CN103297227A - Attribute-based encryption supporting flexible and direct-revocatory ciphertext policy - Google Patents
Attribute-based encryption supporting flexible and direct-revocatory ciphertext policy Download PDFInfo
- Publication number
- CN103297227A CN103297227A CN2013102748648A CN201310274864A CN103297227A CN 103297227 A CN103297227 A CN 103297227A CN 2013102748648 A CN2013102748648 A CN 2013102748648A CN 201310274864 A CN201310274864 A CN 201310274864A CN 103297227 A CN103297227 A CN 103297227A
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- attribute
- type
- center
- encipherer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention discloses attribute-based encryption supporting flexible and direct-revocatory ciphertext policy. The encryption is characterized in that the encryption includes: (1) generating system public keys and main secret keys; (2) generating attributive secret keys; (3) encrypting to generate ciphertext; (4) generating and publishing public parameters by an attribute center; generating ciphertext updating secret keys and transmitting the ciphertext updating secret keys to cloud service providers through secure channels; (5) ciphertext updating procedure; (6) user decrypting procedure. The Attribute-based encryption supporting flexible and direct-revocatory ciphertext policy has the advantages that the size of ciphertext is constant, communication traffic is small, users do not need to update attribute, computation complexity and storage cost are low, users do not need to update secret keys every time, load of authority centers is greatly relieved and the like.
Description
Technical field
The present invention relates to computer realm, be specifically related under a kind of ciphertext strategy of supporting flexibly and directly cancelling the encryption based on attribute.
Background technology
Along with developing rapidly of cloud computing, carrying out data sharing by third party service provider will be more and more economical and convenient.Meanwhile, data-privacy also just becomes the focus that everybody studies with relevant safety problem.
Encryption (ABE) based on attribute is the public key cryptography primitive that application prospect is arranged very much; can be used for realizing the extendible fine-grained access control system at the scale data, in this access control system various and flexibly access rights be authorized to different users.Based on the encryption (ABE) of attribute comprise under the key strategy based under the encryption (KP-ABE) of attribute and the ciphertext strategy based on two types of the encryptions (CP-ABE) of attribute.Especially, make that based on the encryption (CP-ABE) of attribute the data owner can specify access policies under the ciphertext strategy, and under this strategy, data are encrypted.When attribute of user that and if only if satisfied the access strategy of appointment in the ciphertext, the user can decipher given ciphertext.On the other hand, because the user can often change their attribute, and each attribute is shared by a plurality of users, so in encryption (ABE) system based on attribute, the problem of cancelling is very important, but also is very difficult.Any attribute is cancelled event all can have influence on the non-user of cancelling that other share this attribute.
At present, many researchs about voidable CP-ABE scheme have been arranged.Yet, also can not support flexibly based on the encipherment scheme of attribute at present and directly and be applicable to the revocation mechanism of cloud computing environment.
Summary of the invention
In view of the deficiencies in the prior art, encryption based on attribute is provided provide under a kind of ciphertext strategy of supporting flexibly and directly cancelling in the present invention, the present invention supports the mechanism that the fine granularity attribute is cancelled, specifically, after some attribute of a user is cancelled, the access rights that he still can use all the other attributes to have visit some resource, but can not visit again the shared data that are associated with reversed attribute.Simultaneously, an attribute of user cancels the access rights that do not influence the corresponding attribute of other users.The storage of realization data can be adopted the encipherment scheme based on attribute.
To achieve these goals, the technical solution used in the present invention is as follows:
Support flexibly and under the ciphertext strategy of directly cancelling based on the encryption of attribute, described strategy may further comprise the steps:
(1) generation system PKI, master key;
(2) generate the attribute key;
(3) be encrypted, generate ciphertext;
(4) the attribute center generates common parameter, and with its announcement; Generate more new key of ciphertext, and send it to cloud service provider by safe lane;
(5) ciphertext renewal process;
(6) user's decrypting process;
Need to prove that system's PKI of described generation is PK=<g, { u
k}
1≤k≤2n, { g
k}
1≤k≤2m, k ≠ m+1, v 〉; Master key is MK=<{ x
1, x
2..., x
2n, β 〉, wherein, order
Be that rank are the multiplication loop group of prime number p,
Be a bilinearity mapping, define a hash function
A generator is selected at the attribute center
And
For i=1,2 ..., 2n, the order of attribute center
It is also selected
And make v=g
β, the upper bound of total number of users is certain natural number m in the supposing the system, and is simple for explaining, order below
For i=1,2 ..., m, m+2, m+3 ..., 2m, attribute center calculation
Need to prove that described attribute key is
Wherein, the attribute center is selected for the user
Then to i ∈ 1,2 ..., n} calculates
Formula is as follows:
Also calculate at the attribute center
Wherein sn ∈ 1,2 ..., m} is a sequence number, the attribute center represents that with sn the active user is the user of sn adding system.
Need to prove that the ciphertext of described generation has two types, be respectively Type-1 and Type-2, wherein, suppose that up to the present the attribute center discloses N altogether
NowIndividual attribute revocation list,
Formed by all properties revocation list.
Wherein
Be i attribute revocation list, be at the ciphertext strategy
Following encrypting messages
The encipherer calculates
Wherein
Be defined as follows:
For 1≤i≤N
Now, the encipherer use W and
Calling auxiliary function RevoIndex generates
Then calculate
The expression with
In the corresponding attribute revocation information of W, then, the encipherer selects
And calculate M with respect to the ciphertext CT of W
W, as follows:
If
What generate so is the ciphertext of Type-1 type, in this case, does not currently have a revocation information relevant with W, and encipherer's ciphertext is set to CT
W=<W, C
0, C
1, C
2, wherein
C
1=g
s,
If
What generate so is the ciphertext of Type-2 type, and in this case, revocation information up to the present is relevant with W, and the encipherer calculates
With
Then, order
C
1=g
s,
At last, ciphertext is
Need to prove that described ciphertext is upgraded and can be generated two types ciphertext: Type-3 and Type-4 wherein, generate the ciphertext of Type-3 and Type-4 respectively after the Type-1 that is produced by the encipherer and the ciphertext of Type-2 are updated.
Beneficial effect of the present invention is that the present invention only needs server to handle containing those ciphertexts of being cancelled attribute, thereby greatly reduces computation complexity and storage cost.Simultaneously, other validated users do not need all to carry out each time key updating yet, and this has alleviated the burden at attribute authority (aa) center.In order further to raise the efficiency, we also introduce the open parameter that hash function comes generation system, thereby make that the size of system parameters can the linear increase along with the increase of system property number.The present invention also can be used for fine-grained access control.
To sum up, the present invention has the ciphertext constant magnitude, and the traffic is little, does not need the user to carry out attribute and upgrades, and computation complexity and storage cost are little, does not need user's new key more all each time, has alleviated the advantages such as burden at authoritative center greatly.
Embodiment
To be further described the present invention below.
Need to prove, for a better understanding of the present invention, do following the description earlier:
1, attribute and access structure
Suppose to have in the attribute space n attribute, i.e. u={ ω
1, ω
2..., ω
n, wherein n is a definite natural number.Each attribute ω
iThree kinds of situations are arranged: just
Negative
" unimportant ",
The expression user has attribute ω
i,
The expression user does not have attribute ω
iPerhaps ω
iIt or not user's a correct attribute.Consider that access structure W is by single constituting with door of positive attribute and negative attribute, namely
Wherein
Be the index of the community set of appointment among the W,
Be
Or
If certain attribute with door in do not occur, namely this attribute is " unimportant ".It should be noted that
And if only if ω
i∈ S works as
The time,
When
The time, wherein
2, auxiliary function
We introduce an auxiliary function RevoIndex and go to check whether access structure W is subjected to the attribute revocation list
Influence.In other words be exactly, we can decide when k attribute cancelled the event generation according to auxiliary function RevoIndex, and whether the ciphertext under the access structure W needs to upgrade.Detail is as follows:
Give fixed system PKI PK, access structure W, attribute revocation list
Auxiliary function is inferred indexed set
When namely k cancelled event and takes place, the user relevant with access structure W collected.
Wherein
u
(k)Be the property set that has cancelled at the attribute center,
Expression when k attribute cancelled, the user's that attribute ω has been cancelled by the attribute center indexed set.Especially,
With
Representative respectively
Middle attribute ω value is ω
+And ω
-The user.Order
Auxiliary function RevoIndex returns then
Wherein work as
The time
When
The time
Suppose
If
So, even k attribute cancelled, the ciphertext under the access structure W can not be updated yet.Otherwise,
Ciphertext under the access structure W can be upgraded by the attribute center, thus make by
The user of appointment can not visit the data of these ciphertext correspondences again.
Specific implementation process of the present invention is:
(1) generation system PKI, master key; (1
λ): order
Be that rank are the multiplication loop group of prime number p,
It is a bilinearity mapping.Define a hash function
A generator is selected at the attribute center
And
For i=1,2 ..., 2n, the order of attribute center
It is also selected
And make v=g
βThe upper bound of total number of users is certain natural number m in the supposing the system.Simple for explaining, order below
For i=1,2 ..., m, m+2, m+3 ..., 2m, attribute center calculation
The PKI of system is PK=<g, { u
k}
1≤k≤2n, { g
k}
1≤k≤2m,
K ≠ m+1, v}.Master key is MK=<{ x
1, x
2..., x
2n, β }.
(2) generate the attribute key; (S): S is the attribute of user set that has the respective attributes key for PK, MK.The attribute center is selected for the user
Then to i ∈ 1,2 ..., n} calculates
As follows:
Also calculate at the attribute center
Wherein sn ∈ 1,2 ..., m} is a sequence number.Notice that the attribute center represents that with sn the active user is the user of sn adding system.At last, corresponding attribute key is
(3) be encrypted, generate ciphertext;
This cryptographic algorithm can generate two types ciphertext: Type-1 and Type-2.Suppose that up to the present the attribute center discloses N altogether
NowIndividual attribute revocation list,
Formed by all properties revocation list.
Wherein
Be i attribute revocation list.Will be at the ciphertext strategy
Following encrypting messages
The encipherer calculates
Wherein
Be defined as follows:
In addition, for 1≤i≤N
Now, the encipherer use W and
Calling auxiliary function RevoIndex generates
Then calculate
The expression with
In the corresponding attribute revocation information of W.Then, the encipherer selects
And calculate M with respect to the ciphertext CT of W
W, as follows:
If
What generate so is the ciphertext of Type-1 type.In this case, currently do not have a revocation information relevant with W, encipherer's ciphertext is set to CT
W=<W, C
0, C
1, C
2, wherein
C
1=g
s,
If
What generate so is the ciphertext of Type-2 type.In this case, revocation information up to the present is relevant with W, and the encipherer calculates
With
Then, order
C
1=g
s,
At last, ciphertext is
(4) the attribute center generates common parameter, and with its announcement; Generate more new key of ciphertext, and send it to cloud service provider by safe lane;
The attribute center is selected
Make more new key UK of ciphertext
(k)=uk
(k)β calculates common parameter
Then, PP is issued at public notice board in the attribute center
(k), and by safe lane UK
(k)Send to cloud service provider.
(5) ciphertext renewal process;
This algorithm can generate two types ciphertext: Type-3 and Type-4.Particularly, generate the ciphertext of Type-3 and Type-4 after the ciphertext of the Type-1 that is produced by the encipherer and Type-2 is updated respectively.For according to k attribute revocation list
Upgrade ciphertext CT
W, we below will be according to CT
WThe difference of type divides four kinds of situations to discuss.
First kind of situation: CT
W=<W, C
0, C
1, C
2, i.e. CT
WIt is the Type-1 type ciphertext that is generated by the encipherer.In this case, we know k=1.To 1≤i≤k, cloud service provider is calculated
Subsequently, its order
Wherein
Then, if
Ciphertext just there is no need to be updated so.Otherwise,
Cloud service provider is calculated so
Then, order
And
Wherein
At last, the ciphertext of renewal is
Be Type-3 type ciphertext.
Second kind of situation:
Be CT
WIt is the Type-2 type ciphertext that is generated by the encipherer.Suppose
We know j 〉=1 and k=j+1.In this case, cloud service provider is the same with first kind of situation, generates the ciphertext assembly
With
At last, the ciphertext of renewal is
Be Type-4 type ciphertext.
The third situation:
Be CT
WIt is the Type-3 type ciphertext that is generated by cloud service provider.In this case, we know k 〉=2.The renewal process of ciphertext is as follows.To 1≤i≤k, cloud service provider is calculated:
Subsequently, order
Then, if
Then ciphertext there is no need to be updated.Otherwise,
Then cloud service provider is calculated
Then,
Wherein
The 4th kind of situation:
Be CT
WIt is the Type-4 type ciphertext that is generated by cloud service provider.Suppose
We know j 〉=1 and k 〉=j+2.In this case, cloud service provider is the same with the third situation, upgrades ciphertext assembly C
0With
At last, the ciphertext of renewal is
This ciphertext remains Type-4 type ciphertext.
(6) user's decrypting process; (PK, PP, CT
W, SK
S): the user can use key
Remove decrypting ciphertext CT
WIf
Then algorithm returns ⊥.Otherwise,
Then according to CT
WThe difference of type divide four kinds of situations to discuss.
First kind of situation: for Type-1 type ciphertext CT
W=<W, C
0, C
1, C
2, the user calculates
Can decrypt message according to following formula (1) then:
Second kind of situation: for Type-2 type ciphertext
Suppose
J 〉=1 wherein.Then, to 1≤i≤j, the user calculates
Next,
If
Algorithm returns ⊥.Otherwise the user calculates
With
At last, can decrypt message according to following formula (2).
The third situation: ciphertext
It is Type-3 type ciphertext.Suppose
It is the up-to-date revocation list of being announced by the attribute center.To 1≤i≤N
Now, the user calculates
Then,
If
Then algorithm returns ⊥.Otherwise the user calculates
With
At last, can decrypt message according to following formula (3).
The 4th kind of situation: for Type-4 type ciphertext
Suppose
With
Be the up-to-date revocation list of being announced by the attribute center, wherein j 〉=1 and j+1≤N
NowThen, to 1≤i≤N
Now, the user calculates
Next,
Then, if
Then algorithm returns ⊥.Otherwise the user calculates
At last, can decrypt message according to following formula (4):
For a person skilled in the art, can make other various corresponding changes and distortion according to technical scheme described above and design, and these all changes and distortion should belong within the protection range of claim of the present invention all.
Claims (5)
1. support flexibly and under the ciphertext strategy of directly cancelling based on the encryption of attribute, it is characterized in that described strategy may further comprise the steps:
(1) generation system PKI, master key;
(2) generate the attribute key;
(3) be encrypted, generate ciphertext;
(4) the attribute center generates common parameter, and with its announcement; Generate more new key of ciphertext, and send it to cloud service provider by safe lane;
(5) ciphertext renewal process;
(6) user's decrypting process.
2. ciphertext strategy according to claim 1 is characterized in that, system's PKI of described generation is PK=<g, { u
k}
1≤k≤2n, { g
k}
1≤k≤2m, k ≠ m+1, v 〉; Master key is MK=<{ x
1, x
2..., x
2n, β 〉, wherein, order
Be that rank are the multiplication loop group of prime number p,
Be a bilinearity mapping, define a hash function
A generator is selected at the attribute center
And
For i=1,2 ..., 2n, the order of attribute center
It is also selected
And make v=g
β, the upper bound of total number of users is certain natural number m in the supposing the system, and is simple for explaining, order below
For i=1,2 ..., m, m+2, m+3 ..., 2m, attribute center calculation
3. ciphertext strategy according to claim 1 is characterized in that, described attribute key is
Wherein, the attribute center is selected for the user
Then to i ∈ 1,2 ..., n} calculates
Formula is as follows:
4. ciphertext strategy according to claim 1 is characterized in that, the ciphertext of described generation has two types, is respectively Type-1 and Type-2, wherein, supposes that up to the present the attribute center discloses N altogether
NowIndividual attribute revocation list,
Formed by all properties revocation list.
Wherein
Be i attribute revocation list, be at the ciphertext strategy
Following encrypting messages
The encipherer calculates
Wherein
Be defined as follows:
For 1≤i≤N
Now, the encipherer use W and
Calling auxiliary function RevoIndex generates
Then calculate
The expression with
In the corresponding attribute revocation information of W, then, the encipherer selects
And calculate M with respect to the ciphertext CT of W
W, as follows:
If
What generate so is the ciphertext of Type-1 type, in this case, does not currently have a revocation information relevant with W, and encipherer's ciphertext is set to CT
W=<W, C
0, C
1, C
2, wherein
C
1=g
s,
5. ciphertext strategy according to claim 1, it is characterized in that, described ciphertext is upgraded and can be generated two types ciphertext: Type-3 and Type-4 wherein, generate the ciphertext of Type-3 and Type-4 respectively after the Type-1 that is produced by the encipherer and the ciphertext of Type-2 are updated.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310274864.8A CN103297227B (en) | 2013-07-02 | 2013-07-02 | Support flexibly and based on the encryption of attribute under the Ciphertext policy of directly cancelling |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310274864.8A CN103297227B (en) | 2013-07-02 | 2013-07-02 | Support flexibly and based on the encryption of attribute under the Ciphertext policy of directly cancelling |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103297227A true CN103297227A (en) | 2013-09-11 |
CN103297227B CN103297227B (en) | 2016-03-23 |
Family
ID=49097585
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310274864.8A Active CN103297227B (en) | 2013-07-02 | 2013-07-02 | Support flexibly and based on the encryption of attribute under the Ciphertext policy of directly cancelling |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103297227B (en) |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104113408A (en) * | 2014-07-11 | 2014-10-22 | 西安电子科技大学 | Method for realizing timely user attribute cancel based on ciphertext-policy attribute-based encryption |
CN104618419A (en) * | 2014-08-02 | 2015-05-13 | 江苏物泰信息科技有限公司 | Scheme based on content sharing policy in cloud |
CN104780179A (en) * | 2015-05-07 | 2015-07-15 | 浙江工商大学 | Secrete key strategy attribute encryption method capable of hiding attributes |
CN105187201A (en) * | 2015-07-13 | 2015-12-23 | 西安理工大学 | Attribute encryption method capable of revoking key policies of two attributes |
CN105978895A (en) * | 2016-06-28 | 2016-09-28 | 电子科技大学 | Attribute-based encryption scheme supporting non-monotonic access structure and fine-granularity cancellation |
CN107005406A (en) * | 2014-12-05 | 2017-08-01 | 三菱电机株式会社 | Encryption system, master key updating device and master key more new procedures |
CN108880801A (en) * | 2018-07-09 | 2018-11-23 | 西南交通大学 | The distributed nature base encryption method of fine granularity attribute revocation is supported on a kind of lattice |
CN110011963A (en) * | 2019-02-27 | 2019-07-12 | 西安电子科技大学 | The information processing method with the more authorization CP-ABE effectively cancelled based on OBDD |
CN113055168A (en) * | 2021-03-29 | 2021-06-29 | 陕西师范大学 | Ciphertext strategy attribute encryption method supporting strategy hiding and attribute updating |
CN115189974A (en) * | 2022-09-13 | 2022-10-14 | 北京邮电大学 | Multi-organization access control method and device based on block chain |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111835516B (en) * | 2020-06-14 | 2021-11-23 | 西安电子科技大学 | Public key repudiatable encryption method and system |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102916954A (en) * | 2012-10-15 | 2013-02-06 | 南京邮电大学 | Attribute-based encryption cloud computing safety access control method |
CN103179114A (en) * | 2013-03-15 | 2013-06-26 | 华中科技大学 | Fine-grained access control method for data in cloud storage |
-
2013
- 2013-07-02 CN CN201310274864.8A patent/CN103297227B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102916954A (en) * | 2012-10-15 | 2013-02-06 | 南京邮电大学 | Attribute-based encryption cloud computing safety access control method |
CN103179114A (en) * | 2013-03-15 | 2013-06-26 | 华中科技大学 | Fine-grained access control method for data in cloud storage |
Non-Patent Citations (6)
Title |
---|
张荣刚: "基于属性的加密及其应用研究", 《中国硕士学位论文全文数据库信息科技辑》, 30 December 2012 (2012-12-30), pages 136 - 75 * |
王鹏翩等: "一种支持完全细粒度属性撤销的CP_ABE方案", 《软件学报》, vol. 23, no. 10, 15 October 2012 (2012-10-15), pages 2805 - 2816 * |
罗颂等: "新型自适应安全的密钥策略ABE方案", 《通信学报》, vol. 33, no. 1, 25 September 2012 (2012-09-25), pages 270 - 275 * |
苏金树等: "属性基加密机制_ 2011年06期", 《软件学报》, vol. 22, no. 6, 7 March 2011 (2011-03-07), pages 1299 - 1315 * |
郭振洲: "基于属性的加密方案的研究", 《中国优秀博士学位论文全文数据库信息科技辑》, 30 September 2012 (2012-09-30), pages 138 - 7 * |
黄杜煜等: "一个适应性安全的支持用户私钥撤销的KP_ABE方案", 《小型微型计算机系统》, vol. 33, no. 10, 15 October 2012 (2012-10-15), pages 2194 - 2198 * |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104113408B (en) * | 2014-07-11 | 2017-12-08 | 西安电子科技大学 | It is a kind of realize the revocation of timely user property based on ciphertext policy ABE encryption method |
CN104113408A (en) * | 2014-07-11 | 2014-10-22 | 西安电子科技大学 | Method for realizing timely user attribute cancel based on ciphertext-policy attribute-based encryption |
CN104618419A (en) * | 2014-08-02 | 2015-05-13 | 江苏物泰信息科技有限公司 | Scheme based on content sharing policy in cloud |
CN107005406B (en) * | 2014-12-05 | 2020-07-17 | 三菱电机株式会社 | Function type encryption system, master key updating device and storage medium |
CN107005406A (en) * | 2014-12-05 | 2017-08-01 | 三菱电机株式会社 | Encryption system, master key updating device and master key more new procedures |
CN104780179A (en) * | 2015-05-07 | 2015-07-15 | 浙江工商大学 | Secrete key strategy attribute encryption method capable of hiding attributes |
CN105187201A (en) * | 2015-07-13 | 2015-12-23 | 西安理工大学 | Attribute encryption method capable of revoking key policies of two attributes |
CN105187201B (en) * | 2015-07-13 | 2019-04-26 | 深圳市恒源昊信息科技有限公司 | The encryption attribute method of the key strategy of revocable two attributes |
CN105978895A (en) * | 2016-06-28 | 2016-09-28 | 电子科技大学 | Attribute-based encryption scheme supporting non-monotonic access structure and fine-granularity cancellation |
CN108880801A (en) * | 2018-07-09 | 2018-11-23 | 西南交通大学 | The distributed nature base encryption method of fine granularity attribute revocation is supported on a kind of lattice |
CN108880801B (en) * | 2018-07-09 | 2020-11-27 | 西南交通大学 | Distributed attribute-based encryption method for supporting fine-grained attribute revocation in lattice manner |
CN110011963A (en) * | 2019-02-27 | 2019-07-12 | 西安电子科技大学 | The information processing method with the more authorization CP-ABE effectively cancelled based on OBDD |
CN113055168A (en) * | 2021-03-29 | 2021-06-29 | 陕西师范大学 | Ciphertext strategy attribute encryption method supporting strategy hiding and attribute updating |
CN113055168B (en) * | 2021-03-29 | 2022-06-24 | 陕西师范大学 | Ciphertext strategy attribute encryption method supporting strategy hiding and attribute updating |
CN115189974A (en) * | 2022-09-13 | 2022-10-14 | 北京邮电大学 | Multi-organization access control method and device based on block chain |
Also Published As
Publication number | Publication date |
---|---|
CN103297227B (en) | 2016-03-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103297227B (en) | Support flexibly and based on the encryption of attribute under the Ciphertext policy of directly cancelling | |
Li et al. | An efficient attribute-based encryption scheme with policy update and file update in cloud computing | |
Wang et al. | New directly revocable attribute-based encryption scheme and its application in cloud storage environment | |
Li et al. | User collusion avoidance CP-ABE with efficient attribute revocation for cloud storage | |
Yang et al. | Extended proxy-assisted approach: Achieving revocable fine-grained encryption of cloud data | |
Ruj et al. | DACC: Distributed access control in clouds | |
Han et al. | Efficient and robust attribute-based encryption supporting access policy hiding in Internet of Things | |
Ali et al. | Lightweight revocable hierarchical attribute-based encryption for internet of things | |
Fan et al. | TraceChain: A blockchain‐based scheme to protect data confidentiality and traceability | |
Fan et al. | Cross-domain based data sharing scheme in cooperative edge computing | |
Li et al. | Large universe decentralized key‐policy attribute‐based encryption | |
CN106612271A (en) | Encryption and access control method for cloud storage | |
Balamurugan et al. | Extensive survey on usage of attribute based encryption in cloud | |
CN107040374A (en) | The attribute base data encryption method of user's Dynamic Revocation is supported under a kind of cloud storage environment | |
Touati et al. | Efficient cp-abe attribute/key management for iot applications | |
Liu et al. | Dynamic attribute-based access control in cloud storage systems | |
Guo et al. | Hierarchical attribute‐based encryption with continuous auxiliary inputs leakage | |
Pervez et al. | SAPDS: self-healing attribute-based privacy aware data sharing in cloud | |
Zhang et al. | A traceable and revocable multiauthority attribute-based encryption scheme with fast access | |
Ragesh et al. | Cryptographically enforced data access control in personal health record systems | |
CN110611571A (en) | Revocable access control method of smart grid system based on fog | |
He et al. | Efficient fine-grained access control for secure personal health records in cloud computing | |
Ding et al. | Policy based on homomorphic encryption and retrieval scheme in cloud computing | |
Wu et al. | Attribute-based data access control scheme with secure revocation in fog computing for smart grid | |
Bai et al. | Cross-domain access control based on trusted third-party and attribute mapping center |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |