A kind of based on secret protection across security domain access control system and control method thereof
Technical field
The present invention relates to control system and the control method thereof of information security field, be specifically related to a kind of based on secret protection
Access control system and control method thereof across security domain.
Background technology
Along with computer technology, the fast development of network technology and application popularization, the scattered multiple tissues in region achieve
Carried out by computer network that Remote Dynamic is mutual and cooperative work, network ecommerce, E-Government, online research
The application model of main flow is progressively become Deng activity.The extensive information system application of network cross-domain many tissues has opening
Property, the feature of distributivity, dynamic, the most cross-domain access controls to present distribution of resource, movable dynamic, main body
Can not the feature such as awareness.How in cross-domain access control, resource to ISP control effectively and protects simultaneously
The privacy of service requester becomes one of important study hotspot of information security field.
In Distributed access control model, the information announcings such as a large amount of attributes generally provide to service by service requester
Person, in order to ISP gives service requester authority according to attribute information according to control strategy.But a large amount of attribute informations
Disclosure easily cause privacy leakage, this brings hidden danger and risk to service requester.Therefore, research accesses control across security domain
Method processed, thus protect the privacy information of service requester to be significant in multiple domain interoperability environment.
At present, beam-based alignment model uses and accesses control UCON (Usage Control) is to access control
Important research direction, field, traditional access control is extended by UCON, defines mandate, obligation and condition three decision
Sexual factor, proposes simultaneously and accesses the seriality and two important attribute of transmutability controlled.In traditional access controls, authorize
Decision-making judged before accessing operation execution, and accessed in control in the modern times, had relatively long-term lasting resource to make
With or cancel immediately resources use right limit application requirement, these are required for during the use of whole resource access request
Monitoring in real time, this feature is referred to as " seriality ".Additionally, in traditional access controls, attribute can only be by management row
For being just modified, but in numerous applications, these attributes have to be modified, for variable genus because of the behavior of main body
Property renewal be likely to occur in use resource before, it may occur however that use during, it is also possible to occur make to be finished in resource
After one-tenth, this feature is referred to as " transmutability ".Seriality controls and variable attribute makes authorization decision based on history be easier to
Implement.
The safety evaluating access control model includes three aspect confidentiality, integrity and availability.Wherein, confidentiality
Refer to that guarantee information is not leaked to unauthorized person;Integrity refers to prevent arbitrarily generating, revise and deleting information, it is ensured that letter
Cease and be delivered to the real stay of two nights and not reproducible without distortions from real information source;Availability guarantee information system should be at any time for awarding
Power user provides service, prevents the refusal service caused due to virus, assault and is utilized by enemy.In order to solve distribution
In formula access control model, main body verifies that object identity, communication port resource safe and reliable, object checking main body offer is complete
The safety problem such as true, to use a series of access control policy, it is achieved the access of safety controls when design system.Existing
In Distributed access control mechanism, a large amount of attributes are disclosed to resource owner with this gain access by service requester, this
A little attributes typically include substantial amounts of privacy information, in cross-domain safe access control environment, it is impossible to carry out service requester
Effective secret protection.
Summary of the invention
For the deficiencies in the prior art, the present invention provides a kind of based on secret protection across security domain access control system,
Another object is to provide a kind of based on secret protection across security domain access control method, and the present invention solves to access control across security domain
Service requester privacy leakage problem in system, the control method of the present invention is a kind of tactic method, and the application of the invention carries
The technical scheme of confession can realize the secret protection of service requester, reduces information announcing degree, stops sensitive information leakage, real
The personal secrets of existing service requester.
It is an object of the invention to use following technical proposals to realize:
The present invention provides a kind of based on secret protection across security domain access control system, and it thes improvement is that, described
System includes authorization server, ISP and service requester, described authorization server respectively with service requester kimonos
Business supplier carries out data interaction, described service requester and ISP and carries out data interaction.
Wherein, service requester mandate is assigned by described authorization server, provides service requester and ISP
The public and private key distribution of both sides, and security domain is accessed control process and Privacy Preservation Mechanism merges;Described authorization service
Device includes cipher key store, attribute library and policy library.
Wherein, described cipher key store is for preserving mandate PKI and the encryption key of ISP of service requester;Institute
State attribute library storage service provider module and the attribute information of service supplicant module;Described policy library is for storing system
Decision strategy;Cipher key store, attribute library, policy library are provided with increasing preservation information, delete, search, backup functionality.
Wherein, described ISP is the passive entity accessed by the regulation acceptance subject of authority set;Including strategy
Extraction module and encrypting module;
Described strategy extraction module carries out strategy extraction by sending object attribute;Described encrypting module has been responsible for information
Encrypted work, comprise the access control policy to resource settings.
Wherein, described service requester is the active entities having ISP and using authority, including authorized application
Module and deciphering module;
Described authorized application module carries out authority application by sending body attribute;Described deciphering module has been responsible for information
Decryption work.
The present invention based on another object provide a kind of based on secret protection across security domain access control method, its improve
Part is, described method uses Privacy Preservation Mechanism, comprises the steps:
(1) based on secret protection across security domain access control system initialization;
(2) service requester sends the mark ID request authorized certificate of oneself to authorization server;
(3) property set that authorization server has according to service requestor identifications ID Analysis Service requestor;
(4) authorization server calculates and authorizes decruption key component to be sent to service requester;
(5) ISP sends all properties mark relevant to local policy to authorization server;
(6) authorization server calculates encryption policy encryption key component and is sent to ISP;
(7) service requester initiates service request to ISP;
(8) ISP calculates the mandate decruption key component of service requester, and randomly selects intermediate variable, makes u
=H3(σ,m);
(9) ISP extracts policy expression according to request resource identification, and determines first ancestral's number of ciphertext;
(10) determine ciphertext, and send the resource response information through encryption to service requester;
(11) service requester extracts policy expression from resource response information, determines first ancestral's number of ciphertext simultaneously, and
Judge whether first first ancestral's number of ciphertext belongs to addition cyclic group;
(12) service requester constructs key according to policy expression, chooses the combinations of attributes meeting strategy subitem;
(13) service requester double counting, and verify U=uP?
(14) service requester is with the output of decruption key component in plain text.
Wherein, in described step (1), system initialization is completed by authorization server, including: given security parameter k ∈ Z+,
Input k produces Big prime q, selects to meet super unusual elliptic curve E/GF (p) that BDH problem is difficult to resolve, generates two by E/GF (p)
Individual rank are the group G of q1And G2, G1For addition cyclic group, G2For multiplication loop group, bilinear mapRandom choosing
Take intermediate variable P ∈ G1;Choose random numberAnd hash functionH2:G2→{0,1}n,n∈Z+、H4:{0,1}n→{0,1}n, (n ∈ Z+);
Structure plaintext space M={0,1}nAnd the cryptogram spaceSystematic parameter is Wherein, master key is
Wherein, in described step (2), ID is in the range of ID ∈ { 0,1} for mark*;In described step (3), described property set
With { a1,a2,...,amRepresent.
Wherein, in described step (4), authorization server calculatesWithWill collection
CloseIt is sent to service requester, setBe authorization server be distributed to service please
The mandate decruption key component of the person of asking, under meeting access control policy premise, (access control policy is that resource owner is formulated
, with this algorithm does not has much relations, it is simply that formulate: the user possessing what attribute can access possess what attribute
Resource, belongs to the policy development category of access control method UCON) deciphering security information.
Wherein, in described step (5), described attribute-bit { a1,a2,...,anRepresent.
Wherein, in described step (6), authorization server calculatesWill setIt is sent to
ISP, setIt is authorization server and is distributed to the mandate encryption key component of ISP;G1
Representing that super unusual hyperbola produces addition cyclic group, P represents the intermediate variable randomly selected, P ∈ G1;Represent that calculating mandate adds
The formula factor of decryption key component.
Wherein, in described step (7), described service request represents with<ID, SID>, and wherein SID is resource identification.
Wherein, in described step (8), ISP calculates the mandate decruption key component of service requesterAnd randomly select intermediate variable σ ∈ (0,1)n, make u=H3(σ,m)。
Wherein, in described step (9), ISP extracts policy expression { a according to request resource identification SIDi,1∧...∧
ai,m(each component of this expression formula refers to attribute, and which type of combinations of attributes representative must possess could obtain access right
Limit), first ancestral's number of ciphertext is determined respectively for each policy expressionIts
In:Represent encryption component.
There is a lot of policy expression for each resource, meet any one policy expression and can obtain corresponding power
Limit, each component of this expression formula refers to the corresponding ciphertext unit ancestral's component calculated for each policy expression,
All ciphertext unit ancestrals that all of policy expression calculates collectively constitute ciphertext.
Wherein, in described step (10), positive integer is chosenDetermine ciphertext (This is an XOR),
I=1 ..., k, send the resource response information<Ploicy, C>through encryption to service requester;Represent hash function H3
Hash space;Ploicy is the access strategy of resource.
Wherein, in described step (11), first ancestral's number of ciphertext C is k, makes C=< U, V1,...,Vk, W >, when the first of ciphertext
Individual unit ancestral's number belongs to addition cyclic group, i.e.Then proceed to step (12);When first first ancestral's number of ciphertext is not belonging to addition
Cyclic group, i.e.Then refuse ciphertext.
Wherein, in described step (12), the combinations of attributes of strategy subitem
The coefficient of decruption key component and encryption key component is all with { a1,a2,...,amRepresent, above limit the use of n, m and represent, represent
The number of attribute, will not confusion reigned because attribute is universal formulation, some properties user and service side can have
, property set is decruption key component and the coefficient of encryption key component,Represent encryption component,Represent deciphering component.
Wherein, in described step (13), service requester double counting
U=H3(σ m), verifies U=uP, if U=uP, is then proved to be successful, proceeds to step (14);Otherwise refuse ciphertext;U represents encryption
First tuple of ciphertext C.
Wherein, described step (2)-step (4) and step (5)-step (6) are concurrency relation.
Compared with the prior art, the present invention reaches to provide the benefit that:
The control method that the present invention provides is a kind of method of tactic, by a kind of new based on secret protection across peace
Universe access control method, solves service requester privacy leakage problem in security domain accesses control, it is achieved service request
The secret protection of person, reduces information announcing degree, stops sensitive information leakage, it is achieved the personal secrets of service requester.Specifically
:
1, authorization server module:
Authorization server module includes cipher key store, attribute library, policy library three part.Cipher key store saves service requester
Authorize PKI and the encryption key of ISP.The attribute information of attribute library storage system each side.Strategy library storage system
Decision strategy.Cipher key store, attribute library, policy library are provided with increasing preservation information, delete, search, backup etc. is basic
Function, effectively meets the requirement accessed during control information source.
2, Service provider module:
Service provider module includes strategy extraction module and encrypting module.Strategy extraction module is by sending object
Attribute carries out strategy extraction.Encrypting module has been responsible for the encrypted work of information, contains the access to resource settings and controls plan
Slightly.Strategy is lain in encryption key by the encryption processing operation of ISP, has contained the access to resource settings and has controlled
Rule, data have also been obtained safely and are effectively protected simultaneously.
3, service requester module:
Service carries and includes authorized application module and deciphering module in supplicant module.Authorized application module is main by sending
Body attribute carries out authority application.Deciphering module has been responsible for the decryption work of information, and the concordance being equivalent to access in control is tested
Card process.Individual mandate is assigned and is lain in decruption key by the decryption processes of service requester, has contained access control
The consistency desired result of the attribute that system strategy and user are had, decryption oprerations completes and accesses the consistency checking controlled.
4, Privacy preserving algorithms:
Authorized certificate is successfully mapped by Privacy preserving algorithms with decruption key component, and constructs with policy expression
Encryption key component, the decruption key that and if only if encryption key that requestor has is corresponding can be deciphered, and has reached full
Foot requestor makes the safe mesh of the acquisition applicant information that ISP is the fewest while obtaining legitimate access rights
Mark.Privacy preserving algorithms system initialization, authorize assign, strategy customization, encryption, in message recovery and proof procedure,
Complete to access across security domain to control and the fusion of Privacy Preservation Mechanism, it is achieved that the protection to requestor's privacy information, solve
Service requester privacy leakage problem in security domain accesses control.
Accompanying drawing explanation
Fig. 1 be the present invention provide based on secret protection across security domain access Control system architecture figure;
Fig. 2 is the flow chart across security domain access control method based on secret protection that the present invention provides.
Detailed description of the invention
Below in conjunction with the accompanying drawings the detailed description of the invention of the present invention is described in further detail.
Privacy Preservation Mechanism is on the basis of using access control model, in conjunction with Identity based encryption technology, it is achieved cross-domain
Access the privacy controlled.Present mechanism is divided into five parts: at system initialization, mandate appointment, strategy customization and response, encryption
Reason, message recovery and checking.Present mechanism carrys out Descriptive strategies expression formula with attribute boolean's argument, policy expression is converted into and extracts
Normal form, forms the mapping between access control decision and strategy Boolean expression value.Strategy is lain in public affairs by ISP
In key being encrypted information, message is decrypted by requestor with containing the decruption key authorizing appointment, request that and if only if
Person has private key corresponding to encrypted public key and can decipher.Present mechanism does not reveal user sensitive information, and the service that effectively protects please
The privacy of the person of asking.
Based on secret protection across security domain access control method mainly consider of both problem: (1) access control system
System structure design;(2) Privacy Preservation Mechanism design.Privacy Preservation Mechanism design main contents include system initialization, public and private key
Extract, encrypt, four stages such as deciphering.Privacy Preservation Mechanism design refers mainly to the design of privacy algorithm flow, and main consideration authorizes clothes
The appointment to authorizing of the business device, the distribution of private key, PKI problem and encryption, the decryption problems such as distribution, complete the one of strategy
Straightforward verification and the secret protection of requestor.
One, system structure:
The based on secret protection of present invention offer accesses Control system architecture figure as it is shown in figure 1, include three across security domain
Individual part, authorization server module, Service provider module and service supplicant module.In figure, authorization server is native system
Core: authorization server considers to authorize service requester appointment, public and private to service requester and ISP both sides
The problems such as key distribution, will access control process and Privacy Preservation Mechanism merges across security domain.The present invention is visiting across security domain
Ask that control proposes Privacy Preservation Mechanism in mutual, effectively protect the hidden of under security domain access controlled environments service requester
Private.Authorization server carries out data interaction, service requester and ISP with service requester and ISP respectively
Carry out data interaction.
It is given below and illustrates:
Authorization server module: authorization server module includes cipher key store, attribute library, policy library three part.Cipher key store
Save the authorization key of service requester and the encryption key of ISP.Attribute library attribute information storage.Strategy stock
The decision strategy of storage system, policy library is based on mandate, obligation and three decision factors of condition, and combines seriality and variable genus
Property, design a set of Policy model accessing and controlling.Cipher key store, attribute library, policy library be provided with increasing preservation information,
Delete, search, the basic function such as backup.
Service provider module: Service provider module is the passive reality accessed by the regulation acceptance subject of authority set
Body (i.e. object).Object can be Workflow system is used information, file, the aggregation such as record, it is also possible to be on network
Hardware device, the terminal etc. in radio communication.Service provider module includes strategy extraction module and encrypting module.Strategy
Extraction module carries out strategy extraction.Encrypting module has been responsible for the encrypted work of information, contains the access control to resource settings
System strategy.
Service requester module: service requester module is that ISP can have some master using authority
Dynamic entity (i.e. main body).The implication of main body is very extensive, can be the tissue (user's group) at user place, user itself, it is also possible to
Be user use terminal, card machine, handheld terminal (wireless) etc., it might even be possible to be application services or process.Clothes
Business carries and includes authorized application module and deciphering module in supplicant module.Authorized application module carries out authority application, wherein, main
Body attribute is the attribute that access decision process uses, and identifies new medicine and feature, is the important ginseng in authority decision making process
Number, service requester needs periodically or non-periodically to be updated to authorization server the attribute information of oneself by authorized application module.
Deciphering module has been responsible for the decryption work of information, is equivalent to access the consistency checking process in control.
Privacy preserving algorithms: Privacy preserving algorithms is in system initialization, mandate appointment, strategy customization, encryption, message
Recover and in proof procedure, complete to access across security domain to control and the fusion of Privacy Preservation Mechanism.
Two, method flow:
1, system initialization:
System initialization is completed by authorization server, by a given security parameter k ∈ Z+, produce a Big prime q,
Two rank of generation are the group G of q simultaneously1、G2With a bilinear mapThen a random number is chosenWith four hash functions H2:G2→{0,1}n,n∈Z+、 H4:
{0,1}n→{0,1}n, construct plaintext space M={0,1}nAnd the cryptogram space
2, authorization server module:
Authorize assign completed by authorization server, service requester in order to obtain implement resource access time mandate with
Card, it is necessary to authorization server application bill, by the mark ID ∈ { 0,1} of oneself*To authorization server, authorization server passes through
Property set { a that Analysis Service requestor has1,a2,...,am, calculate the mandate decruption key component of service requester
Strategy extracts and is also completed by authorization server, and ISP, in order to obtain access control policy, needs to mandate
Server carries out strategy extraction, by sending all properties mark { a relevant with local policy to authorization server1,a2,...,
anAuthorized server calculate mandate encryption key component
3, Service provider module
The resource request<ID, SID>that service requester is sent by Service provider module, by being encrypted place by data
Service requester it is transferred to after reason.ISP calculatesAnd randomly select σ ∈ (0,1)n, allow u=
H3(σ m), then chooses a positive integerRelative strategy expression formula { a is extracted according to resource SIDi,1∧...∧ai,m,
Calculate respectively for each policy expressionThen ciphertext is calculated
4, service requester module:
Service requester module receives the cipher-text information that ISP sends, and uses the decruption key of oneself to solve
Close.Service requester extracts policy expression from resource response information, determines first ancestral number k of ciphertext C simultaneously, makes C=U,
V1,...,Vk, W, ifThen refuse ciphertext.IfThen construct key according to policy expression, choose symbol
Close the combinations of attributes of strategy subitem,Double counting Checking U=uP?If, U=uP, it is proved to be successful,
Otherwise refuse ciphertext, if being proved to be successful, the plaintext M that output ciphertext C is corresponding.
5, Privacy preserving algorithms:
Privacy preserving algorithms is divided into system initialization, authorizes appointment, strategy customization, encryption, message recovery and checking
Deng five processes, control and the fusion of Privacy Preservation Mechanism by completing the execution of five processes to access across security domain.
The flow chart across security domain access control method based on secret protection that the present invention provides is as in figure 2 it is shown, include
Following step:
(1) system initialization, a given security parameter k ∈ Z+, input k produces a Big prime q, selects one to meet
Super unusual elliptic curve E/GF (p) that BDH problem is difficult to resolve, generates, by E/GF (p), the group G that two rank are q1、G2, G1For addition
Cyclic group, G2For multiplication loop group, a feasible bilinear mapRandomly select a P ∈ G1.Choosing
Take a random number With four hash functions H4:{0,1}n→{0,1}n, construct plaintext space M={0,1}nAnd the cryptogram space Now, systematic parameter is Wherein, master key
For
(2) service requester sends the mark ID ∈ { 0,1} of oneself to authorization server*To authorization server;
(3) authorization server analyzes, according to service requester ID, the property set { a that this service requester has1,a2,...,
am};
(4) authorization server calculates With Will set
It is sent to service requester, setBe authorization server be distributed to service requester mandate deciphering close
Key component, legitimate service requestor passes through these bills, deciphers security information under meeting access control policy premise;
(5) ISP sends all properties mark { a relevant to local policy to authorization server1,a2,...,
anGive authorization server;
(6) authorization server calculatesWill setIt is sent to ISP, setIt is authorization server and is distributed to the mandate encryption key component of ISP;
(7) service requester initiates service request<ID, SID>to ISP, and wherein SID is resource identification;
(8) ISP calculatesAnd randomly select σ ∈ (0,1)n, allow u=H3(σ,m);
(9) ISP extracts relative strategy expression formula { a according to resource SIDi,1∧...∧ai,m, this expression formula
Each component refer to attribute, which type of combinations of attributes representative must possess could gain access;For each
Policy expression calculates respectively
(10) positive integer is chosen Calculate ciphertext The resource response<Ploicy, C>through encryption is sent to service requester;This
Individual is an XOR,Represent the hash space of hash function H3;Ploicy is the access strategy of resource.
(11) service requester extracts policy expression from resource response information, determines first ancestral number k of ciphertext C simultaneously,
Make C=< U, V1,...,Vk, W >, ifThen refuse ciphertext;
(12) service requester constructs key according to policy expression, chooses the combinations of attributes meeting strategy subitem,
(13) service requester double countingU=H3(σ m), tests
Card U=uP?If, U=uP, it is proved to be successful, proceeds to step (14), otherwise refuse ciphertext;σ and m is the intermediate variable calculated, u
=H3(σ, m) for map, in this algorithm many encryption and decryption computing formula principles utilize based on discrete logarithm difficult problem
Encipher-decipher method;
U represents first tuple of encrypted cipher text C.During encryption, encipherer utilizes first of formula U=uP calculating ciphertext
Then unit ancestral number U sends ciphertext, and deciphering person utilizes private key again to calculate uP to see the most consistent with ciphertext, if unanimously representing ciphertext
Can deciphering;The purpose judged is the concordance utilizing bilinear map Property Verification encryption and decryption.
(14) service requester is with the output of decruption key component in plain text.
The present invention uses Privacy preserving algorithms, system initialization, authorize assign, strategy customization, encryption, message extensive
In multiple and proof procedure, complete to access across security domain to control and the fusion of Privacy Preservation Mechanism, reduce information announcing degree, stop
Sensitive information leakage, it is achieved the personal secrets of service requester.
Finally should be noted that: above example is only in order to illustrate that technical scheme is not intended to limit, to the greatest extent
The present invention has been described in detail by pipe with reference to above-described embodiment, and those of ordinary skill in the field are it is understood that still
The detailed description of the invention of the present invention can be modified or equivalent, and any without departing from spirit and scope of the invention
Amendment or equivalent, it all should be contained in the middle of scope of the presently claimed invention.