CN115189903A - Distributed access control method supporting privacy protection in Internet of vehicles - Google Patents
Distributed access control method supporting privacy protection in Internet of vehicles Download PDFInfo
- Publication number
- CN115189903A CN115189903A CN202210162394.5A CN202210162394A CN115189903A CN 115189903 A CN115189903 A CN 115189903A CN 202210162394 A CN202210162394 A CN 202210162394A CN 115189903 A CN115189903 A CN 115189903A
- Authority
- CN
- China
- Prior art keywords
- user
- attribute
- key
- ciphertext
- authentication center
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0414—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden during transmission, i.e. party's identity is protected against eavesdropping, e.g. by using temporary identifiers, but is known to the other party or parties involved in the communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0471—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying encryption by an intermediary, e.g. receiving clear information at the intermediary and encrypting the received information at the intermediary before forwarding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/72—Signcrypting, i.e. digital signing and encrypting simultaneously
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/84—Vehicles
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a distributed access control method supporting privacy protection in the Internet of vehicles, which has the advantages that the method has the real-time data sharing function, and simultaneously, the practical functions of safer outsourcing encryption and decryption calculation, privacy protection and the like are added, and the calculation pressure of a system can be effectively reduced. The method mainly comprises the following implementation steps: 1. initializing a global authentication center, and generating a global public parameter and a master key of the system; 2. initializing a local authentication center, and generating a public key and a private key of the local authentication center by using the global public parameters obtained in the step (1); 3. data encryption; 4. generating a user attribute private key; 5. and (6) decrypting the ciphertext.
Description
Technical Field
The invention belongs to the technical field of cloud storage safety and information safety, and particularly relates to a distributed access control method supporting privacy protection in a vehicle networking.
Background
With the rapid development of communication technology and industry, the automotive industry is transitioning from vehicle ad hoc networks (VANET) to internet of vehicles (IoV). The Internet of vehicles realizes intelligent transportation through real-time association of vehicles, roads and management mechanisms, provides services such as traffic safety, information sharing and flexible vehicle control, and the communication technology plays a key role in supporting the Internet of vehicles. At present, more and more vehicles are combined with intelligent equipment to form an internet of vehicles, which inevitably generates a large amount of data, and the internet of vehicles has higher requirements on data transmission, wherein transmission delay and consumption are reduced to the minimum. Nowadays, the latest 5G technology enables the car networking to be further developed, and has the advantages of ultra-low consumption, ultra-high transmission speed and the like. In addition, wireless communication between vehicles and between vehicles and infrastructure in the internet of vehicles is realized through a short-range communication protocol (DSRC), however, due to the small coverage of a single roadside unit (RSU), the vehicles must frequently transmit data during long-distance communication, and some privacy information (such as identity, location and the like) contained in the data is leaked. The secure transmission of data is the basis for all applications in the internet of vehicles. Malicious users may incur unpredictable losses by analyzing the relationship between the information and the sender to launch masquerading attacks or to tamper with the message.
To ensure the security of information in vehicle communications, conventional encryption mechanisms may not be applicable. The conventional Public Key Infrastructure (PKI) needs to encrypt the same piece of information multiple times, which causes a lot of unnecessary resource consumption. The proposal of the encryption based on the Attribute (ABE) solves the problem and realizes one-to-many data sharing. However, some solutions proposed before, while guaranteeing the confidentiality of data, still have privacy leakage problems in other respects. After the data owner establishes the access policy and publishes the access policy, some malicious users can roughly guess which attributes the vehicle has through simple analysis, which undoubtedly reveals the privacy of the users. In addition, although the data owner performs encryption before uploading to the cloud, whether the ciphertext and the access policy are tampered cannot be guaranteed.
In recent years, block chain technology has been widely studied. Due to the characteristics of decentralization, non-tampering, transparency, traceability and the like, the block chain is applied to various fields. For the traditional server single point of failure and bandwidth problem, the blockchain may provide a decentralized solution where each node may perform operations without a trusted intermediary. However, most of the solutions proposed at present are inefficient, and privacy disclosure is caused by the transparent public property of the block chain, so that the high-dynamic car networking system cannot be satisfied.
In summary, the problems of the prior art are as follows:
(1) Single point of failure and bandwidth. Once the cloud storage server is out of service or the data traffic is large, information transmission will be terminated, the whole system will be rushed, and if the cloud storage server is not trusted, data of a user will be leaked or tampered, which may cause serious consequences.
(2) And (4) revealing of user privacy. The risk of revealing the user privacy exists in two aspects, namely, the user needs to disclose the access strategy in the process of interaction between the user and the roadside unit or the cloud storage server, which may cause the revealing of the user privacy, and the transaction generated in the data transmission process is stored in a block chain, so that the revealing of the privacy information contained in the transaction may be caused due to the characteristic of the transparency of the disclosure.
(3) The calculation efficiency is low. The internet of vehicles is a highly dynamic system, and it becomes a challenge whether information can be transmitted in time. There are a large number of pairing operations and exponent operations in ABE, which results in a linear increase in the amount of computation consumed by the user in the encryption and decryption stages as the number of attributes increases. How to solve the three problems is the key point of applying the distributed access control strategy of data security sharing to the internet of vehicles.
Disclosure of Invention
Compared with the traditional scheme, the distributed access control method for supporting privacy protection in the Internet of vehicles has the advantages that the data are shared in real time, meanwhile, the safer practical functions of outsourcing encryption and decryption calculation, privacy protection and the like are added, and the calculation pressure of the system can be effectively relieved.
The specific technical scheme of the invention is as follows:
a distributed access control method supporting privacy protection in the Internet of vehicles comprises the following steps:
step 1: initializing a global authentication center CA to generate a global public parameter PP and a master key MSK of the system;
step 2: the local authentication center LA is initialized and generates a public key PK of itself by using the global public parameter PP obtained in the step 1 k And a private key SK k ;
And step 3: data encryption;
firstly, a fuzzy tree access strategy T is established by a data owner Obf Then, the data which needs to be sent is encrypted and calculated to obtain a local ciphertext CT loc And finally CT local cipher text loc Sending the data to a roadside unit RSU for final encryption to obtain a final ciphertext CT;
and 4, step 4: generating a user attribute private key;
the global authentication center CA distributes a static attribute key SK for a user st And certificate Cer Ui Then the local authentication center CA distributes the dynamic attribute key SK for the user dy (ii) a Wherein the static attribute key SK st And a dynamic attribute key SK dy Respectively generating parameters generated in respective initialization stages and attributes of the user;
and 5: decrypting the ciphertext; a legal user initiates an access request to a roadside unit RSU, the roadside unit RSU verifies whether the user attribute meets an access strategy or not by an intelligent contract after receiving the request, then outsourcing decryption is carried out through a part of private keys of the user, and a decrypted ciphertext is sent to the user; and the user receives the intermediate ciphertext and finally decrypts by using the private key of the user.
Further, the specific process steps of step 1 are as follows:
step 1.1: setting a safety parameter lambda of the system, and selecting multiplication cyclic groups G and G with prime order p in the cyclic domain 1 (ii) a G is a generator of G; e is a bilinear map satisfying e: G × G → G 1 ;
Step 1.2: the system initializes and sets the static attribute set: s st ={x 1 ,x 2 ,x 3 ,…x j …,x n At Z p The method comprises the following steps of randomly selecting three integers of alpha, beta and a, and selecting two collusion resistant hash functions: h {0,1} * →G 0 ,H 1 :{0,1} * →G 0 And lagrange coefficient:Wherein i, x ∈ Z p ,Z p The method comprises the following steps of (1) representing a modulus p remainder set, wherein l belongs to S, and S is an arbitrary attribute set;
step 1.3: in the static attribute set S st Selecting any attribute x j The global certificate authority CA is in Z p In the random number n j And calculateGenerating the common parameter PP of the system { G 0 ,H,H 1 ,g β ,g a ,e(g,g) α ,And master key MSK: { a, beta, g α ,{n j |x j ∈S st }}。
Further, the specific implementation process of step 2 is as follows:
each local authentication center LA defines a set of dynamic attributes:
and in Z p Selecting random number b from the dynamic attribute setSelect any one of the attributes y j (ii) a Local authentication center LA at Z p In the random number v j CalculatingFinally, generating the public key PK of the local authentication center LA k And a private key SK k ;
Further, the specific implementation process of step 3 is as follows:
step 3.1: generating a fuzzy access strategy;
firstly, a data owner establishes a tree access strategy T;
then the data owner is in Z p Selecting h as medium random, calculating g h ,u i =H 1 (a i ),Wherein, a i Is the attribute corresponding to each leaf node in the tree structure;
finally reuse the confusion attribute s i Alternative a i Thereby generating a fuzzy tree access strategy T Obf ;
Step 3.2: calculating a local ciphertext;
firstly, the data owner selects an AES symmetric encryption algorithm with the length of 128 bits to encrypt a message M, an encryption key is Syk, and H is obtained through calculation 1 (SE Syk (M));
Then, the data owner is in Z p Selecting a number s as a secret value of a root node;
next, the data owner accesses the policy T from the fuzzy tree Obf Starting from the root node R, selecting a polynomial q (-) from top to bottom, and setting q R (1)=s 1_1 ,q R (2)=s 2_2 ,s 1_1 Representing a fuzzy tree access policy T Obf Middle subtree T 1 Root node q R (1) The secret value of (a); s 2_2 Respectively representing fuzzy tree access policies T Obf Middle subtree T 2 Root node q R (2) The secret value of (a);
finally, local ciphertext CT is obtained by utilizing common parameter calculation loc :
In the above formula, S 1 Accessing policy T for fuzzy trees Obf Subtree T of 1 The set of static attributes contained in (a); s 2 Accessing policy T for fuzzy trees Obf Subtree T of 2 The set of static attributes contained in (a);
step 3.3: calculating a final ciphertext; the roadside unit RSU in charge of the region receives the local ciphertext CT sent by the data owner loc Then, from subtree T 2 Starting from the root node, selecting a polynomial q from top to bottom 2 And computing the final ciphertext CT by using the common parameters:
further, the step 3 further includes a step 3.4: generating a transaction;
generating a transaction; the roadside unit RSU responsible for the region uploads the final ciphertext CT to the cloud storage server CSS to obtain a ciphertext Address, and the ciphertext Address is signed to generate a transaction
Further, the specific implementation process of step 4 is as follows:
step 4.1: generating a static attribute private key; the global certificate authority CA uses the master key MSK and the public parameter PP and the static attribute set of the userGenerating static Attribute private Key SK st :
In the above formula: z, t, r are all at Z p Selecting randomly the number;
step 4.2: generating a certificate;
user submits to CA's own ID U The global authentication center CA firstly verifies the user identityThe effectiveness of (a);
finally, the global authentication center CA uses the static attribute private key SK st Value g of (D) βt Sending the data to a local authentication center LA;
step 4.3: generating a dynamic attribute key; the local authentication center LA verifies the credentials of the userIf the certificate is valid, the local certificate authority LA's own public key PK is used k And a private key SK k And a common parameter PP, a set of dynamic attributesGeneration of dynamic attribute key SK for user dy :
In the above formula, m is in Z p Of the random number.
Further, the specific implementation process of step 5 is as follows:
step 5.1: calculating an attribute value; firstly, the user uses its own partial key g ah ,g bh Calculating obfuscated attribute valuesThen will bes i And a certificateTo the roadside units RSU responsible for the area k ;
Step 5.2: outsourcing decryption; is responsible for thisRSU of region k First checking the user credentialsWhether it is recorded on the blockchain, and if not, to verify the user credentials beforeThe effectiveness of (a); after the verification is finished, the intelligent contract which is deployed in advance can be automatically transferred, and the intelligent contract is submitted according to the submitted attribute value s i Judging whether the user is the user meeting the access right, and judging whether the user is in the roadside unit RSU in charge of the area according to the vehicle speed, the distance from the vehicle, the pre-calculation time and the communication speed if the user is the user meeting the access right k An edge of a communication range; if the edge is close, the roadside unit RSU in charge of the area k After pre-decryption, the obtained intermediate ciphertext is directly returned to the roadside unit RSU responsible for the next region k+1 Returning the intermediate ciphertext to the user;
the intermediate ciphertext specifically is:wherein T is Obf ,C=g s Which is a part of the final ciphertext CT,to iterate the computation by lagrange interpolation,
step 5.3: decrypting by the user;
And then calculating the value of the root node: f R =e(g,g) βts ;
Finally, a symmetric key is calculated:
and decrypting according to the symmetric encryption algorithm to obtain the message M.
Further, step 5 also includes step 5.4 transaction generation;
roadside unit RSU in charge of the area k Using its own private keySigning the certificate of the user:then generating a transactionWherein Time out Representing the time at which decryption is complete.
Further, the method further comprises the step 6: updating the attribute; the specific implementation process of the step is as follows:
step 6.1: generating an updating key; the local authentication center LA generates three updated keys, UK respectively j→o ,UK no ,UK ct ;
Wherein, UK j→o =v j /v o The private key is updated for the user needing to update the attribute;
step 6.2: updating a private key of a user;
when a user needing to update the attribute receives a local confirmationUK for updating keys distributed by LA in certificate center j→o Then the following calculation is performed:
when the user not needing to update the attribute receives the update key UK distributed by the local authentication center LA no Then the following calculation is performed:
step 6.3: updating the final ciphertext; to ensure that a user newly added to the system can decrypt the original ciphertext, the roadside unit RSU k If the final ciphertext needs to be updated, the following calculation is executed;
the beneficial effects of the invention are:
1. the distributed method is adopted, all roadside units in the system maintain a block chain together to solve the problem of single point failure of the cloud storage server, wherein each node can execute operation under the condition of no trusted intermediary, and the transaction containing the signature is recorded on the block chain through a consensus mechanism so as to ensure the integrity of an access strategy and a message and facilitate auditing;
2. the invention realizes the privacy protection of the user, and provides a pairing-operation-free hidden access strategy scheme, so that the privacy of the user is protected in the interaction process of the user and a cloud service or roadside unit, and the calculation burden of a vehicle user is reduced. Furthermore, the transaction information recorded on the chain does not reveal the privacy of any user;
3. the invention adds outsourcing encryption and outsourcing decryption in the encryption stage and the decryption stage respectively, which not only saves the calculation overhead of users and the calculation efficiency of the system, but also hands a large amount of encryption and decryption calculation to a third party, and the decryption stage of the users only needs one exponential operation and one bilinear pairing operation regardless of the number of attributes or the complexity of an access strategy; in addition, the use of the intelligent contract not only reduces the verification workload, but also ensures that the vehicle can receive the intermediate ciphertext in time within the transmission range of the RSU;
4. the invention adds attribute classification and updating. And classifying the attributes in the system, wherein the inherent attribute of the vehicle is a static attribute. In our model, the keys associated with static attributes are not updated often, thereby reducing update costs, and users who have updated dynamic attributes will not be able to decrypt new ciphertext.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a flow chart of the operation of the present invention;
FIG. 2 is a flow chart of attribute update in the present invention;
Detailed Description
The related art in the present invention will be described clearly and completely with reference to the accompanying drawings in the following embodiments, and it is to be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention provides a distributed access method for supporting privacy protection in the Internet of vehicles, which needs to construct a system in the implementation process, wherein the system comprises a global authentication center, a local authentication center, a data owner, a cloud server, a user and a roadside unit, and the global authentication center, the local authentication center, the data owner, the cloud server, the user and the roadside unit are cooperatively operated.
A: operation of global certificate authority and local certificate authority
The authentication center in the system comprises a global authentication center CA and a plurality of local authentication centers LA; after initializing the system, the global authentication center and the local authentication center respectively manage the dynamic and static attribute ranges of the global authentication center and the local authentication center, set the public key and the private key of the global authentication center and the local authentication center and sign the private key of the local authentication center, and are also responsible for generating a certificate and an attribute private key for a user. It should be noted that the present invention provides that the global certificate authority and the local certificate authority are trusted.
B: work of data owner
The data owner is a trusted entity that owns the data and can send the data to the roadside unit via outsourcing. It defines an obfuscated access policy and uses it to encrypt data that can only be accessed by users that satisfy the access policy. And finally, the data owner sends the encrypted message to the roadside unit, and then the roadside unit sends the message to the cloud storage server.
C: work of data users
Each resource-constrained data user has a set of attributes and a unique identity certificate in the system. The user can initiate a request to the roadside unit, and when the attribute meets the access policy, the ciphertext can be decrypted.
D: work of cloud storage servers
The cloud storage server is responsible for storing encrypted data from the data owner. It has strong storage capacity and can be stored for a long time. The present invention assumes that the cloud storage server is curious but honest, i.e. it can perform tasks honestly and efficiently, but will also try to learn as much information as possible, such as ciphertext.
E: operation of roadside units
Each roadside unit is responsible for a limited range and can communicate wirelessly with users within that range. In the invention, the roadside unit is used as a semi-trusted entity, has strong computing capability and is responsible for providing outsourcing encryption and pre-decryption services for vehicles with limited resources. Within a certain range, all roadside units form a block chain together, and the main roadside unit records the generated transaction on the chain.
As shown in fig. 1 and 2, the method of the present invention comprises the following steps:
step 1: initializing a global certification center CA to generate a global public parameter PP and a master key MSK of the system;
step 1.1: setting a safety parameter lambda of the system, and selecting multiplication cyclic groups G and G with prime order p in a cyclic domain 1 (ii) a G is a generator of G; e is a bilinear map satisfying e: G × G → G 1 ;
Step 1.2: the system initializes and sets the static attribute set: s st ={x 1 ,x 2 ,x 3 ,…x j …,x n Selecting three integers of alpha, beta, a epsilon to Z p And selecting two collusion-resistant hash functions: h {0,1} * →G 0 ,H 1 :{0,1} * →G 0 And lagrangian coefficient:wherein i ∈ Z p ;Z p Representing a modulo-p remainder set;
step 1.3: in static attribute set S st Selecting any attribute x j The global certificate authority CA is in Z p In the random number n j And calculateGenerating the common parameter PP of the system { G 0 ,H,H 1 ,g β ,g a ,e(g,g) α ,And
master key MSK: { a, beta, g α ,{n j |x j ∈S st }};
Step 2, initializing a local authentication center LA, and generating a public key and a private key of the local authentication center LA by using the global public parameters obtained in the step 1;
each local authentication center LA defines a set of dynamic attributes:
and in Z p Selecting random number b from the dynamic attribute setSelect any one of the attributes y j (ii) a Local authentication center LA at Z p In the random number v j CalculatingFinally, generating the public key PK of the local authentication center LA k And a private key SK k ;
Step 3, encrypting data; firstly, a data owner carries out encryption calculation on data needing to be sent, and after encryption is finished, a ciphertext is sent to a roadside unit RSU for final encryption;
step 3.1: generating a fuzzy access policy; firstly, a data owner (the vehicle data owner in the embodiment) establishes a tree access strategy T; then the data owner is in Z p Selecting h as medium random, calculating g h ,u i =H 1 (a i ),Wherein, a i Is the attribute corresponding to each leaf node in the tree structure; and then use the obfuscated attribute s i Alternative a i Thereby generating a fuzzy tree access strategy T Obf (ii) a The points to be noted are: the attribute obfuscation in this step is to prevent privacy disclosure of attributes contained in the access policy;
step 3.2: calculating a local ciphertext;
firstly, the data owner selects an AES symmetric encryption algorithm with the length of 128 bits to encrypt a message M, and the encryption is encryptedThe key is Syk, H is calculated 1 (SE Syk (M));
Then, the data owner is in Z p Selecting a number s as a secret value of a root node;
next, the data owner accesses the policy T from the fuzzy tree Obf Starting from the root node R, selecting a polynomial q (-) from top to bottom, and setting q R (1)=s 1_1 ,q R (2)=s 2_2 (ii) a Finally, local ciphertext CT is obtained by utilizing common parameter calculation loc :
In the above formula, S 1 Accessing policy T for fuzzy trees Obf Subtree T of 1 The set of static attributes contained in (a); s. the 2 Accessing policy T for fuzzy trees Obf Subtree T of 2 The set of static attributes contained in (a);
step 3.3: encrypting a roadside unit RSU; the roadside unit RSU in charge of the region receives the local ciphertext CT sent by the data owner loc Then, from subtree T 2 Starting from the root node, selecting a polynomial q from top to bottom 2 (. To) calculate the final ciphertext CT using the common parameters:
in order to enable the user to verify the integrity of the encrypted message and also to comply with the public transparent traceability feature in the block chain, the step further includes step 3.4: generating a transaction;
the main realization process of the step is as follows: the roadside unit RSU responsible for the region uploads the final ciphertext CT to a cloud storage server CSS to obtain a ciphertext Address, and a transaction Tran is generated after the ciphertext Address is signed enc :
And 4, step 4: generating a user attribute private key; firstly, a global authentication center CA distributes a static attribute key and a certificate for a user, and then a local authentication center CA distributes a dynamic attribute key for the user; wherein, the static attribute key and the dynamic attribute key are respectively generated by parameters generated in respective initialization stages and attributes of users;
step 4.1: generating a static attribute private key; the global certificate authority CA uses the master key MSK and the public parameter PP and the static attribute set of the userGenerating a static Attribute private Key SK st :
In the above formula: z, t, r are all at Z p A randomly selected number;
step 4.2: generating a certificate; user submits to CA's own ID U The global certificate authority CA firstly verifies the validity of the user identity, and then sends the certificate with the signature to the user:finally, the global authentication center CA uses the static attribute private key SK st Value g of D βt Sending the data to a local authentication center LA;
step 4.3: generating a dynamic attribute key; the local authentication center LA verifies the credentials of the userIf the certificate is valid, the local certificate authority LA's own public key PK is used k And a private key SK k And a common parameter PP, a set of dynamic attributesGeneration of dynamic attribute key SK for user dy :
In the above formula: m is at Z p Selecting randomly the number;
step 5, ciphertext decryption; a legal user initiates an access request to a roadside unit RSU, the roadside unit RSU verifies whether the user attribute meets an access strategy or not through an intelligent contract after receiving the request, then the roadside unit RSU carries out outsourcing decryption through a part of private keys of the user, and sends a decrypted intermediate ciphertext to the user; after receiving the intermediate ciphertext, the user utilizes the private key of the user to carry out final decryption;
step 5.1: calculating an attribute value; firstly, the user uses the own partial secret key g ah ,g bh Calculating obfuscated attribute valuesThen will bes i And a certificateTo the roadside units RSU responsible for the area k ;
Step 5.2: outsourcing decryption; RSU responsible for this region k First checking the user credentialsWhether it is recorded on the blockchain, and if not, to verify the user credentials beforeThe effectiveness of (a); after the verification is finished, the intelligent contract which is deployed in advance can be automatically transferred, and according to the submitted attribute value s i Judging whether the user is a user meeting the access right, and if so, judging whether the user is in the area in charge of the user according to the vehicle speed, the distance from the vehicle, the pre-calculation time and the communication speedRoadside unit RSU k An edge of a communication range; if the edge is close, the roadside unit RSU in charge of the area k After pre-decryption, the obtained intermediate ciphertext is directly returned to the roadside unit RSU responsible for the next region k+1 Returning the intermediate ciphertext to the user;
roadside unit RSU k The process of pre-decrypting and obtaining the intermediate ciphertext is as follows:
for subtree T 1 Middle leaf node n, roadside Unit RSU k The following calculations are performed:
for subtree T in the same way 2 Leaf node n in (1), roadside unit RSU k The following calculations are performed:
for non-leaf nodes n ∈ T 1 Roadside units RSU k An iterative calculation is required:
step 5.3: decrypting by the user; first, user calculationAnd then calculating the value of the root node: f R =e(g,g) βts And finally, calculating a symmetric key:
and decrypting according to the symmetric encryption algorithm to obtain the message M.
In order to realize the traceable accountability characteristic of the block chain, the step also comprises a step 5.4 of transaction generation;
the specific implementation process of the step is as follows: roadside unit RSU in charge of the area k Using its own private keySigning the user's certificate:then generating a transactionWherein Time out Representing the time at which decryption is complete.
Step 6: updating the attribute; updating the private key of the user using the updated key, and updating and dynamically associating the set of attributesThe associated ciphertext;
step 6.1: generating an updating key; the local authentication center LA generates three updated keys, UK respectively j→o ,UK no ,UK ct ;
Wherein, UK j→o =v j /v o The private key is updated for the user needing to update the attribute;
step 6.2: updating a private key of a user;
when a user needing attribute updating receives an updating key UK distributed by a local authentication center LA j→o Then the following calculation is performed:
when the user not needing to update the attribute receives the update key UK distributed by the local authentication center LA no Then the following calculation is performed:
step 6.3: updating the final ciphertext; to ensure that a user newly added to the system can decrypt the original ciphertext, the roadside unit RSU k If the final ciphertext needs to be updated, the following calculation is executed;
in summary, the present invention relates to a secure sharing scheme of data in a car networking distributed environment; the ABE scheme with user privacy protection, center authority elimination, data security sharing and outsourcing encryption and decryption is realized; increasing the non-tamper property of block chain technology implementation information and access strategy; a plurality of roadside units are added to construct a distributed system so as to solve the problem of single point failure of a cloud storage server; an outsourcing encryption algorithm and an outsourcing decryption algorithm are added, the calculation cost of a data user is saved, a large amount of encryption and decryption calculation is handed to a third party, meanwhile, the workload of node verification is reduced by using an intelligent contract, and the user is ensured to receive an intermediate ciphertext in time in the roadside unit range; and adding attribute classification and updating the dynamic attribute. The scheme of the invention greatly improves the encryption and decryption efficiency, the confidentiality of the message and the access control flexibility on the basis of protecting the privacy, so that the practicability of the scheme of the invention is stronger. Therefore, the invention overcomes the defects of the prior art and has good application prospect.
The above description is only for the preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.
Claims (9)
1. A distributed access control method supporting privacy protection in the Internet of vehicles is characterized by comprising the following steps:
step 1: initializing a global authentication center CA to generate a global public parameter PP and a master key MSK of the system;
step 2: the local authentication center LA initializes and generates its public key PK by using the global public parameter PP obtained in step 1 k And a private key SK k ;
And step 3: data encryption;
firstly, a fuzzy tree access strategy T is established by a data owner Obf Then, the data which needs to be sent is encrypted and calculated to obtain the local ciphertext CT loc And finally CT local cipher text loc Sending the data to a roadside unit RSU for final encryption to obtain a final ciphertext CT;
and 4, step 4: generating a user attribute private key;
the global authentication center CA distributes a static attribute key SK for a user st And certificate Cer Ui Then the local authentication center CA distributes the dynamic attribute key SK for the user dy (ii) a Wherein the static attribute key SK st And a dynamic attribute key SK dy Respectively generating parameters generated in respective initialization stages and attributes of the user;
and 5: decrypting the ciphertext; a legal user initiates an access request to a roadside unit RSU, the roadside unit RSU verifies whether the user attribute meets an access strategy or not by an intelligent contract after receiving the request, then outsourcing decryption is carried out through a part of private keys of the user, and a decrypted ciphertext is sent to the user; and the user receives the intermediate ciphertext and finally decrypts by using the private key of the user.
2. The distributed access control method supporting privacy protection in the Internet of vehicles according to claim 1, characterized in that the specific process steps of the step 1 are as follows:
step 1.1: setting a safety parameter lambda of the system, and selecting multiplication cyclic groups G and G with prime order p in the cyclic domain 1 (ii) a G is a generator of G; e is a bilinear map satisfying e: G × G → G 1 ;
Step 1.2: the system initializes and sets the static attribute set: s st ={x 1 ,x 2 ,x 3 ,...x j …,x n At Z p The method comprises the following steps of randomly selecting three integers of alpha, beta and a, and selecting two collusion-resistant hash functions: h {0,1} * →G 0 ,H 1 :{0,1} * →G 0 And lagrangian coefficient:wherein i, x ∈ Z p ,Z p The method comprises the following steps of (1) representing a modulus p remainder set, wherein l belongs to S, and S is an arbitrary attribute set;
3. The distributed access control method supporting privacy protection in the Internet of vehicles according to claim 2, wherein the specific implementation process of the step 2 is as follows:
each local authentication center LA defines a set of dynamic attributes:and in Z p Selecting random number b from dynamic attribute setSelect any one of the attributes y j (ii) a Local authentication center LA at Z p In the random number v j CalculatingFinally, generating the public key PK of the local authentication center LA k And a private key SK k ;PK k :SK k :
4. The distributed access control strategy for secure sharing of data in the internet of vehicles according to claim 3, wherein: the specific implementation process of the step 3 is as follows:
step 3.1: generating a fuzzy access strategy;
firstly, a data owner establishes a tree access strategy T;
then the data owner is in Z p Selecting h as medium random, calculating g h ,u i =H 1 (a i ),Wherein, a i Is the attribute corresponding to each leaf node in the tree structure;
finally, reuse the obfuscated attribute s i Alternative a i Thereby generating a fuzzy tree access strategy T Obf ;
Step 3.2: calculating a local ciphertext;
firstly, the data owner selects an AES symmetric encryption algorithm with the length of 128 bits to encrypt a message M, an encryption key is Syk, and H is obtained through calculation 1 (SE Syk (M));
Then, the data owner is in Z p In which the number s is chosen as the root nodeA secret value;
next, the data owner accesses the policy T from the fuzzy tree Obf Starting from the root node R, selecting a polynomial q (-) from top to bottom, and setting q R (1)=s 1_1 ,q R (2)=s 2_2 ,s 1_1 Representing a fuzzy tree access policy T Obf Middle subtree T 1 Root node q R (1) The secret value of (a); s 2_2 Respectively representing fuzzy tree access policies T Obf Middle subtree T 2 Root node q R (2) The secret value of (a);
finally, local ciphertext CT is obtained by utilizing common parameter calculation loc :
In the above formula, S 1 Accessing policy T for fuzzy trees Obf Subtree T of 1 The set of static attributes contained in (a); s 2 Accessing policy T for fuzzy trees Obf Subtree T of 2 The set of static attributes contained in (a);
step 3.3: calculating a final ciphertext; the road side unit RSU in charge of the region receives the local ciphertext CT sent by the data owner loc Then, from subtree T 2 Starting from the root node, selecting a polynomial q from top to bottom 2 And computing the final ciphertext CT by using the common parameters:
5. the distributed access control strategy for secure sharing of data in the internet of vehicles according to claim 4, wherein: step 3 further comprises step 3.4: generating a transaction;
6. The distributed access control strategy for secure sharing of data in the internet of vehicles according to claim 5, wherein: the specific implementation process of the step 4 is as follows:
step 4.1: generating a static attribute private key; the global certificate authority CA uses the master key MSK and the public parameter PP and the static attribute set of the userGenerating static Attribute private Key SK st :
In the above formula: z, t, r are all at Z p A randomly selected number;
step 4.2: generating a certificate;
user submits to global certification center CA's own identity ID U The global authentication center CA firstly verifies the validity of the user identity;
finally, the global authentication center CA uses the static attribute private key SK st Value g of (D) βt Sending the data to a local authentication center LA;
step 4.3: generating a dynamic attribute key; the local authentication center LA verifies the credentials of the userIf the certificate is valid, use the local authentication center LA's own public keyKey PK k And a private key SK k And a common parameter PP, a set of dynamic attributesGeneration of dynamic Attribute Key, SK, for A user dy :
In the above formula, m is in Z p Of the first and second sets.
7. The distributed access control strategy for data security sharing in the internet of vehicles according to claim 6, wherein the specific implementation procedure of the step 5 is as follows:
step 5.1: calculating an attribute value; firstly, the user uses its own partial key g ah ,g bh Calculating obfuscated attribute valuesThen will bes i And a certificateTo the roadside units RSU responsible for the area k ;
Step 5.2: outsourcing decryption; RSU responsible for this region k First checking the user credentialsWhether it is recorded on the blockchain, and if not, to verify the user credentials beforeThe effectiveness of (a); after the verification is finished, the intelligent contract which is deployed in advance can be automatically mobilizedAccording to the submitted attribute value s i Judging whether the user is the user meeting the access right, and judging whether the user is in the roadside unit RSU in charge of the area according to the vehicle speed, the distance from the vehicle, the pre-calculation time and the communication speed if the user is the user meeting the access right k An edge of a communication range; if the edge is close, the roadside unit RSU in charge of the area k After pre-decryption, the obtained intermediate ciphertext is directly returned to the roadside unit RSU responsible for the next region k+1 Returning the intermediate ciphertext to the user;
the intermediate ciphertext specifically is:wherein T is Obf ,C=g s Which is a part of the final ciphertext CT,to iterate the computation by lagrange interpolation,
step 5.3: decrypting by the user;
And then calculating the value of the root node: f R =e(g,g) βts ;
Finally, a symmetric key is calculated:
and the message M can be obtained by decryption according to a symmetric encryption algorithm.
8. The distributed access control strategy for the secure sharing of data in the internet of vehicles according to claim 7, wherein: step 5 also includes step 5.4 transaction generation;
9. The distributed access control policy for secure sharing of data in a networked vehicle of claim 8, wherein: the method also comprises the step 6: updating the attribute; the specific implementation process of the step is as follows:
step 6.1: generating an updating key; the local authentication center LA generates three updated keys, UK respectively j→o ,UK no ,UK ct ;
Wherein, UK j→o =v j /v o The private key is updated for the user needing to update the attribute;
step 6.2: updating a private key of a user;
when a user needing attribute updating receives an updating key UK distributed by a local authentication center LA j→o Then to holdThe following calculations are performed:
when the user not needing to update the attribute receives the update key UK distributed by the local authentication center LA no Then the following calculation is performed:
step 6.3: updating the final ciphertext; to ensure that a user newly added to the system can decrypt the original ciphertext, the roadside unit RSU k If the final ciphertext needs to be updated, the following calculation is executed;
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210162394.5A CN115189903B (en) | 2022-02-22 | 2022-02-22 | Distributed access control method supporting privacy protection in Internet of vehicles |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210162394.5A CN115189903B (en) | 2022-02-22 | 2022-02-22 | Distributed access control method supporting privacy protection in Internet of vehicles |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115189903A true CN115189903A (en) | 2022-10-14 |
CN115189903B CN115189903B (en) | 2023-09-15 |
Family
ID=83511933
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210162394.5A Active CN115189903B (en) | 2022-02-22 | 2022-02-22 | Distributed access control method supporting privacy protection in Internet of vehicles |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115189903B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116827696A (en) * | 2023-08-30 | 2023-09-29 | 北京航空航天大学 | Vehicle-mounted network cleanable access control method and system with policy protection |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016197769A1 (en) * | 2015-06-12 | 2016-12-15 | 深圳大学 | Cloud storage ciphertext access control system based on table attributes |
CN110099043A (en) * | 2019-03-24 | 2019-08-06 | 西安电子科技大学 | The hiding more authorization center access control methods of support policy, cloud storage system |
CN112564903A (en) * | 2020-12-08 | 2021-03-26 | 西安电子科技大学 | Decentering access control method for data security sharing in smart power grid |
CN113194078A (en) * | 2021-04-22 | 2021-07-30 | 西安电子科技大学 | Cloud-supported privacy protection sequencing multi-keyword search encryption method |
CN113489733A (en) * | 2021-07-13 | 2021-10-08 | 郑州轻工业大学 | Block chain-based content center network privacy protection method |
-
2022
- 2022-02-22 CN CN202210162394.5A patent/CN115189903B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016197769A1 (en) * | 2015-06-12 | 2016-12-15 | 深圳大学 | Cloud storage ciphertext access control system based on table attributes |
CN110099043A (en) * | 2019-03-24 | 2019-08-06 | 西安电子科技大学 | The hiding more authorization center access control methods of support policy, cloud storage system |
CN112564903A (en) * | 2020-12-08 | 2021-03-26 | 西安电子科技大学 | Decentering access control method for data security sharing in smart power grid |
CN113194078A (en) * | 2021-04-22 | 2021-07-30 | 西安电子科技大学 | Cloud-supported privacy protection sequencing multi-keyword search encryption method |
CN113489733A (en) * | 2021-07-13 | 2021-10-08 | 郑州轻工业大学 | Block chain-based content center network privacy protection method |
Non-Patent Citations (3)
Title |
---|
YAO YU等: ""Privacy Protection Scheme Based on CP-ABE in Crowdsourcing-IoT for Smart Ocean"", 《IEEE INTERNET OF THINGS JOURNAL》, vol. 7, no. 10, XP011813870, DOI: 10.1109/JIOT.2020.2989476 * |
严新成;陈越;翟雨畅;兰巨龙;黄恺翔;: "一种高效的CP-ABE云数据访问控制方案", 小型微型计算机系统, no. 10 * |
李聪;杨晓元;王绪安;: "隐私保护的可验证外包属性基解密方案", 小型微型计算机系统, no. 09 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116827696A (en) * | 2023-08-30 | 2023-09-29 | 北京航空航天大学 | Vehicle-mounted network cleanable access control method and system with policy protection |
CN116827696B (en) * | 2023-08-30 | 2023-12-15 | 北京航空航天大学 | Vehicle-mounted network cleanable access control method and system with policy protection |
Also Published As
Publication number | Publication date |
---|---|
CN115189903B (en) | 2023-09-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Guo et al. | Blockchain meets edge computing: A distributed and trusted authentication system | |
CN111355745B (en) | Cross-domain identity authentication method based on edge computing network architecture | |
Zhang et al. | Data security and privacy-preserving in edge computing paradigm: Survey and open issues | |
CN108833393B (en) | Revocable data sharing method based on fog computing | |
US9646168B2 (en) | Data access control method in cloud | |
AU2003202511B2 (en) | Methods for authenticating potential members invited to join a group | |
Feng et al. | An efficient privacy-preserving authentication model based on blockchain for VANETs | |
Salowey et al. | Specification for the derivation of root keys from an extended master session key (EMSK) | |
CN113783836A (en) | Internet of things data access control method and system based on block chain and IBE algorithm | |
Memon et al. | Design and implementation to authentication over a GSM system using certificate-less public key cryptography (CL-PKC) | |
CN113746632B (en) | Multi-level identity authentication method for Internet of things system | |
CN111147460A (en) | Block chain-based cooperative fine-grained access control method | |
CN114036539A (en) | Safety auditable Internet of things data sharing system and method based on block chain | |
Qin et al. | An ECC-based access control scheme with lightweight decryption and conditional authentication for data sharing in vehicular networks | |
Zhao et al. | A verifiable hidden policy CP‐ABE with decryption testing scheme and its application in VANET | |
CN105721146B (en) | A kind of big data sharing method towards cloud storage based on SMC | |
CN113872760A (en) | SM9 key infrastructure and security system | |
CN113434875A (en) | Lightweight access method and system based on block chain | |
CN115189903B (en) | Distributed access control method supporting privacy protection in Internet of vehicles | |
Zhang et al. | Blockchain-enabled efficient distributed attribute-based access control framework with privacy-preserving in IoV | |
Gao et al. | An anonymous access authentication scheme based on proxy ring signature for CPS-WMNs | |
CN111444268A (en) | Data encryption method based on block chain | |
CN114826716B (en) | Internet of vehicles condition privacy protection method based on certificate-free group signcryption | |
Rasheed et al. | Blockchain-based trust verification and streaming service awareness for big data-driven 5g and beyond vehicle-to-everything (v2x) communication | |
Nayudu et al. | Dynamic Time and Location Information in Ciphertext-Policy Attribute-Based Encryption with Multi-Authorization. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |