CN103973698A - User access right revoking method in cloud storage environment - Google Patents

User access right revoking method in cloud storage environment Download PDF

Info

Publication number
CN103973698A
CN103973698A CN201410213922.0A CN201410213922A CN103973698A CN 103973698 A CN103973698 A CN 103973698A CN 201410213922 A CN201410213922 A CN 201410213922A CN 103973698 A CN103973698 A CN 103973698A
Authority
CN
China
Prior art keywords
data
user
request
token
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201410213922.0A
Other languages
Chinese (zh)
Other versions
CN103973698B (en
Inventor
李春花
周可
吴泽邦
魏荣磊
边泽明
杨勇
张彦哲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huazhong University of Science and Technology
Original Assignee
Huazhong University of Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huazhong University of Science and Technology filed Critical Huazhong University of Science and Technology
Priority to CN201410213922.0A priority Critical patent/CN103973698B/en
Publication of CN103973698A publication Critical patent/CN103973698A/en
Application granted granted Critical
Publication of CN103973698B publication Critical patent/CN103973698B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

本发明公开了一种云存储环境中用户权限回收的方法,解决现有云环境中用户权限回收时引起安全隐患和数据重加密带来的性能开销问题。包括:客户端进程,云存储系统进程和安全管理中心进程,云存储系统实现令牌链管理更新,通知安全管理中心分发密钥、令牌,对密文置入干扰块处理以及用户访问请求判断回复;安全管理中心实现用户注册、登录,权限授予、回收,密钥管理、分发,以及用户令牌分发。本发明利用令牌机制实现密文的干扰处理,采用立即回收机制,当回收用户权限时,立即更新令牌并对密文进行重干扰处理,解决了非立即回收机制中用户权限回收时引起的安全隐患。本方法无需对数据进行重加密处理,极大地减少了系统的性能开销。

The invention discloses a method for reclaiming user rights in a cloud storage environment, which solves the problem of potential safety hazards caused by reclaiming user rights in the existing cloud environment and performance overhead problems caused by data re-encryption. Including: client process, cloud storage system process and security management center process, cloud storage system implements token chain management update, notifies security management center to distribute keys and tokens, inserts interference blocks into ciphertext, and judges user access requests Reply; the security management center implements user registration, login, authority grant, recovery, key management, distribution, and user token distribution. The present invention utilizes the token mechanism to realize the interference processing of the ciphertext, and adopts the immediate recovery mechanism, when the user authority is recovered, the token is immediately updated and the ciphertext is re-interference processed, which solves the problem caused by the recovery of the user authority in the non-immediate recovery mechanism Security risks. This method does not need to re-encrypt the data, which greatly reduces the performance overhead of the system.

Description

一种云存储环境中的用户访问权限回收方法A method for reclaiming user access rights in a cloud storage environment

技术领域technical field

本发明属于计算机存储技术和信息安全技术领域,更具体地,涉及一种云存储环境中的用户访问权限回收方法。The invention belongs to the field of computer storage technology and information security technology, and more specifically relates to a method for reclaiming user access rights in a cloud storage environment.

背景技术Background technique

云存储系统在为用户提供数据存储和业务服务的同时,其云端数据的安全性一直是用户和企业管理者尤为关注的重要问题。为保障用户数据的私密性,当前的云存储安全框架一般是对数据进行加密存储,云服务提供商使用相应的访问控制策略来判断用户对该数据是否拥有合法的的访问权限,密钥的管理和分发由可信第三方负责。虽然这在一定程度上加强了云端数据的安全性,但密文存储的形式也会引发新的问题。当需要变更用户对某数据的访问权限时,为保证回收权限的用户持有该数据的密钥无效,一般的方案是对该数据进行重加密处理,然后进行密钥的更新与重新分发。由于云环境中用户规模庞大且用户权限可能频繁变更,数据的重加密和密钥的重分发将会带来极大的性能开销。如果将重加密放在用户上传数据时进行,由于用户执行上传数据操作时间是不确定的,导致数据的重加密时机也是不确定的,而这期间已被回收权限的用户依然可以访问该数据,可能出现回收权限用户恶意向系统写脏数据,此外此方案无法解决只读数据的重加密问题。While cloud storage systems provide users with data storage and business services, the security of cloud data has always been an important issue that users and business managers are particularly concerned about. In order to protect the privacy of user data, the current cloud storage security framework generally encrypts and stores data, and cloud service providers use corresponding access control policies to determine whether users have legitimate access rights to the data, key management and distribution by a trusted third party. Although this has strengthened the security of cloud data to a certain extent, the form of ciphertext storage will also cause new problems. When it is necessary to change the user's access authority to certain data, in order to ensure that the key held by the user who has revoked the authority is invalid, the general solution is to re-encrypt the data, and then update and redistribute the key. Due to the large number of users in the cloud environment and frequent changes in user permissions, re-encryption of data and redistribution of keys will bring huge performance overhead. If re-encryption is performed when the user uploads data, since the time when the user performs the upload data operation is uncertain, the timing of data re-encryption is also uncertain, and the user whose authority has been revoked during this period can still access the data. It may happen that the revoked authority user maliciously writes dirty data to the system. In addition, this solution cannot solve the re-encryption problem of read-only data.

发明内容Contents of the invention

针对现有技术的以上缺陷或改进需求,本发明提供了一种云存储环境中的用户访问权限回收方法,其目的在于,通过云端基于密文的掷乱处理,以实现用户权限的立即回收,以解决现有用户权限回收时引起的安全隐患以及对数据进行重加密引起极大性能开销的技术问题。Aiming at the above defects or improvement needs of the prior art, the present invention provides a method for reclaiming user access rights in a cloud storage environment, the purpose of which is to realize immediate reclaiming of user rights through ciphertext-based random processing in the cloud, In order to solve the security risks caused by the recovery of existing user rights and the technical problems of re-encryption of data causing huge performance overhead.

为实现上述目的,按照本发明的一个方面,提供了一种云存储环境中的用户访问权限回收方法,包括以下步骤:In order to achieve the above object, according to one aspect of the present invention, a method for reclaiming user access rights in a cloud storage environment is provided, including the following steps:

(1)客户端接收来自用户的数据操作请求,并判断该请求类型,读数据请求还是权限操作请求,如果是写数据请求,则转入步骤(2),如果是读数据请求,则转入步骤(6),如果是权限操作请求,则转入步骤(11);(1) The client receives a data operation request from the user and judges the type of the request, whether it is a read data request or a permission operation request. If it is a write data request, then go to step (2), if it is a read data request, go to Step (6), if it is a permission operation request, then proceed to step (11);

(2)客户端随机生成用于对写数据请求对应的数据进行加密的对称密钥,并向安全管理中心提交加密密钥请求;(2) The client randomly generates a symmetric key for encrypting the data corresponding to the write data request, and submits an encryption key request to the security management center;

(3)安全管理中心根据加密密钥请求确定该用户的合法性,并判断合法用户是否在写数据请求对应的数据所对应的权限回收列表中,若不在则获得该数据对应的加密密钥,并将该加密密钥返回给客户端;(3) The security management center determines the legitimacy of the user according to the encryption key request, and judges whether the legal user is in the permission recovery list corresponding to the data corresponding to the write data request, and if not, obtains the encryption key corresponding to the data, and return the encryption key to the client;

(4)客户端利用步骤(2)中生成的对称密钥,利用对称加密算法加密写数据请求对应的数据,以得到密文数据,利用接收到的加密密钥和公私钥加密算法加密生成的对称密钥,以得到密文密钥,将密文数据及密文密钥打包为密文数据包,并向云存储端发送写数据请求;(4) The client uses the symmetric key generated in step (2) to encrypt and write the data corresponding to the data request using the symmetric encryption algorithm to obtain the ciphertext data, which is encrypted using the received encryption key and the public-private key encryption algorithm Symmetric key to obtain the ciphertext key, pack the ciphertext data and the ciphertext key into a ciphertext data packet, and send a write data request to the cloud storage terminal;

(5)云存储端接收来自客户端的写数据请求,根据该写数据请求确定该用户的合法性,并在合法的用户对写数据请求对应的数据拥有写访问权限时随机生成一个令牌,并将该令牌作为写数据请求中的数据对应令牌链的链尾令牌,随机生成干扰块并按照令牌中制定的规则,将干扰块插入密文数据,并保存得到的数据;(5) The cloud storage terminal receives the write data request from the client, determines the legitimacy of the user according to the write data request, and randomly generates a token when the legal user has write access to the data corresponding to the write data request, and Use the token as the tail token of the token chain corresponding to the data in the write data request, randomly generate an interference block and insert the interference block into the ciphertext data according to the rules formulated in the token, and save the obtained data;

(6)客户端向云存储端发出读数据请求;(6) The client sends a read data request to the cloud storage terminal;

(7)云存储端根据来自客户端的读数据请求中的用户身份证书确定该用户的合法性,并在合法的用户拥有对该数据的读访问权限时将该数据返回给客户端,查找该数据对应的令牌链中的链尾令牌,向安全管理中心发送密钥请求;(7) The cloud storage terminal determines the legitimacy of the user according to the user identity certificate in the read data request from the client, and returns the data to the client when the legal user has read access to the data, and searches for the data The chain tail token in the corresponding token chain sends a key request to the security management center;

(8)安全管理中心根据该密钥请求判断用户是否在读数据请求对应的数据所对应的权限回收列表中,若不在则查找请求数据所对应的解密密钥,并将解密密钥、令牌返回给客户端,然后进入步骤(9),若存在,则向客户端返回客户端拒绝服务信息,然后过程结束;(8) The security management center judges whether the user is in the permission recovery list corresponding to the data corresponding to the read data request according to the key request, and if not, searches for the decryption key corresponding to the requested data, and returns the decryption key and token To the client, then enter step (9), if it exists, then return the client denial of service information to the client, and then the process ends;

(9)客户端等待并接收云存储端及安全管理中心返回的信息,若云存储端返回信息为请求的数据信息且安全管理中心返回信息为解密密钥及令牌,则转步骤(10),否则过程结束;(9) The client waits for and receives the information returned by the cloud storage terminal and the security management center. If the information returned by the cloud storage terminal is the requested data information and the information returned by the security management center is the decryption key and token, then go to step (10) , otherwise the process ends;

(10)客户端利用返回的令牌处理返回的数据,剔除数据中的干扰块,得到密文数据,利用返回的解密密钥解密返回数据中的密文密钥得到对称密钥,并利用对称密钥解密密文数据,以得到用户请求原始数据;(10) The client uses the returned token to process the returned data, removes the interference blocks in the data, and obtains the ciphertext data, uses the returned decryption key to decrypt the ciphertext key in the returned data to obtain the symmetric key, and uses the symmetric The key decrypts the ciphertext data to obtain the original data requested by the user;

(11)客户端向安全管理中心发出用户权限回收请求;(11) The client sends a user authority recovery request to the security management center;

(12)安全管理中心根据客户端用户权限回收请求验证用户身份证书,以判断用户是否合法,如果合法则转步骤(13),否则向客户端返回用户身份证书错误信息,然后过程结束;(12) The security management center verifies the user identity certificate according to the client user authority recovery request to judge whether the user is legal, if legal, then turn to step (13), otherwise return the user identity certificate error message to the client, and then the process ends;

(13)安全管理中心判断回收权限的用户是否在该用户权限回收请求对应数据ID所对应的权限回收列表中,若用户不在权限回收列表中,则将回收权限的用户ID插入权限回收列表,向云存储端发出用户权限回收请求,并向客户端返回用户权限回收成功信息,然后转入步骤(14);若用户在权限回收列表中,则向客户端返回该用户已在权限回收列表中提示信息;(13) The security management center judges whether the user who reclaims the authority is in the authority recovery list corresponding to the data ID corresponding to the user authority recovery request, if the user is not in the authority recovery list, then inserts the user ID of the recovery authority into the authority recovery list, and sends The cloud storage terminal sends out a user authority recovery request, and returns the user authority recovery success message to the client, and then proceeds to step (14); if the user is in the authority recovery list, then returns to the client a prompt that the user is already in the authority recovery list information;

(14)云存储端根据用户权限回收请求查找其中数据ID所对应的令牌链,并获得链尾令牌,利用获得的链尾令牌剔除数据ID所对应的数据中的干扰块,得到未经过干扰处理的密文数据,利用令牌生成规则,随机生成一把新的令牌,并将其加入令牌链,作为新的链尾令牌,随机生成干扰块并按照新令牌中制定的规则,将干扰块插入获得的密文数据,得到并保存新的干扰数据,并返回客户端用户权限回收成功信息。(14) The cloud storage terminal searches for the token chain corresponding to the data ID according to the user authority recovery request, and obtains the chain tail token, uses the obtained chain tail token to remove the interference block in the data corresponding to the data ID, and obtains The ciphertext data that has undergone interference processing, using the token generation rules, randomly generates a new token, and adds it to the token chain as a new chain end token, randomly generates interference blocks and follows the new token. According to the rules, the interference block is inserted into the obtained ciphertext data, the new interference data is obtained and saved, and the client user authority recycling success message is returned.

优选地,加密密钥请求包括用户身份证书、以及写数据请求对应的数据的ID号,写数据请求包括用户身份证书、打包后的密文数据、密文密钥、写数据请求对应的数据的元数据,读数据请求包括用户身份证书和读数据请求对应的数据的ID,用户权限回收请求包括用户身份证书、用户权限回收请求对应的数据的ID和回收权限的用户ID。Preferably, the encryption key request includes the ID number of the user identity certificate and the data corresponding to the write data request, and the write data request includes the user identity certificate, the packaged ciphertext data, the ciphertext key, and the ID number of the data corresponding to the write data request. Metadata, the read data request includes the user identity certificate and the ID of the data corresponding to the read data request, and the user authority recovery request includes the user identity certificate, the data ID corresponding to the user authority recovery request, and the user ID of the recovery authority.

优选地,步骤(3)包括以下子步骤:Preferably, step (3) includes the following substeps:

(3-1)安全管理中心根据加密密钥请求中的用户身份证书判断用户是否合法,如果合法则转入步骤(3-2),否则向用户返回请求失败信息,然后过程结束;(3-1) The safety management center judges whether the user is legal according to the user identity certificate in the encryption key request, and if it is legal, then proceeds to step (3-2), otherwise returns request failure information to the user, and then the process ends;

(3-2)安全管理中心判断该用户是否在写数据请求对应的数据所对应的权限回收列表中,若在则返回用户请求失败信息,否则转入步骤(3-3),其中若权限列表不存在则表示用户不在权限回收列表中;(3-2) The security management center judges whether the user is in the permission recovery list corresponding to the data corresponding to the write data request, and if so, returns the user request failure information, otherwise proceeds to step (3-3), wherein if the permission list If it does not exist, it means that the user is not in the permission recovery list;

(3-3)安全管理中心查找是否可以在本地密钥库中找到该数据对应的加密密钥,若找到则转入步骤(3-4),否则转入步骤(3-5);(3-3) The security management center searches whether the encryption key corresponding to the data can be found in the local key storehouse, if found, then proceeds to step (3-4), otherwise proceeds to step (3-5);

(3-4)安全管理中心将查找到的加密密钥返回给客户端,然后进入步骤(4);(3-4) The security management center returns the found encryption key to the client, and then enters step (4);

(3-5)安全管理中心根据该数据并利用公私钥加密机制随机生成并保存加密密钥,并将生成的加密密钥返回给客户端,然后进入步骤(4)。(3-5) The security management center randomly generates and saves an encryption key according to the data and uses a public-private key encryption mechanism, and returns the generated encryption key to the client, and then enters step (4).

优选地,还包括步骤:客户端在接收到来自安全管理中心的加密密钥后,向安全管理中心发送正确接收应答,Preferably, it also includes a step: after receiving the encryption key from the security management center, the client sends a correct reception response to the security management center,

优选地,步骤(5)包括以下子步骤:Preferably, step (5) includes the following sub-steps:

(5-1)云存储端接收来自客户端的写数据请求,验证用户身份证书,以判断用户是否合法,若非法则返回用户身份证书错误信息,然后过程结束;若合法则转步骤(5-2);(5-1) The cloud storage terminal receives the write data request from the client, verifies the user identity certificate to determine whether the user is legal, if not, returns the user identity certificate error message, and then the process ends; if legal, go to step (5-2) ;

(5-2)云存储端判断用户是否拥有对写数据请求对应的数据的写访问权限,若没有权限则返回用户无写访问权限信息,然后过程结束,若有写访问权限,则转步骤(5-3);(5-2) The cloud storage terminal judges whether the user has the write access right to the data corresponding to the write data request, and if not, returns the information that the user has no write access right, and then the process ends, if there is write access right, go to step ( 5-3);

(5-3)云存储端随机生成一个令牌,并将该令牌作为写数据请求中的数据对应令牌链的链尾令牌,随机生成干扰块并按照令牌中制定的规则,将干扰块插入密文数据,保存得到的数据,并向客户端返回用户写数据成功信息。(5-3) The cloud storage terminal randomly generates a token, and uses the token as the end token of the token chain corresponding to the data in the write data request, randomly generates an interference block and according to the rules formulated in the token, writes Interference block inserts ciphertext data, saves the obtained data, and returns user write data success information to the client.

优选地,步骤(7)包括以下子步骤:Preferably, step (7) includes the following sub-steps:

(7-1)云存储端根据来自客户端的读数据请求中的用户身份证书判断用户是否合法,如果合法则转步骤(7-2),否则向客户端返回用户身份证书错误信息,然后过程结束;(7-1) The cloud storage terminal judges whether the user is legal according to the user identity certificate in the read data request from the client, and if it is legal, then go to step (7-2), otherwise return the user identity certificate error message to the client, and then the process ends ;

(7-2)云存储端判断读数据请求对应的数据是否存在,若存在则转步骤(7-3),否则向客户端返回请求数据不存在信息,然后过程结束;(7-2) The cloud storage terminal judges whether the data corresponding to the read data request exists, and if so, proceeds to step (7-3), otherwise returns the request data non-existing information to the client, and then the process ends;

(7-3)云存储端判断用户是否拥有对该数据的读访问权限,若有则将该数据返回给客户端,查找该数据对应的令牌链中的链尾令牌,向安全管理中心发送密钥请求,该请求包括数据的ID、链尾令牌、用户身份证书;否则向客户端返回用户无读访问权限信息。(7-3) The cloud storage terminal judges whether the user has read access to the data, and if so, returns the data to the client, searches for the chain tail token in the token chain corresponding to the data, and reports to the security management center Send a key request, which includes the ID of the data, the chain tail token, and the user identity certificate; otherwise, return the user's non-read access permission information to the client.

总体而言,通过本发明所构思的以上技术方案与现有技术相比,能够取得下列有益效果:Generally speaking, compared with the prior art, the above technical solutions conceived by the present invention can achieve the following beneficial effects:

(1)可以实现用户权限的立即回收,避免由于用户权限回收可能出现的安全隐患,如在非立即回收机制中,回收权限的用户由于其依旧满足访问控制条件,依然可以对数据进行访问,甚至可以进行恶意的写脏数据;其次,用户权限回收时间的不确定性,会造成系统的安全漏洞;此外非立即回收机制无法解决只读数据重加密问题;(1) Immediate recovery of user rights can be realized, avoiding possible security risks due to the recovery of user rights. For example, in a non-immediate recovery mechanism, users who have recovered rights can still access data because they still meet the access control conditions, or even It is possible to maliciously write dirty data; secondly, the uncertainty of user authority recovery time will cause security holes in the system; in addition, the non-immediate recovery mechanism cannot solve the problem of re-encryption of read-only data;

(2)传统的用户权限回收机制中,不可避免的需要进行重加密操作,使回收权限用户的旧密钥失效以避免其利用旧密钥解密密文获得最新的数据。而本发明提出的干扰块处理方法,只需要对云端存储的密文数据利用随机生成的令牌中制定的规则,重新插入干扰块,对于回收权限用户由于无法获得最新的令牌,因此即便拥有旧密钥也无法解密得到原始数据。由于加密算法的性能瓶颈,因此重加密往往会带来极大的性能开销,而本发明利用密文数据的重新干扰处理,避免用户权限回收时的重加密问题,极大的减少了系统的性能开销;(2) In the traditional user authority recovery mechanism, it is inevitable to perform re-encryption operations to invalidate the old key of the authority recovery user to avoid using the old key to decrypt the ciphertext to obtain the latest data. However, the interference block processing method proposed by the present invention only needs to use the rules formulated in the randomly generated tokens for the ciphertext data stored in the cloud to re-insert the interference block. Since users with recovery rights cannot obtain the latest tokens, even if they have The old key also cannot be decrypted to get the original data. Due to the performance bottleneck of the encryption algorithm, re-encryption often brings great performance overhead. However, the present invention utilizes the re-interference processing of ciphertext data to avoid the re-encryption problem when user rights are reclaimed, and greatly reduces the performance of the system. overhead;

(3)本发明完全支持写数据请求,本发明的用户写数据请求和现在通用写数据流程区别在于云存储端数据保存时增加了一步,利用令牌对上传数据进行插入干扰块的处理,同理本发明也同样支持用户的数据其他访问请求,如删除、移动、重命名等请求。(3) The present invention fully supports the write data request. The difference between the user write data request of the present invention and the current general write data flow is that a step is added when the cloud storage end data is saved, and the uploaded data is inserted into an interference block using a token. The present invention also supports other access requests of the user's data, such as deletion, movement, renaming and other requests.

(4)本发明适用性广,并不局限于云环境系统,由于令牌的生成规则、密文数据的干扰处理与云存储系统都没有必然联系,因此对于任意一个存在用户权限回收的系统,本发明都将适用。(4) The present invention has wide applicability and is not limited to cloud environment systems. Since the generation rules of tokens and the interference processing of ciphertext data are not necessarily related to cloud storage systems, for any system that has user authority recovery, The present invention will apply to both.

附图说明Description of drawings

图1为本发明的流程示意图。Fig. 1 is a schematic flow chart of the present invention.

图2为客户端进程示意图。Figure 2 is a schematic diagram of the client process.

图3为云存储端进程示意图。FIG. 3 is a schematic diagram of a cloud storage terminal process.

图4为令牌结构示意图。Figure 4 is a schematic diagram of the token structure.

图5为令牌链结构示意图。Figure 5 is a schematic diagram of the token chain structure.

图6为干扰块结构示意图。Fig. 6 is a schematic diagram of the structure of an interference block.

图7为对密文数据进行干扰处理示意图。FIG. 7 is a schematic diagram of interference processing on ciphertext data.

图8为安全管理中心进程示意图。Fig. 8 is a schematic diagram of the process of the security management center.

图9为用户登录和读访问数据时序图。Figure 9 is a sequence diagram of user login and read access data.

图10为用户登录和写访问数据时序图。Figure 10 is a sequence diagram of user login and write access data.

图11为用户登录和回收用户权限时序图。Figure 11 is a sequence diagram of user login and recovery of user rights.

具体实施方式Detailed ways

为了使本发明的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。此外,下面所描述的本发明各个实施方式中所涉及到的技术特征只要彼此之间未构成冲突就可以相互组合。In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other.

以下首先就本发明的技术术语进行解释和说明:Below at first explain and illustrate with regard to the technical terms of the present invention:

原文件:指未加密的文件;Original file: refers to the unencrypted file;

身份证书:一种标志用户身份特征的数据结构,用于用户身份判断以及访问控制中判断用户是否拥有访问权限;Identity certificate: a data structure that marks the user's identity characteristics, used for user identity judgment and access control to judge whether the user has access rights;

对称密码机制:加密和解密采用相同的密钥,解密是加密的逆运算;Symmetric encryption mechanism: Encryption and decryption use the same key, and decryption is the inverse operation of encryption;

对称密钥:随机生成的二进制数据,用于对原文件加密或解密;Symmetric key: randomly generated binary data, used to encrypt or decrypt the original file;

加密文件:使用对称密钥对原文件采用对称密钥密码机制加密后得到的文件;Encrypted file: the file obtained by encrypting the original file with a symmetric key cryptography mechanism using a symmetric key;

完整性校验密钥:随机生成的二进制数据,用于对加密文件加密;Integrity verification key: Randomly generated binary data, used to encrypt encrypted files;

签名文件:使用完整性校验密钥,采用哈希函数对加密文件进行加密得到的二进制数据;Signature file: Binary data obtained by encrypting the encrypted file with an integrity verification key and using a hash function;

权限回收列表:记录回收权限的用户标识信息;Permission recovery list: record user identification information for recovery permissions;

干扰块:可自定义长度的二进制数据块;Interference block: a binary data block with a custom length;

令牌:记录插入加密文件中所有的干扰块的基本信息的数据结构,用于加密文件中插入或剔除干扰块;Token: a data structure that records the basic information of all interfering blocks inserted into the encrypted file, and is used to insert or remove interfering blocks in the encrypted file;

令牌链:由令牌组成的链式结构,其中链后面的令牌可以推导出之前的令牌,而之前的令牌无法推导出后面的令牌;Token chain: a chain structure composed of tokens, in which the tokens behind the chain can deduce the previous tokens, while the previous tokens cannot deduce the following tokens;

以下结合实施例和附图对本发明进一步说明。The present invention is further described below in conjunction with embodiment and accompanying drawing.

如图1所示,本发明包括客户端进程、云存储系统进程和安全管理中心进程,分别运行在分布式文件系统的客户端主机、认证端主机和云存储系统主机上。三个模块协同运行,其中客户端实现各种访问操作请求,包括登陆系统、读访问数据请求,写数据上传和回收用户权限,在客户端,读访问数据时,首先通过从安全管理中心接收的令牌剔除云存储系统返回数据中的干扰块,恢复密文,然后利用密钥进行解密得到原始数据;而写访问则是加密数据,密文上传;云存储系统实现令牌链管理更新,通知安全管理中心分发密钥、令牌,对密文置入干扰块处理以及用户访问请求判断回复;安全管理中心实现用户注册、登录,权限授予、回收,密钥管理和分发,以及用户令牌分发。As shown in Fig. 1, the present invention includes a client process, a cloud storage system process and a security management center process, which run on the client host, authentication host and cloud storage system host of the distributed file system respectively. The three modules work together, in which the client implements various access operation requests, including logging in to the system, reading access data requests, writing data uploads, and reclaiming user permissions. The token eliminates the interference block in the data returned by the cloud storage system, restores the ciphertext, and then uses the key to decrypt to obtain the original data; while the write access is encrypted data, and the ciphertext is uploaded; the cloud storage system implements token chain management update, notification The security management center distributes keys and tokens, inserts ciphertext into interference blocks, and judges and replies user access requests; the security management center implements user registration, login, authority granting, recycling, key management and distribution, and user token distribution .

本发明采用令牌链机制对用户上传的密文数据进行干扰处理,因此用户即便拥有解密密钥,在没有获得相应的令牌时,用户无法恢复密文数据,因此无法解密密文得到原始数据,从而避免了用户权限回收时必要的重加密操作。The present invention uses a token chain mechanism to interfere with the ciphertext data uploaded by the user, so even if the user has the decryption key, the user cannot restore the ciphertext data without obtaining the corresponding token, so the ciphertext cannot be decrypted to obtain the original data , thereby avoiding the necessary re-encryption operation when user rights are revoked.

令牌是一个包含干扰块生成及插入密文规则的数据结构,云端可以通过令牌对密文进行干扰处理;用户可以通过令牌将干扰处理后的数据中的干扰块剔除,从而恢复密文数据。令牌链,是由令牌组成的链式结构,其中链后面的令牌可以推出之前的令牌,而之前的令牌无法推出后面的令牌,其中链尾令牌为云端用于干扰处理密文数据的关键令牌,同时也是用户进行剔除干扰块处理的令牌。当用户权限回收时,只需要在令牌链上新生成一个链尾令牌,并利用新生成的令牌对密文数据进行重新干扰处理,即可实现用户权限的立即回收。The token is a data structure that includes interference block generation and ciphertext insertion rules. The cloud can use the token to interfere with the ciphertext; the user can use the token to remove the interference block from the interference-processed data to restore the ciphertext data. Token chain is a chain structure composed of tokens, in which the tokens behind the chain can launch the previous tokens, but the previous tokens cannot launch the following tokens, and the chain tail tokens are cloud-based for interference processing The key token of the ciphertext data is also the token for the user to remove interference blocks. When the user authority is revoked, it is only necessary to generate a new chain tail token on the token chain, and use the newly generated token to re-disturb the ciphertext data to realize the immediate reclaim of user authority.

如图1所示,本发明云存储环境中的用户访问权限回收方法包括以下步骤:As shown in Figure 1, the method for recovering user access rights in the cloud storage environment of the present invention includes the following steps:

(1)客户端接收来自用户的数据操作请求,并判断该请求类型,读数据请求还是权限操作请求,如果是写数据请求,则转入步骤(2),如果是读数据请求,则转入步骤(13),如果是权限操作请求,则转入步骤(20);(1) The client receives a data operation request from the user and judges the type of the request, whether it is a read data request or a permission operation request. If it is a write data request, then go to step (2), if it is a read data request, go to Step (13), if it is a permission operation request, then proceed to step (20);

(2)客户端随机生成用于对写数据请求对应的数据进行加密的对称密钥,并向安全管理中心提交加密密钥请求,该请求包括用户身份证书、以及写数据请求对应的数据的ID号;具体而言,本步骤是采用对称加密算法(如Advanced Encryption Standard,简称AES)生成密钥;(2) The client randomly generates a symmetric key for encrypting the data corresponding to the write data request, and submits an encryption key request to the security management center. The request includes the user identity certificate and the ID of the data corresponding to the write data request Specifically, this step is to use a symmetric encryption algorithm (such as Advanced Encryption Standard, referred to as AES) to generate a key;

(3)安全管理中心根据加密密钥请求中的用户身份证书判断用户是否合法,如果合法则转入步骤(4),否则向用户返回请求失败信息,然后过程结束;(3) The safety management center judges whether the user is legal according to the user identity certificate in the encryption key request, if legal then proceeds to step (4), otherwise returns request failure information to the user, and then the process ends;

(4)安全管理中心判断该用户是否在写数据请求对应的数据所对应的权限回收列表中,若在则返回用户请求失败信息,否则转入步骤(5),其中若权限列表不存在则表示用户不在权限回收列表中;(4) The security management center judges whether the user is in the permission recovery list corresponding to the data corresponding to the write data request, and if so, returns the user request failure information, otherwise, proceeds to step (5), wherein if the permission list does not exist, it means The user is not in the permission recovery list;

(5)安全管理中心查找是否可以在本地密钥库中找到该数据对应的加密密钥,若找到则转入步骤(6),否则转入步骤(7);(5) The security management center searches whether the encryption key corresponding to the data can be found in the local key storehouse, if found then proceeds to step (6), otherwise proceeds to step (7);

(6)安全管理中心将查找到的加密密钥返回给客户端,然后进入步骤(8);(6) The security management center returns the encryption key found to the client, and then enters step (8);

(7)安全管理中心根据该数据并利用公私钥加密机制随机生成并保存加密密钥,并将生成的加密密钥返回给客户端,然后转入步骤(8);具体而言,随机生成加密密钥是采用采用非对称加密机制,例如RSA算法;(7) According to the data, the security management center randomly generates and saves the encryption key using the public-private key encryption mechanism, returns the generated encryption key to the client, and then turns to step (8); specifically, randomly generates the encryption key The key is an asymmetric encryption mechanism, such as the RSA algorithm;

(8)客户端在接收到来自安全管理中心的加密密钥后向安全管理中心发送正确接收应答,并转步骤(9);(8) After receiving the encryption key from the security management center, the client sends a correct reception response to the security management center, and turns to step (9);

(9)客户端利用步骤(2)中生成的对称密钥,利用对称加密算法加密写数据请求对应的数据,以得到密文数据,然后利用(8)中接收到的加密密钥和公私钥加密算法加密步骤(2)中生成的对称密钥,以得到密文密钥,将密文数据及密文密钥打包为密文数据包,并向云存储端发送写数据请求,具体而言,写数据请求包括用户身份证书、打包后的密文数据、密文密钥、写数据请求对应的数据的元数据等;(9) The client uses the symmetric key generated in step (2) to encrypt the data corresponding to the write data request using a symmetric encryption algorithm to obtain ciphertext data, and then uses the encryption key and public-private key received in (8) The encryption algorithm encrypts the symmetric key generated in step (2) to obtain the ciphertext key, packs the ciphertext data and the ciphertext key into a ciphertext data packet, and sends a write data request to the cloud storage terminal, specifically , the write data request includes user identity certificate, packaged ciphertext data, ciphertext key, metadata of the data corresponding to the write data request, etc.;

(10)云存储端接收来自客户端的写数据请求,验证用户身份证书,以判断用户是否合法,若非法则返回用户身份证书错误信息,然后过程结束;若合法则转步骤(11);(10) The cloud storage terminal receives the write data request from the client, verifies the user identity certificate, to judge whether the user is legal, if it is illegal, then returns the user identity certificate error message, and then the process ends; if it is legal, then turn to step (11);

(11)云存储端判断用户是否拥有对写数据请求对应的数据的写访问权限,若没有权限则返回用户无写访问权限信息,然后过程结束,若有写访问权限,则转步骤(12);(11) The cloud storage terminal judges whether the user has the write access right to the data corresponding to the write data request, and if not, returns the information that the user has no write access right, and then the process ends, if there is a write access right, go to step (12) ;

具体而言,用户权限判断主要依赖于云存储端采用的访问控制策略,如基于身份的访问控制策略采用访问控制列表授予用户权限,若用户在访问控制列表中,则表示用户拥有读访问权限,否则表示用户没有读访问权限;Specifically, the judgment of user permissions mainly depends on the access control strategy adopted by the cloud storage terminal. For example, the identity-based access control strategy adopts the access control list to grant user permissions. If the user is in the access control list, it means that the user has read access permissions. Otherwise, the user does not have read access;

(12)云存储端随机生成一个令牌(token),并将该令牌作为写数据请求中的数据对应令牌链的链尾令牌,随机生成干扰块并按照令牌中制定的规则,将干扰块插入步骤(9)得到的密文数据,保存得到的数据,并向客户端返回用户写数据成功信息;具体而言,若令牌链不存在,则新建一条空令牌链,并将随机生成的令牌作为空令牌链的首令牌;(12) The cloud storage terminal randomly generates a token (token), and uses the token as the end token of the token chain corresponding to the data in the write data request, randomly generates an interference block and follows the rules formulated in the token, Insert the interference block into the ciphertext data obtained in step (9), save the obtained data, and return the user to write data success information to the client; specifically, if the token chain does not exist, create an empty token chain, and Use the randomly generated token as the first token of the empty token chain;

其中,云存储端判断并存储用户上传数据的过程结合实例作进一步说明:Among them, the process of judging and storing user uploaded data by the cloud storage terminal is further explained with examples:

设用户写数据请求对应的数据为Data,并假设用户拥有合法的访问权限,则云存储端首先是判断Data是否已经存在,即判断用户是写数据还是新上传数据,其中写数据由于令牌链已经存在,直接获得链尾令牌token即可;新上传数据则随机生成一个新的令牌token,并将其作为该数据对应的令牌链的第一个令牌;Assuming that the data corresponding to the user's write data request is Data, and assuming that the user has legal access rights, the cloud storage terminal first judges whether Data already exists, that is, judges whether the user is writing data or newly uploading data. If it already exists, you can directly obtain the token at the end of the chain; for newly uploaded data, a new token token will be randomly generated and used as the first token of the token chain corresponding to the data;

按照token制定原则,生成如图6的干扰块,并将干扰块插入用户上传数据,得到如图7所示的置入干扰块后的数据Data’并保存;According to the principle of token formulation, an interference block as shown in Figure 6 is generated, and the interference block is inserted into the data uploaded by the user, and the data Data' inserted into the interference block as shown in Figure 7 is obtained and saved;

(13)客户端向云存储端发出读数据请求,其中读数据请求包括用户身份证书和读数据请求对应的数据的ID;(13) The client sends a read data request to the cloud storage terminal, wherein the read data request includes the ID of the data corresponding to the user identity certificate and the read data request;

(14)云存储端根据来自客户端的读数据请求中的用户身份证书判断用户是否合法,如果合法则转步骤(16),否则向客户端返回用户身份证书错误信息,然后过程结束;(14) The cloud storage end judges whether the user is legal according to the user identity certificate in the read data request from the client, if legal then go to step (16), otherwise return the user identity certificate error message to the client, and then the process ends;

(15)云存储端判断读数据请求对应的数据是否存在,若存在则转步骤(16),否则向客户端返回请求数据不存在信息,然后过程结束;(15) The cloud storage terminal judges whether the data corresponding to the read data request exists, and if it exists, then turn to step (16), otherwise the request data does not exist information is returned to the client, and then the process ends;

(16)云存储端判断用户是否拥有对该数据的读访问权限,若有则将该数据返回给客户端,查找该数据对应的令牌链中的链尾令牌,向安全管理中心发送密钥请求,该请求包括数据的ID、链尾令牌、用户身份证书;否则向客户端返回用户无读访问权限信息;(16) The cloud storage terminal judges whether the user has the read access right to the data, and if so, returns the data to the client, searches for the chain tail token in the token chain corresponding to the data, and sends the password to the security management center. key request, the request includes the ID of the data, the chain tail token, and the user identity certificate; otherwise, return the user's non-read access permission information to the client;

具体而言,用户权限判断主要依赖于云存储端利采用的访问控制策略,如基于身份的访问控制策略采用访问控制列表授予用户权限,若用户在访问控制列表中,则表示用户拥有读访问权限,否则表示用户没有读访问权限;返回客户端的数据包括用户请求的数据、请求数据对应的密文密钥。Specifically, the judgment of user permissions mainly depends on the access control strategy adopted by the cloud storage terminal. For example, the identity-based access control strategy uses the access control list to grant user permissions. If the user is in the access control list, it means that the user has read access. , otherwise it means that the user does not have read access rights; the data returned to the client includes the data requested by the user and the ciphertext key corresponding to the requested data.

(17)安全管理中心根据该密钥请求判断用户是否在读数据请求对应的数据所对应的权限回收列表中,若不在(其中若权限回收列表不存在,亦表示用户不在权限回收列表中)则查找请求数据所对应的解密密钥,并将解密密钥、令牌返回给客户端,然后进入步骤(18),若存在,则向客户端返回客户端拒绝服务信息,然后过程结束(17) The security management center determines whether the user is in the permission recovery list corresponding to the data corresponding to the read data request according to the key request, and if not (if the permission recovery list does not exist, it also means that the user is not in the permission recovery list) then search Request the decryption key corresponding to the data, return the decryption key and token to the client, and then enter step (18), if it exists, return the client’s denial of service information to the client, and then the process ends

(18)客户端等待并接收云存储端及安全管理中心返回的信息,若云存储端返回信息为请求的数据信息且安全管理中心返回信息为解密密钥及令牌则转步骤(19),否则表示用户无权读取该请求数据,然后过程结束;(18) The client waits for and receives the information returned by the cloud storage terminal and the security management center. If the information returned by the cloud storage terminal is the requested data information and the information returned by the security management center is the decryption key and token, then go to step (19), Otherwise, it means that the user has no right to read the requested data, and then the process ends;

(19)客户端首先利用步骤(17)返回的令牌处理步骤(16)返回的数据,剔除数据中的干扰块,得到密文数据,利用步骤(17)返回的解密密钥解密步骤(16)返回数据中的密文密钥得到对称密钥,并利用对称密钥解密密文数据,以得到用户请求原始数据;(19) The client first uses the token returned by step (17) to process the data returned by step (16), removes the interference blocks in the data, and obtains the ciphertext data, and uses the decryption key returned by step (17) to decrypt step (16) ) return the ciphertext key in the data to obtain a symmetric key, and use the symmetric key to decrypt the ciphertext data to obtain the original data requested by the user;

下面结合实施例对获得云存储端及安全管理中心返回信息后的过程作进一步的说明:The process of obtaining the information returned by the cloud storage terminal and the security management center will be further described below in conjunction with the embodiments:

用户接收到云端返回的密文数据Data、密文密钥Enc(K AES)及其元数据metadata,接收到安全管理中心返回的解密密钥KS及令牌token;The user receives the ciphertext data Data, ciphertext key Enc (K AES ) and its metadata returned by the cloud, and receives the decryption key K S and token token returned by the security management center;

首先用户更具token中制定的干扰块插入规则,将Data中的干扰块去除,获得没有干扰块的数据Data’,如图7,剔除干扰块即为插入干扰块的逆过程;用户利用KS解密Enc(K AES)得到对称密钥K AES,以上两个步骤可以并行处理;然后用户利用KAES解密Data’便可得到请求的原始数据。First of all, the user has the interfering block insertion rules formulated in the token, removes the interfering blocks in Data, and obtains the data Data' without interfering blocks, as shown in Figure 7, removing the interfering blocks is the inverse process of inserting interfering blocks; the user uses K S Decrypt Enc(K AES ) to obtain the symmetric key K AES , and the above two steps can be processed in parallel; then the user can decrypt Data' with K AES to obtain the requested original data.

(20)客户端向安全管理中心发出用户权限回收请求,该用户权限回收请求包括用户身份证书、用户权限回收请求对应的数据的ID和回收权限的用户ID;(20) The client sends a user authority recovery request to the security management center, and the user authority recovery request includes the user identity certificate, the ID of the data corresponding to the user authority recovery request, and the user ID of the recovery authority;

(21)安全管理中心根据客户端用户权限回收请求验证用户身份证书,以判断用户是否合法,如果合法则转步骤(22),否则向客户端返回用户身份证书错误信息,然后过程结束(21) The security management center verifies the user identity certificate according to the client user authority recovery request to determine whether the user is legal, and if it is legal, then go to step (22), otherwise return the user identity certificate error message to the client, and then the process ends

(22)安全管理中心判断回收权限的用户是否在该用户权限回收请求对应数据ID所对应的权限回收列表中,若用户不在权限回收列表中,则将回收权限的用户ID插入权限回收列表,向云存储端发出用户权限回收请求,并向客户端返回用户权限回收成功信息,然后转入步骤(23),该用户权限回收请求包括该数据ID和回收权限的用户ID;若用户在权限回收列表中,则向客户端返回该用户已在权限回收列表中提示信息;若回收权限列表不存在则新建一个权限回收列表,具体新建权限回收列表方法可根据系统具体采用的访问控制策略来选定(如基于身份的访问控制中,采用访问控制列表ACL来实现),然后按照用户不在权限回收列表执行后续操作;(22) The safety management center judges whether the user who reclaims the authority is in the authority recovery list corresponding to the data ID corresponding to the user authority recovery request, if the user is not in the authority recovery list, then inserts the user ID of the recovery authority into the authority recovery list, and sends The cloud storage end sends out a user authority recovery request, and returns the user authority recovery success message to the client, and then proceeds to step (23), the user authority recovery request includes the data ID and the user ID of the recovery authority; if the user is in the authority recovery list , then return to the client the prompt information that the user has been in the permission recovery list; if the recovery permission list does not exist, then create a new permission recovery list, and the specific method of creating a new permission recovery list can be selected according to the access control strategy adopted by the system ( For example, in identity-based access control, the access control list (ACL) is used to implement), and then follow-up operations are performed according to the user's absence from the permission recovery list;

(23)云存储端根据用户权限回收请求查找其中数据ID所对应的令牌链,并获得链尾令牌;(23) The cloud storage terminal searches for the token chain corresponding to the data ID according to the user authority recovery request, and obtains the token at the end of the chain;

(24)云存储端利用(23)获得的链尾令牌剔除数据ID所对应的数据中的干扰块,得到未经过干扰处理的密文数据;利用令牌生成规则,随机生成一把新的令牌,并将其加入令牌链,作为新的链尾令牌,随机生成干扰块并按照新令牌中制定的规则,将干扰块插入获得的密文数据,得到并保存新的干扰数据;返回客户端用户权限回收成功信息。(24) The cloud storage terminal uses the chain tail token obtained in (23) to remove the interference block in the data corresponding to the data ID, and obtains the ciphertext data without interference processing; utilizes the token generation rule to randomly generate a new Token, and add it to the token chain as a new chain tail token, randomly generate interference blocks and insert the interference blocks into the obtained ciphertext data according to the rules formulated in the new token, and obtain and save new interference data ;Return the client user permission recovery success message.

具体而言,图2详细描述客户端进程示意图,图3为云存储端进程示意图,图8为安全管理中心进程示意图,三个进程协同合作,完成用户的操作请求,整体操作流程如图1所示。上述步骤(13)至(19)对应读数据请求,其时序图如图9所示;上述步骤(2)至(12)对应写数据请求,其时序图如图10所示;上述步骤(20)至(24)对应权限回收请求,其时序图如图11所示。Specifically, Figure 2 describes the schematic diagram of the client process in detail, Figure 3 is a schematic diagram of the cloud storage terminal process, and Figure 8 is a schematic diagram of the security management center process, the three processes cooperate to complete the user's operation request, the overall operation process is shown in Figure 1 Show. Above-mentioned steps (13) to (19) correspond to read data request, and its timing diagram is as shown in Figure 9; Above-mentioned steps (2) to (12) correspond to write data request, and its timing diagram is as shown in Figure 10; Above-mentioned steps (20 ) to (24) correspond to permission recovery requests, and their sequence diagram is shown in FIG. 11 .

此外图4至7表示令牌及令牌链的数据结构和令牌及干扰块的使用原则,针对上述步骤(12)、(24),本发明采用伪随机算法进行令牌链的构造,因此可实现令牌生成的不可预测性,上述步骤(12)、(19)、(24)利用令牌处理数据方法主要利用令牌定义的数据结构,图6、图7显示了根据令牌进行数据处理的过程。In addition Fig. 4 to 7 represent the data structure of token and token chain and the use principle of token and interference block, for above-mentioned steps (12), (24), the present invention adopts pseudo-random algorithm to carry out the structure of token chain, therefore The unpredictability of token generation can be realized. The above-mentioned steps (12), (19), and (24) use tokens to process data. The method mainly utilizes the data structure defined by tokens. Figures 6 and 7 show data processing based on tokens. The process of processing.

本领域的技术人员容易理解,以上所述仅为本发明的较佳实施例而已,并不用以限制本发明,凡在本发明的精神和原则之内所作的任何修改、等同替换和改进等,均应包含在本发明的保护范围之内。It is easy for those skilled in the art to understand that the above descriptions are only preferred embodiments of the present invention, and are not intended to limit the present invention. Any modifications, equivalent replacements and improvements made within the spirit and principles of the present invention, All should be included within the protection scope of the present invention.

Claims (6)

1.一种云存储环境中的用户访问权限回收方法,其特征在于,包括以下步骤: 1. A method for reclaiming user access rights in a cloud storage environment, characterized in that, comprising the following steps: (1)客户端接收来自用户的数据操作请求,并判断该请求类型,读数据请求还是权限操作请求,如果是写数据请求,则转入步骤(2),如果是读数据请求,则转入步骤(6),如果是权限操作请求,则转入步骤(11); (1) The client receives a data operation request from the user and judges the type of the request, whether it is a read data request or a permission operation request. If it is a write data request, then go to step (2), if it is a read data request, go to Step (6), if it is a permission operation request, then proceed to step (11); (2)客户端随机生成用于对写数据请求对应的数据进行加密的对称密钥,并向安全管理中心提交加密密钥请求; (2) The client randomly generates a symmetric key for encrypting the data corresponding to the write data request, and submits an encryption key request to the security management center; (3)安全管理中心根据加密密钥请求确定该用户的合法性,并判断合法用户是否在写数据请求对应的数据所对应的权限回收列表中,若不在则获得该数据对应的加密密钥,并将该加密密钥返回给客户端; (3) The security management center determines the legitimacy of the user according to the encryption key request, and judges whether the legal user is in the permission recovery list corresponding to the data corresponding to the write data request, and if not, obtains the encryption key corresponding to the data, and return the encryption key to the client; (4)客户端利用步骤(2)中生成的对称密钥,利用对称加密算法加密写数据请求对应的数据,以得到密文数据,利用接收到的加密密钥和公私钥加密算法加密生成的对称密钥,以得到密文密钥,将密文数据及密文密钥打包为密文数据包,并向云存储端发送写数据请求; (4) The client uses the symmetric key generated in step (2) to encrypt and write the data corresponding to the data request using a symmetric encryption algorithm to obtain ciphertext data, which is encrypted using the received encryption key and the public-private key encryption algorithm Symmetric key to obtain the ciphertext key, pack the ciphertext data and the ciphertext key into a ciphertext data packet, and send a write data request to the cloud storage terminal; (5)云存储端接收来自客户端的写数据请求,根据该写数据请求确定该用户的合法性,并在合法的用户对写数据请求对应的数据拥有写访问权限时随机生成一个令牌,并将该令牌作为写数据请求中的数据对应令牌链的链尾令牌,随机生成干扰块并按照令牌中制定的规则,将干扰块插入密文数据,并保存得到的数据; (5) The cloud storage terminal receives the write data request from the client, determines the legitimacy of the user according to the write data request, and randomly generates a token when the legal user has write access to the data corresponding to the write data request, and Use the token as the tail token of the token chain corresponding to the data in the write data request, randomly generate an interference block and insert the interference block into the ciphertext data according to the rules formulated in the token, and save the obtained data; (6)客户端向云存储端发出读数据请求; (6) The client sends a read data request to the cloud storage terminal; (7)云存储端根据来自客户端的读数据请求中的用户身份证书确定该用户的合法性,并在合法的用户拥有对该数据的读访问权限时将该数据返回给客户端,查找该数据对应的令牌链中的链尾令牌,向安全管理中心发送密钥请求; (7) The cloud storage terminal determines the legitimacy of the user according to the user identity certificate in the read data request from the client, and returns the data to the client when the legal user has read access to the data, and searches for the data The chain tail token in the corresponding token chain sends a key request to the security management center; (8)安全管理中心根据该密钥请求判断用户是否在读数据请求对应的数据所对应的权限回收列表中,若不在则查找请求数据所对应的解密密钥,并将解密密钥、令牌返回给客户端,然后进入步骤(9),若存在,则向客户端返回客户端拒绝服务信息,然后过程结束; (8) The security management center judges whether the user is in the permission recovery list corresponding to the data corresponding to the read data request according to the key request, and if not, searches for the decryption key corresponding to the requested data, and returns the decryption key and token To the client, then enter step (9), if it exists, then return the client denial of service information to the client, and then the process ends; (9)客户端等待并接收云存储端及安全管理中心返回的信息,若云存储端返回信息为请求的数据信息且安全管理中心返回信息为解密密钥及令牌,则转步骤(10),否则过程结束; (9) The client waits for and receives the information returned by the cloud storage terminal and the security management center. If the information returned by the cloud storage terminal is the requested data information and the information returned by the security management center is the decryption key and token, then go to step (10) , otherwise the process ends; (10)客户端利用返回的令牌处理返回的数据,剔除数据中的干扰块,得到密文数据,利用返回的解密密钥解密返回数据中的密文密钥得到对称密钥,并利用对称密钥解密密文数据,以得到用户请求原始数据; (10) The client uses the returned token to process the returned data, removes the interference blocks in the data, and obtains the ciphertext data, uses the returned decryption key to decrypt the ciphertext key in the returned data to obtain the symmetric key, and uses the symmetric The key decrypts the ciphertext data to obtain the original data requested by the user; (11)客户端向安全管理中心发出用户权限回收请求; (11) The client sends a user authority recovery request to the security management center; (12)安全管理中心根据客户端用户权限回收请求验证用户身份证书,以判断用户是否合法,如果合法则转步骤(13),否则向客户端返回用户身份证书错误信息,然后过程结束; (12) The security management center verifies the user identity certificate according to the client user authority recovery request to judge whether the user is legal, if legal, then turn to step (13), otherwise return the user identity certificate error message to the client, and then the process ends; (13)安全管理中心判断回收权限的用户是否在该用户权限回收请求对应数据ID所对应的权限回收列表中,若用户不在权限回收列表中,则将回收权限的用户ID插入权限回收列表,向云存储端发出用户权限回收请求,并向客户端返回用户权限回收成功信息,然后转入步骤(14);若用户在权限回收列表中,则向客户端返回该用户已在权限回收列表中提示信息; (13) The security management center judges whether the user who reclaims the authority is in the authority recovery list corresponding to the data ID corresponding to the user authority recovery request, if the user is not in the authority recovery list, then inserts the user ID of the recovery authority into the authority recovery list, and sends The cloud storage terminal sends out a user authority recovery request, and returns the user authority recovery success message to the client, and then proceeds to step (14); if the user is in the authority recovery list, then returns to the client a prompt that the user is already in the authority recovery list information; (14)云存储端根据用户权限回收请求查找其中数据ID所对应的令牌链,并获得链尾令牌,利用获得的链尾令牌剔除数据ID所对应的数据中的干扰块,得到未经过干扰处理的密文数据,利用令牌生成规则,随机生成一把新的令牌,并将其加入令牌链,作为新的链尾令牌,随机生成干扰块并按照新令牌中制定的规则,将干扰块插入获得的密文数据,得到并保存新的干扰数据,并返回客户端用户权限回收成功信息。 (14) The cloud storage terminal searches for the token chain corresponding to the data ID according to the user authority recovery request, and obtains the chain tail token, uses the obtained chain tail token to remove the interference block in the data corresponding to the data ID, and obtains The ciphertext data that has undergone interference processing, using the token generation rules, randomly generates a new token, and adds it to the token chain as a new chain end token, randomly generates interference blocks and follows the new token. According to the rules, the interference block is inserted into the obtained ciphertext data, the new interference data is obtained and saved, and the client user authority recycling success message is returned. 2.根据权利要求1所述的用户访问权限回收方法,其特征在于, 2. The method for recovering user access rights according to claim 1, wherein: 加密密钥请求包括用户身份证书、以及写数据请求对应的数据的ID号; The encryption key request includes the user identity certificate and the ID number of the data corresponding to the write data request; 写数据请求包括用户身份证书、打包后的密文数据、密文密钥、写数据请求对应的数据的元数据; The write data request includes the user identity certificate, the packaged ciphertext data, the ciphertext key, and the metadata of the data corresponding to the write data request; 读数据请求包括用户身份证书和读数据请求对应的数据的ID; The read data request includes the user identity certificate and the ID of the data corresponding to the read data request; 用户权限回收请求包括用户身份证书、用户权限回收请求对应的数据的ID和回收权限的用户ID。 The user right revocation request includes the user identity certificate, the ID of the data corresponding to the user right revocation request, and the user ID of the revocation right. 3.根据权利要求1所述的用户访问权限回收方法,其特征在于,步骤(3)包括以下子步骤: 3. The method for recovering user access rights according to claim 1, wherein step (3) comprises the following sub-steps: (3-1)安全管理中心根据加密密钥请求中的用户身份证书判断用户是否合法,如果合法则转入步骤(3-2),否则向用户返回请求失败信息,然后过程结束; (3-1) The safety management center judges whether the user is legal according to the user identity certificate in the encryption key request, and if it is legal, then proceeds to step (3-2), otherwise returns request failure information to the user, and then the process ends; (3-2)安全管理中心判断该用户是否在写数据请求对应的数据所对应的权限回收列表中,若在则返回用户请求失败信息,否则转入步骤(3-3),其中若权限列表不存在则表示用户不在权限回收列表中; (3-2) The security management center judges whether the user is in the permission recovery list corresponding to the data corresponding to the write data request, and if so, returns the user request failure information, otherwise proceeds to step (3-3), wherein if the permission list If it does not exist, it means that the user is not in the permission recovery list; (3-3)安全管理中心查找是否可以在本地密钥库中找到该数据对应的加密密钥,若找到则转入步骤(3-4),否则转入步骤(3-5); (3-3) The security management center searches whether the encryption key corresponding to the data can be found in the local key storehouse, if found, then proceeds to step (3-4), otherwise proceeds to step (3-5); (3-4)安全管理中心将查找到的加密密钥返回给客户端,然后进入步骤(4); (3-4) The security management center returns the found encryption key to the client, and then enters step (4); (3-5)安全管理中心根据该数据并利用公私钥加密机制随机生成并保存加密密钥,并将生成的加密密钥返回给客户端,然后进入步骤(4)。 (3-5) The security management center randomly generates and saves an encryption key according to the data and uses a public-private key encryption mechanism, and returns the generated encryption key to the client, and then enters step (4). 4.根据权利要求1所述的用户访问权限回收方法,其特征在于,还包括步骤:客户端在接收到来自安全管理中心的加密密钥后,向安全管理中心发送正确接收应答。 4. The method for reclaiming user access rights according to claim 1, further comprising the step of: after receiving the encryption key from the security management center, the client sends a correct reception response to the security management center. 5.根据权利要求1所述的用户访问权限回收方法,其特征在于,步骤(5)包括以下子步骤: 5. The method for reclaiming user access rights according to claim 1, wherein step (5) comprises the following sub-steps: (5-1)云存储端接收来自客户端的写数据请求,验证用户身份证书, 以判断用户是否合法,若非法则返回用户身份证书错误信息,然后过程结束;若合法则转步骤(5-2); (5-1) The cloud storage terminal receives the write data request from the client and verifies the user identity certificate to determine whether the user is legal. If it is illegal, it returns the error message of the user identity certificate, and then the process ends; if it is legal, go to step (5-2) ; (5-2)云存储端判断用户是否拥有对写数据请求对应的数据的写访问权限,若没有权限则返回用户无写访问权限信息,然后过程结束,若有写访问权限,则转步骤(5-3); (5-2) The cloud storage terminal judges whether the user has the write access right to the data corresponding to the write data request, and if not, returns the information that the user has no write access right, and then the process ends. If there is write access right, go to step ( 5-3); (5-3)云存储端随机生成一个令牌,并将该令牌作为写数据请求中的数据对应令牌链的链尾令牌,随机生成干扰块并按照令牌中制定的规则,将干扰块插入密文数据,保存得到的数据,并向客户端返回用户写数据成功信息。 (5-3) The cloud storage terminal randomly generates a token, and uses the token as the end token of the token chain corresponding to the data in the write data request, randomly generates an interference block and according to the rules formulated in the token, writes Interference block inserts ciphertext data, saves the obtained data, and returns user write data success information to the client. 6.根据权利要求1所述的用户访问权限回收方法,其特征在于,步骤(7)包括以下子步骤: 6. The method for recovering user access rights according to claim 1, wherein step (7) comprises the following sub-steps: (7-1)云存储端根据来自客户端的读数据请求中的用户身份证书判断用户是否合法,如果合法则转步骤(7-2),否则向客户端返回用户身份证书错误信息,然后过程结束; (7-1) The cloud storage terminal judges whether the user is legal according to the user identity certificate in the read data request from the client, and if it is legal, then go to step (7-2), otherwise return the user identity certificate error message to the client, and then the process ends ; (7-2)云存储端判断读数据请求对应的数据是否存在,若存在则转步骤(7-3),否则向客户端返回请求数据不存在信息,然后过程结束; (7-2) The cloud storage terminal judges whether the data corresponding to the read data request exists, and if so, proceeds to step (7-3), otherwise returns the request data non-existing information to the client, and then the process ends; (7-3)云存储端判断用户是否拥有对该数据的读访问权限,若有则将该数据返回给客户端,查找该数据对应的令牌链中的链尾令牌,向安全管理中心发送密钥请求,该请求包括数据的ID、链尾令牌、用户身份证书;否则向客户端返回用户无读访问权限信息。 (7-3) The cloud storage terminal judges whether the user has read access to the data, and if so, returns the data to the client, searches for the chain tail token in the token chain corresponding to the data, and reports to the security management center Send a key request, which includes the ID of the data, the chain tail token, and the user identity certificate; otherwise, return the user's non-read access permission information to the client.
CN201410213922.0A 2014-05-19 2014-05-19 User access right revoking method in cloud storage environment Active CN103973698B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410213922.0A CN103973698B (en) 2014-05-19 2014-05-19 User access right revoking method in cloud storage environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410213922.0A CN103973698B (en) 2014-05-19 2014-05-19 User access right revoking method in cloud storage environment

Publications (2)

Publication Number Publication Date
CN103973698A true CN103973698A (en) 2014-08-06
CN103973698B CN103973698B (en) 2017-01-25

Family

ID=51242744

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410213922.0A Active CN103973698B (en) 2014-05-19 2014-05-19 User access right revoking method in cloud storage environment

Country Status (1)

Country Link
CN (1) CN103973698B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104901968A (en) * 2015-06-10 2015-09-09 华中科技大学 Method for managing and distributing secret keys in secure cloud storage system
CN104935588A (en) * 2015-06-12 2015-09-23 华中科技大学 A Hierarchical Key Management Method for Secure Cloud Storage System
CN107612910A (en) * 2017-09-19 2018-01-19 北京邮电大学 A kind of distributed document data access method and system
CN109218295A (en) * 2018-08-22 2019-01-15 平安科技(深圳)有限公司 Document protection method, device, computer equipment and storage medium
CN111222034A (en) * 2019-12-31 2020-06-02 湖南华菱涟源钢铁有限公司 Data mobile display method and device and cloud server
CN112818404A (en) * 2021-02-26 2021-05-18 青岛大学 Data access permission updating method, device, equipment and readable storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101383702A (en) * 2008-10-06 2009-03-11 中兴通讯股份有限公司 Method and system protecting cipher generating parameter in tracing region updating
CN103326999A (en) * 2012-12-14 2013-09-25 无锡华御信息技术有限公司 File safety management system based on cloud service
CN103441844A (en) * 2013-07-31 2013-12-11 南京神盾信息技术有限公司 Data safety and intranet monitoring system based on cloud storage

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101383702A (en) * 2008-10-06 2009-03-11 中兴通讯股份有限公司 Method and system protecting cipher generating parameter in tracing region updating
CN103326999A (en) * 2012-12-14 2013-09-25 无锡华御信息技术有限公司 File safety management system based on cloud service
CN103441844A (en) * 2013-07-31 2013-12-11 南京神盾信息技术有限公司 Data safety and intranet monitoring system based on cloud storage

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
陈杰: "《基于属性的分布式存储安全访问控制技术》", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104901968A (en) * 2015-06-10 2015-09-09 华中科技大学 Method for managing and distributing secret keys in secure cloud storage system
CN104901968B (en) * 2015-06-10 2018-01-05 华中科技大学 A kind of key management distribution method in safe cloud storage system
CN104935588A (en) * 2015-06-12 2015-09-23 华中科技大学 A Hierarchical Key Management Method for Secure Cloud Storage System
CN104935588B (en) * 2015-06-12 2017-11-24 华中科技大学 A kind of hierarchical encryption management method of safe cloud storage system
CN107612910A (en) * 2017-09-19 2018-01-19 北京邮电大学 A kind of distributed document data access method and system
CN109218295A (en) * 2018-08-22 2019-01-15 平安科技(深圳)有限公司 Document protection method, device, computer equipment and storage medium
CN111222034A (en) * 2019-12-31 2020-06-02 湖南华菱涟源钢铁有限公司 Data mobile display method and device and cloud server
CN111222034B (en) * 2019-12-31 2023-05-16 湖南华菱涟源钢铁有限公司 Data mobile display method and device and cloud server
CN112818404A (en) * 2021-02-26 2021-05-18 青岛大学 Data access permission updating method, device, equipment and readable storage medium
CN112818404B (en) * 2021-02-26 2022-11-04 青岛大学 Data access permission updating method, device, equipment and readable storage medium

Also Published As

Publication number Publication date
CN103973698B (en) 2017-01-25

Similar Documents

Publication Publication Date Title
TWI744371B (en) Data storage method, data acquisition method, device and system
US8856530B2 (en) Data storage incorporating cryptographically enhanced data protection
US9424400B1 (en) Digital rights management system transfer of content and distribution
US8831218B2 (en) Digital rights management system and methods for provisioning content to an intelligent storage
CN103731395B (en) The processing method and system of file
CN101689240B (en) Information security device and information security system
CN104009987B (en) Fine-grained cloud platform security access control method based on user identity capacity
US20140019753A1 (en) Cloud key management
CN103973698B (en) User access right revoking method in cloud storage environment
US20100005318A1 (en) Process for securing data in a storage unit
CA2616981C (en) System and method for managing encrypted content using logical partitions
US20150143107A1 (en) Data security tools for shared data
CN101605137A (en) Safe distribution file system
US10630474B2 (en) Method and system for encrypted data synchronization for secure data management
CN113545021B (en) Registration of pre-authorized devices
CN105227566A (en) Cipher key processing method, key handling device and key handling system
CN103812927A (en) Storage method
WO2013013581A1 (en) Document right management method, apparatus and system
US20100161974A1 (en) Master terminal capable of registering and managing terminals of personal use scope, and method and system using the same
US10902093B2 (en) Digital rights management for anonymous digital content sharing
CN111191217A (en) A password management method and related device
CN101300776A (en) Decryption method and apparatus using external device or service and revocation mechanism, and decryption support method and apparatus
CN107425959A (en) A kind of method for realizing encryption, system, client and service end
US10740478B2 (en) Performing an operation on a data storage
CN101281579B (en) The method and apparatus of the digital content in protection USB mass storage device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant