CN105721146B - A kind of big data sharing method towards cloud storage based on SMC - Google Patents

A kind of big data sharing method towards cloud storage based on SMC Download PDF

Info

Publication number
CN105721146B
CN105721146B CN201610121114.0A CN201610121114A CN105721146B CN 105721146 B CN105721146 B CN 105721146B CN 201610121114 A CN201610121114 A CN 201610121114A CN 105721146 B CN105721146 B CN 105721146B
Authority
CN
China
Prior art keywords
user
key
csp
sub
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610121114.0A
Other languages
Chinese (zh)
Other versions
CN105721146A (en
Inventor
王良民
周游
汤金娥
杨桢栋
潘森杉
邬海琴
姜涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
JIANGSU ZHUOYI INFORMATION TECHNOLOGY Co.,Ltd.
Original Assignee
Jiangsu University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu University filed Critical Jiangsu University
Priority to CN201610121114.0A priority Critical patent/CN105721146B/en
Publication of CN105721146A publication Critical patent/CN105721146A/en
Application granted granted Critical
Publication of CN105721146B publication Critical patent/CN105721146B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes

Abstract

The present invention discloses a kind of big data sharing method towards cloud storage based on SMC, including with the next stage: (1) initializing, which includes encryption and upload, the AA initialization and three processes of user's registration of the complete paired data of DO;(2) secret division, the stage allow DO by key κiIt is divided intoWithIt is taken care of respectively by AA (temporary), DO, CSP;(3) it inquires, system allows User to send inquiry request to CSP, and after AA verifies user property, AA is sentTo User, then CSP send ciphertext data andTo User, last User restores key κiAnd decrypt ciphertext.The present invention can either allow User directly to obtain shared data from the end CSP, and dramatically mitigate DO in the workload of data sharing process;Method can also verify the attribute of User, to ensure that legal User could obtain data.

Description

A kind of big data sharing method towards cloud storage based on SMC
Technical field
The present invention relates to cloud storage technologies, and in particular to a kind of big data sharing method towards cloud storage based on SMC.
Background technique
With bringing for big data era, explosive growth is being presented in data.For personal or enterprise, deposit Storage, the limited PC of calculated performance, mobile phone or enterprise's private services device are no longer satisfied demand.People start to select By big data storage to cloud.
However under cloud environment, data are uploaded to cloud service provider by data owner, in order to guarantee sensitive data Confidentiality, data owner will be uploaded to again cloud service provider after data encryption.Although encryption can guarantee the secret of data Property, but the quality of cloud service is reduced to a certain extent.
Data sharing is a very important function in cloud storage.In order to mitigate the workload of data owner, data Owner allows authorized user directly to download ciphertext data from cloud service provider end, and formulates different solutions for specific user Close scheme.But data owner is necessary for different users and formulates different decryption schemes, and may leakage during this The privacy of data owner.
Confidentiality in order to protect data, prevents incredible CSP from peeping and analyzing data, and DO first will be in data encryption again It is transmitted to CSP.In order to give data sharing to specific user, DO is necessary for each user and formulates special encipherment scheme, then will solution Close encryption key distribution is to user, but the encryption overhead of DO is very big under this scheme.
A kind of ideal scheme, which is that all data are unified, to be encrypted, but distributes different keys for different user, and each User can only decrypt the data of his Internet access.Also known as based on encryption attribute (Attribute-Based Encryption, ABE) Fuzzy Identity based encryption (Fuzzy Identity-Based Encryption), be it is a kind of based on user property plus Close scheme.ABE is there are two important branch: key strategy based on encryption attribute (Key-Policy Attribute-Based Encryption, KP-ABE) and Ciphertext policy based on encryption attribute (Ciphertext-Policy Attribute-Based Encryption, CP-ABE).Either KP-ABE or CP-ABE includes four main process initialization, encryptions, key It generates and decrypts.In key generation process, ABE requires DO to be directed to the different attribute of user, generates for each user different Key, therefore, DO must be always maintained at online in entire data sharing process, and the expense of DO is bigger.
It is proxy re-encryption (ProxyRe- that another kind, which can effectively realize the scheme that big data is shared under cloud environment, Encryption, PRE).We by one simply example introduce her public key PK of PRE:AliceAEncrypt his Photo, and the CSP not exclusively trusted is uploaded to by safe lane.When she go on business not when, she wants his photo The public key for sharing to her good friend Bob, Bob is PKB, but Alice is not desired to again by her private key SKAIt is leaked to Bob.PRE permits Perhaps Alice provides a re-encrypted private key RKA→BTo CSP, CSP can use RKA→BRe-encrypted PKAEncrypted ciphertext, and will Ciphertext is transformed into the private key SK that can use BobBThe ciphertext of decryption, and confidential data will not be exposed in this process and any had Close private key SKAAnd SKBAny information.But in PRE, DO needs to generate different re-encrypted private key RK, DO for different users Communication and computing cost it is larger.
The data of encryption are uploaded to CSP by DO, and the available key ciphertext data of legal user obtains plaintext value.But General data sharing is all integrally to encrypt data, then shares to User, and this way is easy to expose the privacy of DO.For Solution this problem, Cheng-Kang Chu et al. provide data-sharing scheme expansible in a kind of cloud storage (below Abbreviation Key-Aggregate), scheme allows DO to carry out block encryption storage to data.In order to avoid the privacy and volume of exposure DO The encryption key of multiple piecemeals is aggregated into the aggregation key of a fixed size by outer information, Key-Aggregate scheme, hair User is given, had not only protected the privacy of DO in this way, but also reduces the communication overhead between DO and User to a certain extent.? In Key-Aggregate scheme, DO needs to generate different aggregation keys for the different data sharing request of different User, therefore The communication overhead and calculating cost of DO is all bigger.
Summary of the invention
Goal of the invention: it is an object of the invention to solve the deficiencies in the prior art, one kind is provided towards cloud storage Big data sharing method based on SMC, method provided by the invention are built upon on encipherment scheme, are held to the key of encryption Big data secret sharing of the row based on SMC, not only may be implemented privacy sharing, but also can allow DO from the extensive work of data sharing It is detached from.
Technical solution: a kind of big data sharing method towards cloud storage based on SMC of the present invention, successively include with Lower step:
(1) initialize: the encryption and upload of the complete paired data of DO, AA is initialized and user's registration;
(2) secret division: secret is divided into three parts by (2,3) threshold secret sharing scheme by DO:WithWhereinBe sent to AA temporarily and be save,It is sent to CSP, DO storageWherein, i.e. κi∈ K, 1≤i≤n;
(3) it inquires: User shared data.
Further, the detailed process of the step (1) are as follows:
(1-1) DO with existing Encryption Algorithm (such as SDB and protection encryption etc.) encryption data and uploads ciphertext first To CSP, DO is each key κi∈ K generates Key ID, corresponding Sub-Key IDs and access authority tree T;
User access control table is sent to believable attribute certification authority AA by (1-2) AA initialization, DO, and user accesses control It include Key ID and access authority tree T in tabulation;
(1-3) user's registration allows user UiApplication for registration is sent to CA, CA is each user UiDistribution one unique Identity Uidi, CA is to AA sending attribute logging request, and AA is according to the role or identity of user come distributive property collection SiTo user Ui, and property set is returned into CA, CA generates the Uid comprising user identityiWith property set SiCertificateCA Certificate is sent to user U by exit passagewayi
Further, in the step (2), for κi, the secret division point of participant's set P={ User, CSP, DO } For the following three steps:
(2-1) DO is by all key κi∈ K is encoded into ACSII code, and the purpose done so is in order to meet all data types Data;
(2-2) sets t=2, n=3, determines a three-dimensional vector X={ x1,x2,x3, DO is by xiDistribute to pi∈ P, and xi Value be disclosed;
(2-3) DO is randomly chosen a coefficient a1, then three order polynomial Pi(x) it is respectively defined as P1(x)=a1x1+ a0, P2(x)=a1x2+a0, P3(x)=a1x3+a0, polynomial value is the sub-secret Sub-Key after dividing;DO is each Sub-Key generates a Sub-Key ID at random, and establishes concordance list, and two of them Sub-Key and Sub-Key ID is random CSP and User are distributed in ground, and the Sub Key of User is kept in by AA, and concordance list is sent to CSP by DO.
Further, in the step (3) User shared data detailed process are as follows:
(3-1) user User sends inquiry request Query to CSP;
After (3-2) CSP receives request, it is related to the cipher key sets QK of data for Query, after search index table, will will include κiThe attribute checking request of Key ID and Sub-Key IDs be sent to AA;
(3-3) AA inquires UACL table and verifies user property, if user property is legal, AA willIt is sent to user User, and transmit verification result to CSP;
(3-4) if what CSP received is that attribute is verified, CSP is corresponding by ciphertext data and Sub-Key IDsIt is sent to User;If what is received is not pass through, it is illegal that CSP returns to user property;
(3-5) User is receivedWithκ is calculated using Lagrange interpolating function afterwardsi, User is by κiASCII Code translates into plaintext value.
Further, in the step (3-3), when AA inquires user access control table verifying user property, judge its category Property whether meet corresponding permission access tree T, each key accesses tree T with permission and is associated in user access control table, the root of T Node isSpecific verification step is as follows:
(3-3-1) judges S if x is the leaf node of TiWhether property set S is belonged to, ifThenIf Si∈ S, then
(3-3-2) if x is not the leaf node of T, first calculateWherein x ' is the child node of x, 1 is returned and if only if at least kxA child node returns to 1;
(3-3-3) ifSo user User is legal;IfSo user User is illegal.
Further, in the step (3-5), User is receivedWithAfterwards, restore key if meeting threshold value 2 κi
Assuming that vector X={ x1,x2,x3, x1、x2And x3It is randomly generated, such as x1=20, x2=10, x3=30, User holds x1, CSP holds x2, DO holds x3, User holds there are two polynomial valueSo according to the following formula available κiSolution are as follows:
The utility model has the advantages that the present invention can either allow User directly to obtain shared data from the end CSP, and dramatically subtract Workload of the light DO in data sharing process;Method can also verify the attribute of User, can be obtained with ensuring legal User Access evidence.
Detailed description of the invention
Fig. 1 is the schematic diagram of access authority tree T in embodiment;
Fig. 2 is embodiment system architecture diagram;
Fig. 3 is initialization and the secret division phase flow figure of embodiment, wherein step 1-6 is initial phase, step 7-9 is the secret division stage;
Fig. 4 is inquiry phase architecture diagram in embodiment;
Fig. 5 is the flow chart of inquiry phase in embodiment.
Specific embodiment
Technical solution of the present invention is described in detail below, but protection scope of the present invention is not limited to the implementation Example.
Big data sharing method towards cloud storage based on SMC of the invention includes following three phases:
(1) initialize: the encryption and upload of the complete paired data of DO, AA is initialized and user's registration.
As shown in figure 3, ciphertext with existing Encryption Algorithm encryption data and is uploaded to CSP first by (1-1) DO.DO is every A key κi∈ K generates Key ID, corresponding Sub-Key IDs and access authority tree T.
(1-2) AA initialization.User access control table (UACL) is sent to believable attribute certification authority AA, UACL by DO It is shown in Table 1, UACL contains Key ID and access authority tree T;Wherein, access authority tree T defines the access structure of key. Assuming that key κiAccess authority tree TiAs shown in Figure 1, so user UiAttribute SiIt must satisfy Si={ A } or Si=B, C, D } or Si={ E, F }, could restore κiValue.
(1-3) user's registration.System allows user UiApplication for registration is sent to CA, CA is each user UiDistribution one is only One identity Uidi, CA issues attribute logging request to AA, and AA is according to the role of user
Or identity carrys out distributive property collection SiGive user Ui, and property set is returned into CA, CA is generated comprising user identity UidiWith property set SiCertificateCertificate is sent to user U by exit passageway by CAi
(2) secret division: DO passes through (2,3) threshold secret sharing scheme for secret (i.e. κi∈ K) it is divided into three parts:WithWhereinBe sent to AA temporarily and be save,It is sent to CSP, oneself storageFor κi, ginseng Be divided into the secret division of person's set P={ User, CSP, DO } the following three steps:
(2-1) DO is by all key κi∈ K is encoded into ACSII code (the translater coding in Fig. 2).The purpose done so is Meet the data of all data types.
(2-2) sets us and sets t=2, n=3.Determine a three-dimensional vector X={ x1,x2,x3}.DO is by xiDistribute to pi∈ P, and xiValue be disclosed.
(2-3) DO is randomly chosen a coefficient a1.So three order polynomial Pi(x) P can be defined as1(x)= a1x1+a0, P2(x)=a1x2+a0, P3(x)=a1x3+a0, polynomial value is the sub-secret Sub-Key after dividing.DO is every A Sub-Key generates a Sub-Key ID at random, and establishes concordance list (2) IndexTable is shown in Table, by two of them Sub- Key and Sub-Key ID is randomly assigned to CSP and User (the Sub Key of User is kept in by AA).Concordance list is sent to by DO CSP。
(3) it inquires: the process of User shared data (see Fig. 4).Inquiry phase is divided into following five steps:
(3-1) user User sends inquiry request Query to CSP.
After (3-2) CSP receives request, first analyzes Query and be related to the cipher key sets QK of data, search index table It (IndexTable) will include κ afteriThe attribute checking request of Key ID and Sub-Key IDs be sent to AA.
(3-3) AA inquires UACL table and verifies user property, if user property is legal, AA willIt is sent to user User, and CSP is transmitted verification result to, when AA inquires UACL table verifying user property, judge whether its attribute meets correspondence Permission access tree T.Each key accesses tree T with permission and is associated in UACL, and the root node of T isSpecific verification process It is as follows:
(3-3-1) judges S if x is the leaf node of TiWhether property set S is belonged to.IfThenIf Si∈ S, then
(3-3-2) if x is not the leaf node of T, first calculateWherein x ' is the child node of x, 1 is returned and if only if at least kxA child node returns to 1.
(3-3-3) ifSo user User is legal;IfSo user User is illegal.
(3-4) if what CSP received is that attribute is verified, CSP is corresponding by ciphertext data and Sub-Key IDsIt is sent to User;If what is received is not pass through, it is illegal that CSP returns to user property.
(3-5) User is receivedWithκ is calculated using Lagrange interpolating function afterwardsi, User is by κiASCII Code translates into plaintext value (the translater decoding in Fig. 2).The flow chart of inquiry phase is as shown in Figure 5.The process of User decryption is such as Under:
User is received with after, is met threshold value 2, can be restored key κi.Assuming that vector X={ x1=20, x2 =10, x3=30 }, User holds x1, CSP holds x2, DO holds x3.User is held there are two polynomial valueSo according to the following formula available κiSolution are as follows:
The present invention for method secret division and inquiry phase attribute evaluation, additionally provide secret division (SSDA) and Two algorithms of attribute evaluation (AEA).
(1) secret division algorithm (Secret Share Distribution Algorithm, abbreviation SSDA): such as algorithm 1 Shown, the algorithm is using set K as input.Algorithm is by each key κ in set KiIt is divided into 3 Sub-Key:
Algorithm 1 sets the entity number of privacy sharing as 3 first, and the threshold value of secret reconstruction is 2 (line 1-2), then Define a series of variables (line 3-6).Algorithm 1 is each key κi∈ K generates Key ID and Sub-Key an IDs (line 7-11).Then an x is distributed for participant User, CSP and DOi(line 12-14) constitutes a three-dimensional vector X←{x1,x2,x3}(line 15).For each xjEach key κ of ∈ Xi∈ K, algorithm 1 generate a multinomial, and multinomial Formula coefficient is randomly selected (line 16-21).Finally by sub-key corresponding addition set (line 22-26), and will As a result AA and CSP (line27-28) are sent to.Setting hypothesis, there are a cipher key sets K={ κ12345(table 3), after the secret division stage, sub-secret (table 4a, 4b, 4c) is obtained, is held respectively by User, CSP and DO.
Table 3
Table 4a
Table 4b
Table 4c
(2) attribute evaluation algorithm (Attribute Evaluation Algorithm, abbreviation AEA): as shown in algorithm 2, The algorithm be used to assess User attribute SUserWhether in UACL table corresponding access authority tree T is met.AEA is with UACL, User Property set SUserAs input, while result is exported, if result=1, indicates that user property is legal;Otherwise illegal.
Algorithm 2 defines a series of variables (line 1-5) first, and wherein attr (x) indicates in node x to be the leaf node of T When, the value of attribute corresponding with node x;TxIndicate a stalk tree of T, and using node x as root node;kxIndicate the thresholding of node x Value.For user property collection SUserEach x node (line 6), first determine whether x whether be T leaf node.If node x It is the leaf node of T, if attr (x) ∈ S,Otherwise(line 7-10).If node x is not It is the leaf node (line 11) of T, then the child node x ' of calculate node xIt is worth (line 12).The x ' of accumulative return 1 Number, be stored in num (line 13-15).If kxA x ' return 1, thenOtherwise Finally return to result (line 23).If user property is legal the result is that 1;Otherwise user property is illegal.
Above-mentioned secret division algorithm (SSDA) are as follows:
Above-mentioned attribute evaluation algorithm (AEA) are as follows:
It can be seen from above-described embodiment that the present invention has following two points advantage: (1) amount of storage of DO: participant's The length of sub-secret is not less than the length of its shared secret.Method provided by the invention is by attribute and cipher key associated, and only to close Key carries out privacy sharing.Therefore, opposite that initial data is carried out privacy sharing, the amount of storage of the DO of this scheme is smaller.DO is only Need to store each encryption keyDO can be requested to CSP encrypted data andLagrange is recycled to insert Value function restores clear data.(2) workload of DO: DO only completes the encryption of initial data and close in the initial phase of system The segmentation of key and UACL table is sent to the work of AA.DO is not involved in inquiry phase.This means that DO does not need to complete largely The work for uploading downloading, re-encrypted, does not need to keep always on yet.

Claims (5)

1. a kind of big data sharing method towards cloud storage based on SMC, it is characterised in that: successively the following steps are included:
(1) initialize: the encryption and upload of the complete paired data of DO, AA is initialized and user's registration;
(2) secret division: secret is divided into three parts by (2,3) threshold secret sharing scheme by DO: WithWhereinBe sent to AA temporarily and be save,It is sent to CSP, DO storageWherein, i.e. κi∈K;1≤i≤n, the key κ of encryption There are n, κiIndicate one of them;
(3) it inquires: User shared data;
Wherein, the detailed process of the step (1) are as follows:
(1-1) DO is uploaded to CSP with Encryption Algorithm encryption data and by ciphertext first, and DO is each key κi∈ K generates one Key ID, corresponding Sub-Key IDs and access authority tree T;
User access control table is sent to believable attribute certification authority AA, user access control table by (1-2) AA initialization, DO In include Key ID and access authority tree T;
(1-3) user's registration allows user UiApplication for registration is sent to CA, CA is each user UiDistribute a unique identity Uidi, CA is to AA sending attribute logging request, and AA is according to the role or identity of user come distributive property collection SiGive user Ui, and Property set is returned into CA, CA generates the Uid comprising user identityiWith property set SiCertificateCA will be demonstrate,proved Book is sent to user U by exit passagewayi
2. the big data sharing method according to claim 1 towards cloud storage based on SMC, it is characterised in that: the step Suddenly in (2), for κi, the secret division of participant's set P={ User, CSP, DO } be divided into the following three steps:
(2-1) DO is by all key κi∈ K is encoded into ACSII code;
(2-2) sets t=2, n=3, determines a three-dimensional vector X={ x1,x2,x3, DO is by xiDistribute to pi∈ P, and xiValue It is disclosed;
(2-3) DO is randomly chosen a coefficient a1, then three order polynomial Pi(x) it is respectively defined as P1(x)=a1x1+a0, P2 (x)=a1x2+a0, P3(x)=a1x3+a0, polynomial value is the sub-secret Sub-Key after dividing;DO is each Sub-Key Generate a Sub-Key ID at random, and establish concordance list, by two of them Sub-Key and Sub-Key ID be randomly assigned to CSP and User, and the Sub Key of User is kept in by AA, concordance list is sent to CSP by DO.
3. the big data sharing method according to claim 1 towards cloud storage based on SMC, it is characterised in that: the step Suddenly in (3) User shared data detailed process are as follows:
(3-1) user User sends inquiry request Query to CSP;
After (3-2) CSP receives request, it is related to the cipher key sets QK of data for Query, will will include κ after search index tablei's The attribute checking request of Key ID and Sub-Key IDs are sent to AA;
(3-3) AA inquires UACL table and verifies user property, if user property is legal, AA willIt is sent to user User, And transmit verification result to CSP;
(3-4) if what CSP received is that attribute is verified, CSP is corresponding by ciphertext data and Sub-Key IDs It is sent to User;If what is received is not pass through, it is illegal that CSP returns to user property;
(3-5) User is receivedWithκ is calculated using Lagrange interpolating function afterwardsi, User is by κiASCII character translation At plaintext value.
4. the big data sharing method according to claim 3 towards cloud storage based on SMC, it is characterised in that: the step Suddenly in (3-3), when AA inquires user access control table verifying user property, judge whether its attribute meets corresponding permission access T is set, each key accesses tree T with permission and is associated in user access control table, and the root node of T is γ;Specific verification step is such as Under:
(3-3-1) judges S if x is the leaf node of TiWhether property set S is belonged to, ifThen Tx(γ)=0; If Si∈ S, then Tx(γ)=1;
(3-3-2) if x is not the leaf node of T, first calculate Tx′(Υ), wherein x ' is the child node of x, Tx(Υ) is returned 1 is returned and if only if at least kxA child node returns to 1;
(3-3-3) is if Tx(Υ)=1, then user User is legal;If Tx(Υ)=0, then user User is illegal.
5. the big data sharing method according to claim 3 towards cloud storage based on SMC, it is characterised in that: the step Suddenly in (3-5), User is receivedWithAfterwards, restore key κ if meeting threshold value 2i
Assuming that vector X={ x1,x2,x3, User holds x1, CSP holds x2, DO holds x3, User holds there are two polynomial valueSo according to the following formula available κiSolution are as follows:
CN201610121114.0A 2016-03-03 2016-03-03 A kind of big data sharing method towards cloud storage based on SMC Active CN105721146B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610121114.0A CN105721146B (en) 2016-03-03 2016-03-03 A kind of big data sharing method towards cloud storage based on SMC

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610121114.0A CN105721146B (en) 2016-03-03 2016-03-03 A kind of big data sharing method towards cloud storage based on SMC

Publications (2)

Publication Number Publication Date
CN105721146A CN105721146A (en) 2016-06-29
CN105721146B true CN105721146B (en) 2018-12-21

Family

ID=56157278

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610121114.0A Active CN105721146B (en) 2016-03-03 2016-03-03 A kind of big data sharing method towards cloud storage based on SMC

Country Status (1)

Country Link
CN (1) CN105721146B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106656997B (en) * 2016-11-09 2019-06-18 湖南科技学院 One kind being based on the cross-domain friend-making method for secret protection of mobile social networking proxy re-encryption
CN108418677B (en) * 2017-02-09 2021-01-15 杭州海康威视数字技术股份有限公司 Key backup and recovery method and device
CN107086902A (en) * 2017-03-22 2017-08-22 北京理工大学 It is a kind of that tripartite's examination & verification and the cloud storage system of file duplicate removal are supported based on dynamic threshold password
CN112364376A (en) * 2020-11-11 2021-02-12 贵州大学 Attribute agent re-encryption medical data sharing method
CN112860790B (en) * 2021-01-14 2023-05-30 华控清交信息科技(北京)有限公司 Data management method, system and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101569132A (en) * 2006-11-07 2009-10-28 安全第一公司 Systems and methods for distributing and securing data
WO2013131244A1 (en) * 2012-03-06 2013-09-12 Nokia Corporation Methods, apparatuses, and computer-readable storage media for securely accessing social networking data
CN104038349A (en) * 2014-07-03 2014-09-10 西安电子科技大学 Effective and verifiable public key searching encryption method based on KP-ABE
CN105282171A (en) * 2015-11-06 2016-01-27 北京大学深圳研究生院 Safe and reliable distributed cloud storage method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101569132A (en) * 2006-11-07 2009-10-28 安全第一公司 Systems and methods for distributing and securing data
WO2013131244A1 (en) * 2012-03-06 2013-09-12 Nokia Corporation Methods, apparatuses, and computer-readable storage media for securely accessing social networking data
CN104038349A (en) * 2014-07-03 2014-09-10 西安电子科技大学 Effective and verifiable public key searching encryption method based on KP-ABE
CN105282171A (en) * 2015-11-06 2016-01-27 北京大学深圳研究生院 Safe and reliable distributed cloud storage method

Also Published As

Publication number Publication date
CN105721146A (en) 2016-06-29

Similar Documents

Publication Publication Date Title
CN104486315B (en) A kind of revocable key outsourcing decryption method based on contents attribute
CN103731432B (en) Multi-user supported searchable encryption method
Zhao et al. Trusted data sharing over untrusted cloud storage providers
CN108881314B (en) Privacy protection method and system based on CP-ABE ciphertext under fog computing environment
CN104168108B (en) It is a kind of to reveal the traceable attribute base mixed encryption method of key
CN108768951B (en) Data encryption and retrieval method for protecting file privacy in cloud environment
CN105721146B (en) A kind of big data sharing method towards cloud storage based on SMC
CN108111540B (en) Hierarchical access control system and method supporting data sharing in cloud storage
CN104158880B (en) User-end cloud data sharing solution
CN110266687B (en) Method for designing Internet of things security agent data sharing module by adopting block chain technology
CN114039790A (en) Block chain-based fine-grained cloud storage security access control method
CN108632385B (en) Time sequence-based cloud storage privacy protection method for multi-branch tree data index structure
CN113225302B (en) Data sharing system and method based on proxy re-encryption
WO2018165835A1 (en) Cloud ciphertext access control method and system
WO2017061950A1 (en) Data security system and method for operation thereof
CN104993931A (en) Multi-user encrypted search method in cloud storage
CN106612169A (en) Safe data sharing method in cloud environment
CN113992330A (en) Block chain data controlled sharing method and system based on proxy re-encryption
CN108462575A (en) Upload data ciphering method based on no trusted party thresholding Hybrid Encryption
Jassem et al. Enhancement of quantum key distribution protocol for data security in cloud environment
CN114697042A (en) Block chain-based Internet of things security data sharing proxy re-encryption method
CN114430321B (en) DFA self-adaptive security-based black box traceable key attribute encryption method and device
CN116208330A (en) Industrial Internet cloud-edge cooperative data secure transmission method and system based on quantum encryption
Song et al. A group key exchange and secure data sharing based on privacy protection for federated learning in edge‐cloud collaborative computing environment
Verma et al. A hybrid two layer attribute based encryption for privacy preserving in public cloud

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20210318

Address after: 298 Xingye Road, Xinjie street, Yixing City, Wuxi City, Jiangsu Province

Patentee after: JIANGSU ZHUOYI INFORMATION TECHNOLOGY Co.,Ltd.

Address before: No. 302, Xuefu Road, Zhenjiang City, Jiangsu Province, 212000

Patentee before: JIANGSU University