,h,u,H,L,KDF1};
where H is the collision-resistant hash function, KDF1 is the key derivation function, and sets the master key: MSK ═ (PK, α);
step 1-2: the trusted authority chooses a random K +1 number (r, r)1,···,rk) E.g. Zp, from the master key MSK and a set of attributes S ═ a1,···,An}, calculating K0=gαur,K1=gr,Ki,2=gri,Ki,3=(uhAi)riAnd generating a private key:
SK=(S,PK,K0,K1,{Ki,2,Ki,3}i∈[1,k]);
step 1-3: trusted authority random selectionThe transformation key TK is calculated according to the private key SK as follows:
K'0=gα/τur/τ,K'1=gr/τ,K'i,2=gri/τ,K'i,3=(uhAi)ri/τ
when the system carries out outsourcing decryption, the TK is sent to a fog server which needs to carry out partial decryption tasks; and the recovery key is set as follows:
RK=(TK,τ)
and sending to the data consumer for final decryption.
3. The outsourcing access control method based on attribute encryption in edge computing according to claim 1, wherein the step 2 specifically comprises:
step 2-1: after the data owner sends the outsourced encryption request, the fog server F1, which is the closest two to the user, selects four random numbers xi',yi',λi',s'∈ZpC is calculated based on the public key parameter PK already published0'=gs',The intermediate ciphertext IT1 is generated as follows:
IT1=(s',C'0,{x'i,y'i,λ'i,C'i,1,C'i,2}i∈[1,K]);
and sends IT1 to the data owner;
step 2-2: after the data owner sends the outsourced encryption request, the fog server F2, which is the closest two to the user, selects four random numbers xi”,yi”,λi”,s”∈ZpC is calculated based on the public key parameter PK already published0”=gs”,The intermediate ciphertext IT2 is generated as follows:
IT2=(s”,C”0,{x”i,y”i,λ”i,C”i,1,C”i,2}i∈[1,K]);
and sends IT2 to the data owner;
step 2-3: after the data owner receives IT1 and IT2, IT1 and IT2 are integrated into an intermediate ciphertext IT as follows:
IT=(s,C0,{xi,yi,λi,Ci,1,Ci,2}i∈[1,K])
then, v2 is randomly selected, vn belongs to Zp, and the vector is setFrom the access structure (A, ρ, τ), computeCi,3=bi-λi,Ci,4=τρ(i)yi-xiyi,Ci,5=-yiWhere A is a matrix of λ n, and ρ is A per row AiAttribute name of mapping, τ ═ τρ(1),...,τρ(λ)I.e. the set of attribute values ρ (i); then, the SSk is calculated and set by using a key derivation function KDF1d is the length of SSk; the complete ciphertext is finally obtained as follows:
and sends it to the cloud server.
4. The outsourcing access control method based on attribute encryption in edge computing according to claim 1, wherein the step 3 specifically includes:
step 3-1: the data consumer takes the ciphertext CT from the cloud server and sends the ciphertext CT to the nearest fog server F3 to apply for partial decryption; the fog server F3 recovers the encapsulated key by partial decryption using the transfer key TK obtained from the trusted authority:
setting a part of decrypted ciphertext and returning the ciphertext to the data consumer;
step 3-2: after the data consumer takes the partially decrypted ciphertext, the correctness verification and verification of the decryption outsourcing are carried out firstlyIf yes, then using the recovery key to decrypt the data:
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010738981.5A CN112087422A (en) | 2020-07-28 | 2020-07-28 | Outsourcing access control method based on attribute encryption in edge calculation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010738981.5A CN112087422A (en) | 2020-07-28 | 2020-07-28 | Outsourcing access control method based on attribute encryption in edge calculation |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112087422A true CN112087422A (en) | 2020-12-15 |
Family
ID=73735227
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010738981.5A Pending CN112087422A (en) | 2020-07-28 | 2020-07-28 | Outsourcing access control method based on attribute encryption in edge calculation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112087422A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114710370A (en) * | 2022-06-08 | 2022-07-05 | 山东省计算中心(国家超级计算济南中心) | Fine-grained access control method and system based on mist block chain and attribute encryption |
WO2022266999A1 (en) * | 2021-06-25 | 2022-12-29 | Intel Corporation | Digital edge services orchestration of awareness, on-demand, and event-triggered services |
CN115879139A (en) * | 2023-03-08 | 2023-03-31 | 四川边缘算力科技有限公司 | User data management method based on edge calculation |
CN116132105A (en) * | 2022-12-08 | 2023-05-16 | 重庆邮电大学 | Internet of vehicles large attribute data sharing system and method based on attribute encryption |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109995505A (en) * | 2019-03-07 | 2019-07-09 | 西安电子科技大学 | A kind of mist calculates data safety machining system and method, cloud storage platform under environment |
CN110099043A (en) * | 2019-03-24 | 2019-08-06 | 西安电子科技大学 | The hiding more authorization center access control methods of support policy, cloud storage system |
US20190297063A1 (en) * | 2018-03-22 | 2019-09-26 | Cisco Technology, Inc. | Iaas-aided access control for information centric networking with internet-of-things |
CN110933052A (en) * | 2019-11-18 | 2020-03-27 | 杭州电子科技大学 | Encryption and policy updating method based on time domain in edge environment |
CN111212084A (en) * | 2020-01-15 | 2020-05-29 | 广西师范大学 | Attribute encryption access control method facing edge calculation |
-
2020
- 2020-07-28 CN CN202010738981.5A patent/CN112087422A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190297063A1 (en) * | 2018-03-22 | 2019-09-26 | Cisco Technology, Inc. | Iaas-aided access control for information centric networking with internet-of-things |
CN109995505A (en) * | 2019-03-07 | 2019-07-09 | 西安电子科技大学 | A kind of mist calculates data safety machining system and method, cloud storage platform under environment |
CN110099043A (en) * | 2019-03-24 | 2019-08-06 | 西安电子科技大学 | The hiding more authorization center access control methods of support policy, cloud storage system |
CN110933052A (en) * | 2019-11-18 | 2020-03-27 | 杭州电子科技大学 | Encryption and policy updating method based on time domain in edge environment |
CN111212084A (en) * | 2020-01-15 | 2020-05-29 | 广西师范大学 | Attribute encryption access control method facing edge calculation |
Non-Patent Citations (4)
Title |
---|
ARWA ALRAWAIS,ABDULRAHMAN ALHOTHAILY,CHUNQIANG HU,XIAOSHUANG: "An Attribute-Based Encryption Scheme to Secure Fog Communications", 《IEEE ACCESS》 * |
QIHUA WANG,GAOYAN LV,XIULING SUN: "Distributed Access Control with Outsourced Computation in Fog Computing", 《2019 CHINESE CONTROL AND DECISION CONFERENCE (CCDC)》 * |
QINLONG HUANG,YIXIAN YANG,LICHENG WANG: "Secure Data Access Control With Ciphertext Update and Computation Outsourcing in Fog Computing for Internet of Things", 《IEEE ACCESS》 * |
张佳乐,赵彦超,陈兵,胡峰,朱琨: "边缘计算数据安全与隐私保护研究综述", 《通信学报》 * |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2022266999A1 (en) * | 2021-06-25 | 2022-12-29 | Intel Corporation | Digital edge services orchestration of awareness, on-demand, and event-triggered services |
CN114710370A (en) * | 2022-06-08 | 2022-07-05 | 山东省计算中心(国家超级计算济南中心) | Fine-grained access control method and system based on mist block chain and attribute encryption |
CN116132105A (en) * | 2022-12-08 | 2023-05-16 | 重庆邮电大学 | Internet of vehicles large attribute data sharing system and method based on attribute encryption |
CN116132105B (en) * | 2022-12-08 | 2024-05-17 | 重庆邮电大学 | Internet of vehicles large attribute data sharing system and method based on attribute encryption |
CN115879139A (en) * | 2023-03-08 | 2023-03-31 | 四川边缘算力科技有限公司 | User data management method based on edge calculation |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108881314B (en) | Privacy protection method and system based on CP-ABE ciphertext under fog computing environment | |
US20210312334A1 (en) | Model parameter training method, apparatus, and device based on federation learning, and medium | |
CN109495274B (en) | Decentralized intelligent lock electronic key distribution method and system | |
CN112087422A (en) | Outsourcing access control method based on attribute encryption in edge calculation | |
US8688973B2 (en) | Securing communications sent by a first user to a second user | |
CN104521178B (en) | The method and system of the multi-party cloud computing of safety | |
CN107959567A (en) | Date storage method, data capture method, apparatus and system | |
CN107483212A (en) | A kind of method of both sides' cooperation generation digital signature | |
CN106487506B (en) | Multi-mechanism KP-ABE method supporting pre-encryption and outsourcing decryption | |
CN110933033B (en) | Cross-domain access control method for multiple Internet of things domains in smart city environment | |
CN111275202A (en) | Machine learning prediction method and system for data privacy protection | |
CN112104619A (en) | Data access control system and method based on outsourcing ciphertext attribute encryption | |
CN109194523A (en) | The multi-party diagnostic model fusion method and system, cloud server of secret protection | |
JP2023500570A (en) | Digital signature generation using cold wallet | |
CN111797427A (en) | Block chain user identity supervision method and system considering privacy protection | |
CN109525388B (en) | Combined encryption method and system with separated keys | |
CN111639345B (en) | Method and system for secure multi-party cloud computing based on homomorphic encryption | |
CN113708917B (en) | APP user data access control system and method based on attribute encryption | |
CN113660197A (en) | Obfuscated data aggregation privacy protection method, system, device, medium and terminal | |
US9660813B1 (en) | Dynamic privacy management for communications of clients in privacy-preserving groups | |
CN115664629A (en) | Homomorphic encryption-based data privacy protection method for intelligent Internet of things platform | |
Zhang et al. | Cerberus: Privacy-preserving computation in edge computing | |
Rukavitsyn et al. | The method of ensuring confidentiality and integrity data in cloud computing | |
CN108737383A (en) | A kind of anonymous authentication method obscured | |
CN116502732A (en) | Federal learning method and system based on trusted execution environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20201215 |