CN103391192A - Cross-safety-domain access control system and method based on privacy protection - Google Patents

Cross-safety-domain access control system and method based on privacy protection Download PDF

Info

Publication number
CN103391192A
CN103391192A CN2013102983667A CN201310298366A CN103391192A CN 103391192 A CN103391192 A CN 103391192A CN 2013102983667 A CN2013102983667 A CN 2013102983667A CN 201310298366 A CN201310298366 A CN 201310298366A CN 103391192 A CN103391192 A CN 103391192A
Authority
CN
China
Prior art keywords
access control
service requester
isp
security domain
domain access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2013102983667A
Other languages
Chinese (zh)
Other versions
CN103391192B (en
Inventor
黄秀丽
林为民
张涛
马媛媛
王玉斐
邓松
华晔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
China Electric Power Research Institute Co Ltd CEPRI
Smart Grid Research Institute of SGCC
Original Assignee
State Grid Corp of China SGCC
China Electric Power Research Institute Co Ltd CEPRI
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, China Electric Power Research Institute Co Ltd CEPRI filed Critical State Grid Corp of China SGCC
Priority to CN201310298366.7A priority Critical patent/CN103391192B/en
Publication of CN103391192A publication Critical patent/CN103391192A/en
Application granted granted Critical
Publication of CN103391192B publication Critical patent/CN103391192B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention relates to a control system and method in the field of information safety, in particular to a cross-safety-domain access control system and method based on privacy protection. The control system comprises an authorization server, a service provider and a service requester. The control method includes that a privacy protection mechanism is adopted, fusion of cross-safety-domain access control and a privacy protection mechanism is finished in the processes of system initialization, authorization and assignment, strategy making, encryption processing and message recovery and verification, protection of privacy information of the requester is achieved, and the problem of privacy leakage of the service requester in the cross-safety-domain access control is solved. By means of the control system and method, privacy protection of the service requester can be achieved, information disclosure degree is reduced, sensitive information leakage is avoided, and privacy safety of the service requester is achieved.

Description

A kind of based on secret protection across security domain access control system and control method thereof
Technical field
The present invention relates to control system and the control method thereof of information security field, be specifically related to a kind of based on secret protection across security domain access control system and control method thereof.
Background technology
Fast development and application popularization along with computer technology, network technology, a plurality of tissues that region disperses have been realized carrying out Remote Dynamic alternately and cooperative work by computer network, and the activities such as based on network ecommerce, E-Government, online research progressively become the application model of main flow.The based on network cross-domain features of organizing extensive information system application to have opening, distributivity, dynamic more, therefore cross-domain access control present distribution of resource, movable dynamic, main body can not awareness etc. feature.How in cross-domain access control, ISP's the resource privacy of protecting simultaneously service requester that control effectively is become one of important study hotspot of information security field.
In the Distributed access control model, service requester usually with information announcings such as a large amount of attributes to the ISP, so that the ISP gives the service requester authority according to attribute information according to control strategy.But the disclosure of a large amount of attribute informations easily causes privacy to reveal, and this has brought hidden danger and risk to service requester.Therefore, research is across the security domain access control method, thereby the privacy information of protection service requester is significant in multiple domain interoperability environment.
At present, access control model use access control UCON (Usage Control) based on attribute is access control field important research direction, UCON expands traditional access control, define mandate, obligation and three deciding factors of condition, proposed simultaneously continuity and two important property of changeability of access control.In traditional access control, authorization decision judged before accessing operation is carried out, and in modern access control, there is the relatively long-term resource that continues to use or cancel immediately the application requirements of resources use right limit, these all need to carry out Real Time Monitoring to access request in the use procedure of whole resource, this feature is called " continuity ".In addition, in traditional access control, attribute can only just can be modified by administration behaviour, yet in many application, these attributes have to be modified because of the behavior of main body, before may occurring in and use resource for the renewal of variable attribute, may occur in the process of use, also may occur in after resource is used to complete, this feature is called " changeability ".Continuity control and variable attribute make based on the authorization decision of history more easily to be implemented.
The fail safe of estimating access control model comprises three aspect confidentiality, integrality and availabilities.Wherein, confidentiality refers to that guarantee information do not reveal to unwarranted people; Integrality refers to prevent random generation, modification and the deletion to information, and guarantee information is delivered to the real stay of two nights and not reproducible from real information source undistortedly; Availability guarantee information system should, at any time for the authorized user provides service, prevent the denial of service that causes due to virus, assault and by the enemy, be utilized.In order to solve the complete safety problem such as true of the checking of main body in Distributed access control model object identity, communication port resource safe and reliable, that object checking main body provides, to adopt a series of access control policies when design system, realize the access control of safety.In existing Distributed access control mechanism; service requester discloses a large amount of attributes to resource owner with this gain access; these attributes have comprised a large amount of privacy informations usually, in cross-domain safe access control environment, can't carry out effective secret protection to service requester.
Summary of the invention
For the deficiencies in the prior art; the invention provides a kind of based on secret protection across the security domain access control system; another purpose be to provide a kind of based on secret protection across the security domain access control method; the present invention solves across service requester privacy leakage problem in the security domain access control; control method of the present invention is a kind of tactic method; the technical scheme that the application of the invention provides can realize the secret protection of service requester; reduce the information announcing degree; stop sensitive information leakage, realize the personal secrets of service requester.
The objective of the invention is to adopt following technical proposals to realize:
The invention provides a kind of based on secret protection across the security domain access control system; its improvements are; described system comprises authorization server, ISP and service requester; described authorization server carries out data interaction with service requester and ISP respectively, and described service requester and ISP carry out data interaction.
Wherein, described authorization server is assigned the service requester mandate, provides both sides' public and private key distribution to service requester and ISP, and security domain access control process and Privacy Preservation Mechanism are merged; Described authorization server comprises cipher key store, attribute library and policy library.
Wherein, described cipher key store is used for preserving the mandate PKI of service requester and ISP's encryption key; The attribute information of described attribute library storage service provider module and service supplicant module; Described policy library is used for the decision strategy of storage system; Cipher key store, attribute library, policy library all possess to preservation information increase, delete, search, backup functionality.
Wherein, described ISP accepts the passive entity of principal access by the regulation of authority set; Comprise tactful extraction module and encrypting module;
Described tactful extraction module carries out the strategy extraction by sending the object attribute; Described encrypting module has been responsible for the encrypted work of information, comprises the access control policy to resource settings.
Wherein, described service requester is the ISP to be had the active entities of rights of using, comprises authorized application module and deciphering module;
Described authorized application module is carried out authority application by sending the main body attribute; Described deciphering module has been responsible for the decryption work of information.
The present invention is based on that another purpose provides a kind of based on secret protection across the security domain access control method, its improvements are, described method adopts Privacy Preservation Mechanism, comprises the steps:
(1) based on secret protection across the initialization of security domain access control system;
(2) service requester sends the sign ID request authorized certificate of oneself to authorization server;
(3) authorization server identifies according to service requester the property set that ID Analysis Service requestor has;
(4) authorization server calculates and authorizes the decruption key component to send to service requester;
(5) ISP sends all properties sign relevant to local policy to authorization server;
(6) authorization server calculates encryption policy encryption key component and sends to the ISP;
(7) service requester is initiated service request to the ISP;
(8) ISP's calculation services requestor's mandate decruption key component, and choose at random intermediate variable, make u=H 3(σ, m);
(9) ISP is according to request resource marker extraction policy expression, and first ancestral's number of definite ciphertext;
(10) determine ciphertext, and to service requester, send the resource response information that process is encrypted;
(11) service requester fetch strategy expression formula from resource response information, determine simultaneously first ancestral's number of ciphertext, and judge whether first yuan ancestral number of ciphertext belongs to the addition cyclic group;
(12) service requester is constructed key according to policy expression, chooses the combinations of attributes that meets tactful subitem;
(13) service requester double counting, and checking U=uP
(14) service requester with the output of decruption key component expressly.
Wherein, in described step (1), system initialization is completed by authorization server, comprising: given security parameter k ∈ Z +, input k produces large prime number q, selects to meet the super unusual elliptic curve E/GF (p) that the BDH problem is difficult to resolve, and by E/GF (p), generates the group G that two rank are q 1And G 2, G 1For addition cyclic group, G 2For multiplication loop group, bilinear map
Figure BDA00003520782200031
Choose at random intermediate variable P ∈ G 1Choose random number
Figure BDA00003520782200032
And hash function
Figure BDA00003520782200033
H 2: G 2→ { 0,1} n, n ∈ Z +,
Figure BDA00003520782200034
H 4: { 0,1} n→ { 0,1} n, (n ∈ Z +);
Structure is space M={0 expressly, 1} nAnd the cryptogram space
Figure BDA00003520782200037
System parameters is params = ⟨ q , G 1 , G 2 , e ^ , n , P , H 1 , H 2 , H 3 , H 4 , ⟩ , Wherein, master key is s ∈ Z q * .
Wherein, in described step (2), the scope of sign ID is ID ∈ { 0,1} *In described step (3), described property set { a 1, a 2..., a mExpression.
Wherein, in described step (4), authorization server calculates
Figure BDA00003520782200041
With
Figure BDA00003520782200042
To gather
Figure BDA00003520782200043
Send to service requester, set
Figure BDA00003520782200044
Be the mandate decruption key component that authorization server is distributed to service requester, under the access control policy prerequisite, (access control policy is that resource owner is formulated meeting, there is no much relations with this algorithm, formulate exactly: the user who possesses what attribute can access the resource that possesses what attribute, belongs to the policy development category of access control method UCON) the deciphering security information.
Wherein, in described step (5), described attribute-bit { a 1, a 2..., a nExpression.
Wherein, in described step (6), authorization server calculates
Figure BDA00003520782200045
To gather Send to the ISP, set
Figure BDA00003520782200047
Be the mandate encryption key component that authorization server is distributed to the ISP; G 1Represent that super unusual hyperbola produces the addition cyclic group, P represents the intermediate variable of choosing at random, P ∈ G 1
Figure BDA000035207822000416
The formula factor of authorizing the encryption key component is calculated in expression.
Wherein, in described step (7), described service request use<ID, SID〉expression, wherein SID is resource identification.
Wherein, in described step (8), ISP's calculation services requestor's mandate decruption key component And choose at random intermediate variable σ ∈ (0,1) n, make u=H 3(σ, m).
Wherein, in described step (9), the ISP is according to request resource sign SID fetch strategy expression formula { a i,1∧ ... ∧ a i,m(each component of this expression formula refers to attribute, and which type of combinations of attributes ability gain access representative must possess), determine respectively first ancestral's number of ciphertext for each policy expression
Figure BDA00003520782200049
Wherein: Component is encrypted in expression.
For each resource, a lot of policy expressions are arranged, meet any one policy expression and can obtain corresponding authority, each component of this expression formula refers to the corresponding ciphertext ancestral of the unit component that calculates for each policy expression, and all ancestrals of ciphertext unit that all policy expressions calculate form ciphertext jointly.
Wherein, in described step (10), choose positive integer
Figure BDA000035207822000411
Determine ciphertext C = < uP , &sigma; &CirclePlus; H 2 ( g 1 z ) , . . . &sigma; &CirclePlus; H 2 ( g k z ) , m &CirclePlus; H 4 ( &sigma; ) > (
Figure BDA000035207822000415
This is an XOR), g 1 = e ^ ( Q ID , e i ) &Element; G 2 * , I=1 ..., k, send resource response information<Ploicy that process is encrypted, C to service requester 〉;
Figure BDA000035207822000414
The hash space of expression hash function H3; Ploicy is the access strategy of resource.
Wherein, in described step (11), first ancestral's number of ciphertext C is k, makes C=<U, V 1..., V k, W 〉, when first yuan ancestral number of ciphertext belongs to the addition cyclic group, namely
Figure BDA00003520782200051
Change step (12) over to; When first yuan ancestral number of ciphertext does not belong to the addition cyclic group, namely
Figure BDA00003520782200052
Refuse ciphertext.
Wherein, in described step (12), the combinations of attributes of tactful subitem
Figure BDA00003520782200053
The coefficient of decruption key component and encryption key component is all used { a 1, a 2..., a mRepresent, on limit the use of n, m represents, represents the number of attribute, can confusion reigned because attribute is unified the division, some attribute users and service side can have, property set is the coefficient of decruption key component and encryption key component,
Figure BDA00003520782200054
Component is encrypted in expression,
Figure BDA00003520782200055
Expression deciphering component.
Wherein, in described step (13), the service requester double counting U=H 3(σ, m), checking U=uP,, if U=uP is proved to be successful, change step (14) over to; Otherwise refusal ciphertext; U represents to encrypt first tuple of ciphertext C.
Wherein, described step (2)-step (4) is concurrency relation with step (5)-step (6).
Compared with the prior art, the beneficial effect that reaches of the present invention is:
Control method provided by the invention is a kind of method of tactic; by a kind of new based on secret protection across the security domain access control method; solve across service requester privacy leakage problem in the security domain access control; realize the secret protection of service requester; reduce the information announcing degree; stop sensitive information leakage, realize the personal secrets of service requester.Concrete:
1, authorization server module:
The authorization server module has comprised cipher key store, attribute library, policy library three parts.Cipher key store has been preserved the mandate PKI of service requester and ISP's encryption key.The attribute information of attribute library storage system each side.The decision strategy of policy library storage system.Cipher key store, attribute library, policy library all possess to preservation information increase, delete, search, the basic function such as backup, effectively met in the access control process requirement to information source.
2, ISP's module:
ISP's module has comprised tactful extraction module and encrypting module.The strategy extraction module carries out the strategy extraction by sending the object attribute.Encrypting module has been responsible for the encrypted work of information, has comprised the access control policy to resource settings.ISP's encryption operation lies in strategy in encryption key, has contained the access control rule to resource settings, and data security has also obtained effective protection simultaneously.
3, service requester module:
Service is put forward supplicant module and has been comprised authorized application module and deciphering module.The authorized application module is carried out authority application by sending the main body attribute.Deciphering module has been responsible for the decryption work of information, is equivalent to the consistency checking process in access control.The decryption processing process of service requester is assigned the mandate of individuality to lie in decruption key, has contained the consistency desired result of the attribute that access control policy and user have, and the consistency checking of access control has been completed in decryption oprerations.
4, Privacy preserving algorithms:
Privacy preserving algorithms successfully maps authorized certificate with the decruption key component; and with policy expression, construct the encryption key component; if and only if, and decruption key corresponding to encryption key that the requestor has can be deciphered, and reached the Security Target that makes the least possible acquisition applicant information of ISP meeting when the requestor is obtaining the Lawful access authority.Privacy preserving algorithms is in system initialization, mandate appointment, tactful customization, encryption, message recovery and proof procedure; complete the fusion across security domain access control and Privacy Preservation Mechanism; realized the protection to requestor's privacy information, solved across service requester privacy leakage problem in the security domain access control.
Description of drawings
Fig. 1 be provided by the invention based on secret protection across security domain access control system structure chart;
Fig. 2 is the flow chart across the security domain access control method based on secret protection provided by the invention.
Embodiment
Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described in further detail.
Privacy Preservation Mechanism, using on the access control model basis,, in conjunction with the encryption technology based on identity, realizes the privacy of cross-domain access control.This mechanism is divided into five parts: system initialization, mandate appointment, tactful customization and response, encryption, message recovery and checking.This mechanism is carried out the Descriptive strategies expression formula with attribute boolean argument, and policy expression is converted into disjunctive normal form, forms the mapping between access control decision and tactful Boolean expression value.The ISP lies in strategy in PKI information is encrypted, and the requestor is decrypted message with the decruption key of contain to authorize assigning, and and if only if, and the requestor has private key corresponding to encrypted public key can decipher.This mechanism is not revealed user sensitive information, has effectively protected the privacy of service requester.
Mainly consider the problem of two aspects based on secret protection across the security domain access control method: (1) access control system structural design; (2) Privacy Preservation Mechanism design.Privacy Preservation Mechanism design main contents comprise the quadravalence sections such as system initialization, public and private key extraction, encryption, deciphering.The Privacy Preservation Mechanism design mainly refers to the design of privacy algorithm flow; main consider authorization server to the distribution of the appointment of authorizing, private key, PKI the problem such as distribution and encryption, deciphering problem, complete a straightforward verification of strategy and requestor's secret protection.
One, system configuration:
Provided by the invention based on secret protection across security domain access control system structure chart as shown in Figure 1, comprise three parts, authorization server module, ISP's module and service supplicant module.In figure, authorization server is the core of native system: the authorization server consideration, to the mandate appointment of service requester, to service requester and ISP both sides' the problems such as public and private key distribution, will be merged across security domain access control process and Privacy Preservation Mechanism.The present invention proposes Privacy Preservation Mechanism in mutual across the security domain access control, effectively protected the privacy across service requester under the security domain access controlled environments.Authorization server carries out data interaction with service requester and ISP respectively, and service requester and ISP carry out data interaction.
Below provide and illustrate:
The authorization server module: the authorization server module has comprised cipher key store, attribute library, policy library three parts.Cipher key store has been preserved the authorization key of service requester and ISP's encryption key.The attribute library attribute information storage.The decision strategy of policy library storage system, policy library be based on mandate, obligation and three decision factors of condition, and, in conjunction with continuity and variable attribute, design the Policy model of a cover access control.Cipher key store, attribute library, policy library all possess to preservation information increase, delete, search, the basic function such as backup.
ISP's module: ISP's module is to accept the passive entity (being object) of principal access by the regulation of authority set.Object can be the aggregates such as the information used in Workflow system, file, record, can be also the hardware device on network, the terminal in radio communication etc.ISP's module comprises tactful extraction module and encrypting module.The strategy extraction module carries out strategy and extracts.Encrypting module has been responsible for the encrypted work of information, has comprised the access control policy to resource settings.
The service requester module: the service requester module is to have to the ISP active entities (being main body) of some rights of using.The implication of main body is very extensive, can be tissue (user's group), the user itself at user place, can be also the terminal that uses of user, card machine, handheld terminal (wireless) etc., can be even application services or process.Service is put forward supplicant module and has been comprised authorized application module and deciphering module.The authorized application module is carried out authority application, wherein, the main body attribute is the attribute that the access decision process is used, main body ability and feature have been identified, be the important parameter in the authority decision process, service requester need to regularly or irregularly upgrade the attribute information of oneself by the authorized application module to authorization server.Deciphering module has been responsible for the decryption work of information, is equivalent to the consistency checking process in access control.
Privacy preserving algorithms: Privacy preserving algorithms in system initialization, mandate appointment, tactful customization, encryption, message recovery and proof procedure, is completed the fusion across security domain access control and Privacy Preservation Mechanism.
Two, method flow:
1, system initialization:
System initialization is completed by authorization server, by a given security parameter k ∈ Z +, produce a large prime number q, generating simultaneously two rank is the group G of q 1, G 2With a bilinear map
Figure BDA00003520782200071
Then choose a random number With four hash functions H 1 : { 0,1 } * &RightArrow; G 1 * , H 2:G 2→{0,1} n,n∈Z + H 3 : { 0,1 } n &times; { 0,1 } n &RightArrow; Z q * , H 4: { 0,1} n→ { 0,1} n, structure is space M={0 expressly, 1} nAnd the cryptogram space
Figure BDA00003520782200089
2, authorization server module:
Authorize to assign and completed by authorization server, service requester, must be to authorization server application bill, with sign ID ∈ { 0, the 1} of oneself in order to obtain the authorized certificate when implementing resource access *Give authorization server, the property set { a that authorization server has by the Analysis Service requestor 1, a 2..., a m, calculation services requestor's mandate decruption key component
Figure BDA000035207822000810
Strategy extracts and also by authorization server, is completed, and the ISP, in order to obtain access control policy, need to carry out strategy to authorization server and extract, by send all properties sign { a relevant with local policy to authorization server 1, a 2..., a nThe mandate encryption key component that calculates of authorized server
Figure BDA000035207822000811
3, ISP's module
Resource request<ID that ISP's module sends service requester, SID 〉, be transferred to service requester after data are encrypted.The ISP calculates
Figure BDA00003520782200081
And choose at random σ ∈ (0,1) n, allow u=H 3(σ, m), then choose a positive integer
Figure BDA00003520782200082
Extract relative strategy expression formula { a according to resource SID i,1∧ ... ∧ a i,m, calculate respectively for each policy expression
Figure BDA00003520782200083
Then calculate ciphertext C = < uP , &sigma; &CirclePlus; H 2 ( g 1 z ) , . . . , &sigma; &CirclePlus; H 2 ( g k z ) , m &CirclePlus; H 4 ( &sigma; ) > , g 1 = e ^ ( Q ID , e i ) &Element; G 2 * , i = 1 , . . . , k .
4, service requester module:
The service requester module is received the cipher-text information that the ISP sends, and uses the decruption key of oneself to be decrypted.Service requester is the fetch strategy expression formula from resource response information, determines that simultaneously first ancestral of ciphertext C counts k, makes C=U, V 1..., V k, W, if
Figure BDA00003520782200085
Refuse ciphertext.If
Figure BDA00003520782200086
, according to policy expression structure key, choose the combinations of attributes that meets tactful subitem,
Figure BDA00003520782200087
Double counting V i &CirclePlus; H 2 ( e ^ ( d i , U ) ) = &sigma; , W &CirclePlus; H 4 ( &sigma; ) = m , u = H 3 ( &sigma; , m ) , Checking U=uP, if U=uP be proved to be successful, otherwise the refusal ciphertext is exported plaintext M corresponding to ciphertext C if be proved to be successful.
5, Privacy preserving algorithms:
Privacy preserving algorithms is divided into system initialization, authorizes five processes such as appointment, tactful customization, encryption, message recovery and checking, by the complete fusion across security domain access control and Privacy Preservation Mechanism to five processes.
The flow chart across the security domain access control method based on secret protection provided by the invention as shown in Figure 2, comprises the steps:
(1) system initialization, a given security parameter k ∈ Z +, input k produces a large prime number q, selects one to meet the super unusual elliptic curve E/GF (p) that the BDH problem is difficult to resolve, and by E/GF (p), generates the group G that two rank are q 1, G 2, G 1For addition cyclic group, G 2For the multiplication loop group, a feasible bilinear map
Figure BDA00003520782200091
Choose at random a P ∈ G 1.Choose a random number s &Element; Z q * With four hash functions H 1 : { 0,1 } * &RightArrow; G 1 * , H 2 : G 2 &RightArrow; { 0,1 } n , n &Element; Z + ,
Figure BDA00003520782200094
H 4: { 0,1} n→ { 0,1} n, structure is space M={0 expressly, 1} nAnd the cryptogram space C = G 1 * &times; { 0,1 } n . At this moment, system parameters is params = &lang; q , G 1 , G 2 , e ^ , n , P , H 1 , H 2 , H 3 , H 4 &rang; , Wherein, master key is s &Element; Z q * .
(2) service requester sends sign ID ∈ { 0, the 1} of oneself to authorization server *Give authorization server;
(3) authorization server analyzes according to service requester ID the property set { a that this service requester has 1, a 2..., a m;
(4) authorization server calculates Q ID = H 1 ( ID ) &Element; G 1 * With a i s Q ID , i = 1 , . . . , m , To gather
Figure BDA000035207822000910
Send to service requester, set
Figure BDA000035207822000911
Be the mandate decruption key component that authorization server is distributed to service requester, legal service requester is by these bills, deciphers security information meeting under the access control policy prerequisite;
(5) ISP sends all properties sign { a relevant to local policy to authorization server 1, a 2..., a nTo authorization server;
(6) authorization server calculates
Figure BDA000035207822000912
To gather
Figure BDA000035207822000913
Send to the ISP, set
Figure BDA000035207822000914
Be the mandate encryption key component that authorization server is distributed to the ISP;
(7) service requester is initiated service request<ID to the ISP, SID 〉, wherein SID is resource identification;
(8) ISP calculates And choose at random σ ∈ (0,1) n, allow u=H 3(σ, m);
(9) ISP extracts relative strategy expression formula { a according to resource SID i,1∧ ... ∧ a i,m, each component of this expression formula refers to attribute, and which type of combinations of attributes ability gain access representative must possess; Calculate respectively for each policy expression e i = a i , 1 s P + . . . + a i , m s P = ( a i , 1 s + . . . + a i , m s ) P ;
(10) choose a positive integer z &Element; Z q * , Calculate ciphertext C = < uP , &sigma; &CirclePlus; H 2 ( g 1 z ) , . . . , &sigma; &CirclePlus; H 2 ( g k z ) , m &CirclePlus; H 4 ( &sigma; ) > ,
Figure BDA00003520782200103
Send resource response<Ploicy that process is encrypted, C to service requester 〉; This is an XOR,
Figure BDA00003520782200105
The hash space of expression hash function H3; Ploicy is the access strategy of resource.
(11) service requester fetch strategy expression formula from resource response information, determine that simultaneously first ancestral of ciphertext C counts k, makes C=<U, V 1..., V k, W 〉, if Refuse ciphertext;
(12) service requester is constructed key according to policy expression, chooses the combinations of attributes that meets tactful subitem, d i = a i , 1 s Q ID + a i , m s Q ID = ( a i , 1 s + a i , m s ) Q ID ;
(13) service requester double counting
Figure BDA00003520782200108
U=H 3(σ, m), checking U=uP, if U=uP be proved to be successful changes step (14) over to, otherwise the refusal ciphertext; σ and the m intermediate variable for calculating, u=H 3(σ, m) is mapping, the encipher-decipher method that is based on the discrete logarithm difficult problem of many encryption and decryption computing formula principles utilization in this algorithm;
U represents to encrypt first tuple of ciphertext C.First yuan ancestral that during encryption, the encipherer utilizes formula U=uP to calculate ciphertext counts U and then sends ciphertext, deciphering person utilize private key again calculate uP see whether consistent with ciphertext, if represent that unanimously ciphertext can decipher; The purpose of judgement is to utilize the consistency of bilinear map Property Verification encryption and decryption.
(14) service requester with the output of decruption key component expressly.
The present invention uses Privacy preserving algorithms; in system initialization, mandate appointment, tactful customization, encryption, message recovery and proof procedure; complete the fusion across security domain access control and Privacy Preservation Mechanism; reduce the information announcing degree; stop sensitive information leakage, realize the personal secrets of service requester.
Should be noted that finally: above embodiment is only in order to illustrate that technical scheme of the present invention is not intended to limit, although with reference to above-described embodiment, the present invention is had been described in detail, those of ordinary skill in the field are to be understood that: still can modify or be equal to replacement the specific embodiment of the present invention, and do not break away from any modification of spirit and scope of the invention or be equal to replacement, it all should be encompassed in the middle of claim scope of the present invention.

Claims (19)

  1. One kind based on secret protection across the security domain access control system; it is characterized in that; described system comprises authorization server, ISP and service requester; described authorization server carries out data interaction with service requester and ISP respectively, and described service requester and ISP carry out data interaction.
  2. As claimed in claim 1 based on secret protection across the security domain access control system, it is characterized in that, described authorization server is assigned the service requester mandate, provide both sides' public and private key distribution to service requester and ISP, and security domain access control process and Privacy Preservation Mechanism are merged; Described authorization server comprises cipher key store, attribute library and policy library.
  3. As claimed in claim 2 based on secret protection across the security domain access control system, it is characterized in that, described cipher key store be used for to be preserved the mandate PKI of service requester and ISP's encryption key; The attribute information of described attribute library storage service provider module and service supplicant module; Described policy library is used for the decision strategy of storage system; Cipher key store, attribute library, policy library all possess to preservation information increase, delete, search, backup functionality.
  4. As claimed in claim 1 based on secret protection across the security domain access control system, it is characterized in that, described ISP accepts the passive entity of principal access by the regulation of authority set; Comprise tactful extraction module and encrypting module;
    Described tactful extraction module carries out the strategy extraction by sending the object attribute; Described encrypting module has been responsible for the encrypted work of information, comprises the access control policy to resource settings.
  5. As claimed in claim 1 based on secret protection across the security domain access control system, it is characterized in that, described service requester is the ISP to be had the active entities of rights of using, comprises authorized application module and deciphering module;
    Described authorized application module is carried out authority application by sending the main body attribute; Described deciphering module has been responsible for the decryption work of information.
  6. One kind based on secret protection across the security domain access control method, it is characterized in that, described method adopts Privacy Preservation Mechanism, comprises the steps:
    (1) based on secret protection across the initialization of security domain access control system;
    (2) service requester sends the sign ID request authorized certificate of oneself to authorization server;
    (3) authorization server identifies according to service requester the property set that ID Analysis Service requestor has;
    (4) authorization server calculates and authorizes the decruption key component to send to service requester;
    (5) ISP sends all properties sign relevant to local policy to authorization server;
    (6) authorization server calculates encryption policy encryption key component and sends to the ISP;
    (7) service requester is initiated service request to the ISP;
    (8) ISP's calculation services requestor's mandate decruption key component, and choose at random intermediate variable, make u=H 3(σ, m);
    (9) ISP is according to request resource marker extraction policy expression, and first ancestral's number of definite ciphertext;
    (10) determine ciphertext, and to service requester, send the resource response information that process is encrypted;
    (11) service requester fetch strategy expression formula from resource response information, determine simultaneously first ancestral's number of ciphertext, and judge whether first yuan ancestral number of ciphertext belongs to the addition cyclic group;
    (12) service requester is constructed key according to policy expression, chooses the combinations of attributes that meets tactful subitem;
    (13) service requester double counting, and checking U=uP
    (14) service requester with the output of decruption key component expressly.
  7. As claimed in claim 1 based on secret protection across the security domain access control method, it is characterized in that, in described step (1), system initialization is completed by authorization server, comprising: given security parameter k ∈ Z +, input k produces large prime number q, selects to meet the super unusual elliptic curve E/GF (p) that the BDH problem is difficult to resolve, and by E/GF (p), generates the group G that two rank are q 1And G 2, G 1For addition cyclic group, G 2For multiplication loop group, bilinear map
    Figure FDA00003520782100021
    Choose at random intermediate variable P ∈ G 1Choose random number
    Figure FDA00003520782100022
    And hash function H 2: G 2→ { 0,1} n, n ∈ Z +,
    Figure FDA000035207821000213
    , H 4: { 0,1} n→ { 0,1} n, (n ∈ Z +);
    Structure is space M={0 expressly, 1} nAnd the cryptogram space
    Figure FDA00003520782100024
    System parameters is params = &lang; q , G 1 , G 2 , e ^ , n , P , H 1 , H 2 , H 3 , H 4 &rang; , Wherein, master key is s &Element; Z q * .
  8. As claimed in claim 1 based on secret protection across the security domain access control method, it is characterized in that, in described step (2), the sign ID scope be ID ∈ { 0,1} *In described step (3), described property set { a 1, a 2..., a mExpression.
  9. As claimed in claim 1 based on secret protection across the security domain access control method, it is characterized in that, in described step (4), authorization server calculates Q ID = H 1 ( ID ) &Element; G 1 * With a i s Q ID , i = 1 , . . . , m , To gather
    Figure FDA00003520782100029
    Send to service requester, set
    Figure FDA000035207821000210
    Be the mandate decruption key component that authorization server is distributed to service requester, decipher security information meeting under the access control policy prerequisite.
  10. As claimed in claim 1 based on secret protection across the security domain access control method, it is characterized in that, in described step (5), described attribute-bit is with { a 1, a 2..., a nExpression.
  11. 11. as claimed in claim 1 based on secret protection across the security domain access control method, it is characterized in that, in described step (6), authorization server calculates
    Figure FDA000035207821000211
    To gather Send to the ISP, set Be the mandate encryption key component that authorization server is distributed to the ISP; G 1Represent that super unusual hyperbola produces the addition cyclic group, P represents the intermediate variable of choosing at random, P ∈ G 1
    Figure FDA000035207821000313
    The formula factor of authorizing the encryption key component is calculated in expression.
  12. 12. as claimed in claim 1 based on secret protection across the security domain access control method, it is characterized in that in described step (7), described service request use<ID, SID〉expression, wherein SID is resource identification.
  13. 13. as claimed in claim 1 based on secret protection across the security domain access control method, it is characterized in that, in described step (8), ISP's calculation services requestor's mandate decruption key component
    Figure FDA00003520782100032
    And choose at random intermediate variable σ ∈ (0,1) n, make u=H 3(σ, m).
  14. 14. as claimed in claim 1 based on secret protection across the security domain access control method, it is characterized in that, in described step (9), the ISP is according to request resource sign SID fetch strategy expression formula { a i,1∧ ... ∧ a i,m, determine respectively first ancestral's number of ciphertext for each policy expression e i = a i , 1 s P + . . . + a i , m s P = ( a i , 1 s + . . . + a i , m s ) P ; Wherein:
    Figure FDA00003520782100034
    Component is encrypted in expression.
  15. 15. as claimed in claim 1 based on secret protection across the security domain access control method, it is characterized in that, in described step (10), choose positive integer z &Element; Z q * , Determine ciphertext C = < uP , &sigma; &CirclePlus; H 2 ( g 1 z ) , . . . , &sigma; &CirclePlus; H 2 ( g k z ) , m &CirclePlus; H 4 ( &sigma; ) > ,
    Figure FDA00003520782100037
    I=1 ..., k, send resource response information<Ploicy that process is encrypted, C to service requester 〉; The hash space of expression hash function H3; Ploicy is the access strategy of resource.
  16. 16. as claimed in claim 1 based on secret protection across the security domain access control method, it is characterized in that, in described step (11), first ancestral's number of ciphertext C is k, makes C=<U, V 1..., V k, W 〉, when first yuan ancestral number of ciphertext belongs to the addition cyclic group, namely
    Figure FDA00003520782100039
    Change step (12) over to; When first yuan ancestral number of ciphertext does not belong to the addition cyclic group, namely
    Figure FDA000035207821000310
    Refuse ciphertext.
  17. 17. as claimed in claim 1 based on secret protection across the security domain access control method, it is characterized in that, in described step (12), the combinations of attributes of tactful subitem d i = a i , 1 s Q ID + a i , m s Q ID = ( a i , 1 s + a i , m s ) Q ID .
  18. 18. as claimed in claim 1 based on secret protection across the security domain access control method, it is characterized in that, in described step (13), the service requester double counting V i &CirclePlus; H 2 ( e ^ ( d i , U ) ) = &sigma; , W &CirclePlus; H 4 ( &sigma; ) = m , u = H 3 ( &sigma; , m ) , Checking U=uP,, if U=uP is proved to be successful, change step (14) over to; Otherwise refusal ciphertext; U represents to encrypt first tuple of ciphertext C.
  19. 19. as claimed in claim 1 based on secret protection across the security domain access control method, it is characterized in that, described step (2)-step (4) and step (5)-step (6) are concurrency relation.
CN201310298366.7A 2013-07-16 2013-07-16 A kind of based on secret protection across security domain access control system and control method thereof Active CN103391192B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310298366.7A CN103391192B (en) 2013-07-16 2013-07-16 A kind of based on secret protection across security domain access control system and control method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310298366.7A CN103391192B (en) 2013-07-16 2013-07-16 A kind of based on secret protection across security domain access control system and control method thereof

Publications (2)

Publication Number Publication Date
CN103391192A true CN103391192A (en) 2013-11-13
CN103391192B CN103391192B (en) 2016-09-21

Family

ID=49535357

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310298366.7A Active CN103391192B (en) 2013-07-16 2013-07-16 A kind of based on secret protection across security domain access control system and control method thereof

Country Status (1)

Country Link
CN (1) CN103391192B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104468610A (en) * 2014-12-24 2015-03-25 北京智捷伟讯科技有限公司 Credibility measuring method suitable for emergency rescue platform
CN104660583A (en) * 2014-12-29 2015-05-27 国家电网公司 Encryption service method based on Web encryption service
CN105681306A (en) * 2016-01-13 2016-06-15 华北水利水电大学 Spatial data security control system based on access mode protection
CN107360252A (en) * 2017-08-16 2017-11-17 上海海事大学 A kind of Data Access Security method that isomery cloud domain authorizes
CN107579980A (en) * 2017-09-07 2018-01-12 福州大学 Lightweight double call control system in medical Internet of Things
WO2020087876A1 (en) * 2018-10-30 2020-05-07 中国科学院信息工程研究所 Information circulation method, device and system
CN111556339A (en) * 2020-04-15 2020-08-18 长沙学院 Video information privacy protection system and method based on sensitive information measurement
CN113742779A (en) * 2021-09-18 2021-12-03 湖北工业大学 Service customization system and method with privacy protection function
CN115242490A (en) * 2022-07-19 2022-10-25 北京计算机技术及应用研究所 Group key secure distribution method and system under trusted environment

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107944299B (en) * 2017-12-29 2020-03-03 西安电子科技大学 Method, device and system for processing privacy information
CN108632035B (en) * 2018-05-17 2021-02-19 湖北工业大学 Inadvertent transmission system and method with access control

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1805341A (en) * 2006-01-11 2006-07-19 西安电子科技大学 Network authentication and key allocation method across secure domains
US20060168022A1 (en) * 2004-12-09 2006-07-27 Microsoft Corporation Method and system for processing a communication based on trust that the communication is not unwanted as assigned by a sending domain
CN101030858A (en) * 2007-02-09 2007-09-05 华中科技大学 Trust protocol based on hidden certificate
CN101771676A (en) * 2008-12-31 2010-07-07 华为技术有限公司 Setting and authentication method for cross-domain authorization and relevant device and system
CN101834853A (en) * 2010-04-02 2010-09-15 中国科学院软件研究所 Method and system for sharing anonymous resource
CN101997876A (en) * 2010-11-05 2011-03-30 重庆大学 Attribute-based access control model and cross domain access method thereof
CN102244660A (en) * 2011-07-12 2011-11-16 北京航空航天大学 Encryption method for realizing support of FGAC (Fine Grained Access Control)
CN102710623A (en) * 2012-05-23 2012-10-03 中国电力科学研究院 Intelligent grid electricity information privacy protection method based on multi-party interaction
CN102761551A (en) * 2012-07-09 2012-10-31 郑州信大捷安信息技术股份有限公司 System and method for multilevel cross-domain access control
CN102916954A (en) * 2012-10-15 2013-02-06 南京邮电大学 Attribute-based encryption cloud computing safety access control method

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060168022A1 (en) * 2004-12-09 2006-07-27 Microsoft Corporation Method and system for processing a communication based on trust that the communication is not unwanted as assigned by a sending domain
CN1805341A (en) * 2006-01-11 2006-07-19 西安电子科技大学 Network authentication and key allocation method across secure domains
CN101030858A (en) * 2007-02-09 2007-09-05 华中科技大学 Trust protocol based on hidden certificate
CN101771676A (en) * 2008-12-31 2010-07-07 华为技术有限公司 Setting and authentication method for cross-domain authorization and relevant device and system
CN101834853A (en) * 2010-04-02 2010-09-15 中国科学院软件研究所 Method and system for sharing anonymous resource
CN101997876A (en) * 2010-11-05 2011-03-30 重庆大学 Attribute-based access control model and cross domain access method thereof
CN102244660A (en) * 2011-07-12 2011-11-16 北京航空航天大学 Encryption method for realizing support of FGAC (Fine Grained Access Control)
CN102710623A (en) * 2012-05-23 2012-10-03 中国电力科学研究院 Intelligent grid electricity information privacy protection method based on multi-party interaction
CN102761551A (en) * 2012-07-09 2012-10-31 郑州信大捷安信息技术股份有限公司 System and method for multilevel cross-domain access control
CN102916954A (en) * 2012-10-15 2013-02-06 南京邮电大学 Attribute-based encryption cloud computing safety access control method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
李崴等: "基于SAML的联邦身份管理机制研究", 《全国第19届计算机技术与应用(CACIS)学术会议论文集(下册)》, 1 July 2008 (2008-07-01) *

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104468610B (en) * 2014-12-24 2017-10-27 北京智捷伟讯科技有限公司 A kind of credible measure suitable for emergency relief platform
CN104468610A (en) * 2014-12-24 2015-03-25 北京智捷伟讯科技有限公司 Credibility measuring method suitable for emergency rescue platform
CN104660583B (en) * 2014-12-29 2018-05-29 国家电网公司 A kind of cryptographic services method based on Web cryptographic services
CN104660583A (en) * 2014-12-29 2015-05-27 国家电网公司 Encryption service method based on Web encryption service
CN105681306A (en) * 2016-01-13 2016-06-15 华北水利水电大学 Spatial data security control system based on access mode protection
CN107360252A (en) * 2017-08-16 2017-11-17 上海海事大学 A kind of Data Access Security method that isomery cloud domain authorizes
CN107360252B (en) * 2017-08-16 2020-03-24 上海海事大学 Data security access method authorized by heterogeneous cloud domain
CN107579980A (en) * 2017-09-07 2018-01-12 福州大学 Lightweight double call control system in medical Internet of Things
WO2020087876A1 (en) * 2018-10-30 2020-05-07 中国科学院信息工程研究所 Information circulation method, device and system
CN111556339A (en) * 2020-04-15 2020-08-18 长沙学院 Video information privacy protection system and method based on sensitive information measurement
CN113742779A (en) * 2021-09-18 2021-12-03 湖北工业大学 Service customization system and method with privacy protection function
CN113742779B (en) * 2021-09-18 2024-03-22 湖北工业大学 Service customization system and method with privacy protection function
CN115242490A (en) * 2022-07-19 2022-10-25 北京计算机技术及应用研究所 Group key secure distribution method and system under trusted environment
CN115242490B (en) * 2022-07-19 2023-09-26 北京计算机技术及应用研究所 Group key secure distribution method and system in trusted environment

Also Published As

Publication number Publication date
CN103391192B (en) 2016-09-21

Similar Documents

Publication Publication Date Title
CN103391192A (en) Cross-safety-domain access control system and method based on privacy protection
CN103327002B (en) Based on the cloud memory access control system of attribute
Sun Privacy protection and data security in cloud computing: a survey, challenges, and solutions
Liang et al. PDPChain: A consortium blockchain-based privacy protection scheme for personal data
She et al. Homomorphic consortium blockchain for smart home system sensitive data privacy preserving
CN107864139B (en) Cryptographic attribute base access control method and system based on dynamic rules
CN104168108B (en) It is a kind of to reveal the traceable attribute base mixed encryption method of key
CN103179114A (en) Fine-grained access control method for data in cloud storage
CN105100083B (en) A kind of secret protection and support user&#39;s revocation based on encryption attribute method and system
CN104584509A (en) An access control method, a device and a system for shared data
Zhang et al. Data security sharing model based on privacy protection for blockchain‐enabled industrial Internet of Things
CN104780175A (en) Hierarchical classification access authorization management method based on roles
CN104935590A (en) HDFS access control method based on role and user trust value
CN102655508A (en) Method for protecting privacy data of users in cloud environment
CN103780393B (en) Virtual-desktop security certification system and method facing multiple security levels
CN111274599A (en) Data sharing method based on block chain and related device
CN106612271A (en) Encryption and access control method for cloud storage
Lan et al. A New Security Cloud Storage Data Encryption Scheme Based on Identity Proxy Re-encryption.
CN115426136A (en) Cross-domain access control method and system based on block chain
CN104184736B (en) A kind of method and system realizing secure cloud and calculate
Liu et al. Black-box accountable authority cp-abe scheme for cloud-assisted e-health system
Yan et al. Traceable and weighted attribute-based encryption scheme in the cloud environment
Huang et al. ZT-Access: A combining zero trust access control with attribute-based encryption scheme against compromised devices in power IoT environments
CN114398627A (en) Zero-trust-based power scheduling quantum password cloud application system and method
Wang et al. A role-based access control system using attribute-based encryption

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C41 Transfer of patent application or patent right or utility model
TA01 Transfer of patent application right

Effective date of registration: 20160425

Address after: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing

Applicant after: State Grid Corporation of China

Applicant after: China Electric Power Research Institute

Applicant after: State Grid Smart Grid Institute

Address before: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing

Applicant before: State Grid Corporation of China

Applicant before: China Electric Power Research Institute

CB02 Change of applicant information

Address after: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing

Applicant after: State Grid Corporation of China

Applicant after: China Electric Power Research Institute

Applicant after: GLOBAL ENERGY INTERCONNECTION RESEARCH INSTITUTE

Address before: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing

Applicant before: State Grid Corporation of China

Applicant before: China Electric Power Research Institute

Applicant before: State Grid Smart Grid Institute

COR Change of bibliographic data
C14 Grant of patent or utility model
GR01 Patent grant