CN105721146B - A kind of big data sharing method towards cloud storage based on SMC - Google Patents
A kind of big data sharing method towards cloud storage based on SMC Download PDFInfo
- Publication number
- CN105721146B CN105721146B CN201610121114.0A CN201610121114A CN105721146B CN 105721146 B CN105721146 B CN 105721146B CN 201610121114 A CN201610121114 A CN 201610121114A CN 105721146 B CN105721146 B CN 105721146B
- Authority
- CN
- China
- Prior art keywords
- user
- key
- csp
- sub
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/088—Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
Abstract
The present invention discloses a kind of big data sharing method towards cloud storage based on SMC, including with the next stage: (1) initializing, which includes encryption and upload, the AA initialization and three processes of user's registration of the complete paired data of DO;(2) secret division, the stage allow DO by key κiIt is divided intoWithIt is taken care of respectively by AA (temporary), DO, CSP;(3) it inquires, system allows User to send inquiry request to CSP, and after AA verifies user property, AA is sentTo User, then CSP send ciphertext data andTo User, last User restores key κiAnd decrypt ciphertext.The present invention can either allow User directly to obtain shared data from the end CSP, and dramatically mitigate DO in the workload of data sharing process;Method can also verify the attribute of User, to ensure that legal User could obtain data.
Description
Technical field
The present invention relates to cloud storage technologies, and in particular to a kind of big data sharing method towards cloud storage based on SMC.
Background technique
With bringing for big data era, explosive growth is being presented in data.For personal or enterprise, deposit
Storage, the limited PC of calculated performance, mobile phone or enterprise's private services device are no longer satisfied demand.People start to select
By big data storage to cloud.
However under cloud environment, data are uploaded to cloud service provider by data owner, in order to guarantee sensitive data
Confidentiality, data owner will be uploaded to again cloud service provider after data encryption.Although encryption can guarantee the secret of data
Property, but the quality of cloud service is reduced to a certain extent.
Data sharing is a very important function in cloud storage.In order to mitigate the workload of data owner, data
Owner allows authorized user directly to download ciphertext data from cloud service provider end, and formulates different solutions for specific user
Close scheme.But data owner is necessary for different users and formulates different decryption schemes, and may leakage during this
The privacy of data owner.
Confidentiality in order to protect data, prevents incredible CSP from peeping and analyzing data, and DO first will be in data encryption again
It is transmitted to CSP.In order to give data sharing to specific user, DO is necessary for each user and formulates special encipherment scheme, then will solution
Close encryption key distribution is to user, but the encryption overhead of DO is very big under this scheme.
A kind of ideal scheme, which is that all data are unified, to be encrypted, but distributes different keys for different user, and each
User can only decrypt the data of his Internet access.Also known as based on encryption attribute (Attribute-Based Encryption, ABE)
Fuzzy Identity based encryption (Fuzzy Identity-Based Encryption), be it is a kind of based on user property plus
Close scheme.ABE is there are two important branch: key strategy based on encryption attribute (Key-Policy Attribute-Based
Encryption, KP-ABE) and Ciphertext policy based on encryption attribute (Ciphertext-Policy Attribute-Based
Encryption, CP-ABE).Either KP-ABE or CP-ABE includes four main process initialization, encryptions, key
It generates and decrypts.In key generation process, ABE requires DO to be directed to the different attribute of user, generates for each user different
Key, therefore, DO must be always maintained at online in entire data sharing process, and the expense of DO is bigger.
It is proxy re-encryption (ProxyRe- that another kind, which can effectively realize the scheme that big data is shared under cloud environment,
Encryption, PRE).We by one simply example introduce her public key PK of PRE:AliceAEncrypt his
Photo, and the CSP not exclusively trusted is uploaded to by safe lane.When she go on business not when, she wants his photo
The public key for sharing to her good friend Bob, Bob is PKB, but Alice is not desired to again by her private key SKAIt is leaked to Bob.PRE permits
Perhaps Alice provides a re-encrypted private key RKA→BTo CSP, CSP can use RKA→BRe-encrypted PKAEncrypted ciphertext, and will
Ciphertext is transformed into the private key SK that can use BobBThe ciphertext of decryption, and confidential data will not be exposed in this process and any had
Close private key SKAAnd SKBAny information.But in PRE, DO needs to generate different re-encrypted private key RK, DO for different users
Communication and computing cost it is larger.
The data of encryption are uploaded to CSP by DO, and the available key ciphertext data of legal user obtains plaintext value.But
General data sharing is all integrally to encrypt data, then shares to User, and this way is easy to expose the privacy of DO.For
Solution this problem, Cheng-Kang Chu et al. provide data-sharing scheme expansible in a kind of cloud storage (below
Abbreviation Key-Aggregate), scheme allows DO to carry out block encryption storage to data.In order to avoid the privacy and volume of exposure DO
The encryption key of multiple piecemeals is aggregated into the aggregation key of a fixed size by outer information, Key-Aggregate scheme, hair
User is given, had not only protected the privacy of DO in this way, but also reduces the communication overhead between DO and User to a certain extent.?
In Key-Aggregate scheme, DO needs to generate different aggregation keys for the different data sharing request of different User, therefore
The communication overhead and calculating cost of DO is all bigger.
Summary of the invention
Goal of the invention: it is an object of the invention to solve the deficiencies in the prior art, one kind is provided towards cloud storage
Big data sharing method based on SMC, method provided by the invention are built upon on encipherment scheme, are held to the key of encryption
Big data secret sharing of the row based on SMC, not only may be implemented privacy sharing, but also can allow DO from the extensive work of data sharing
It is detached from.
Technical solution: a kind of big data sharing method towards cloud storage based on SMC of the present invention, successively include with
Lower step:
(1) initialize: the encryption and upload of the complete paired data of DO, AA is initialized and user's registration;
(2) secret division: secret is divided into three parts by (2,3) threshold secret sharing scheme by DO:WithWhereinBe sent to AA temporarily and be save,It is sent to CSP, DO storageWherein, i.e. κi∈ K, 1≤i≤n;
(3) it inquires: User shared data.
Further, the detailed process of the step (1) are as follows:
(1-1) DO with existing Encryption Algorithm (such as SDB and protection encryption etc.) encryption data and uploads ciphertext first
To CSP, DO is each key κi∈ K generates Key ID, corresponding Sub-Key IDs and access authority tree T;
User access control table is sent to believable attribute certification authority AA by (1-2) AA initialization, DO, and user accesses control
It include Key ID and access authority tree T in tabulation;
(1-3) user's registration allows user UiApplication for registration is sent to CA, CA is each user UiDistribution one unique
Identity Uidi, CA is to AA sending attribute logging request, and AA is according to the role or identity of user come distributive property collection SiTo user
Ui, and property set is returned into CA, CA generates the Uid comprising user identityiWith property set SiCertificateCA
Certificate is sent to user U by exit passagewayi。
Further, in the step (2), for κi, the secret division point of participant's set P={ User, CSP, DO }
For the following three steps:
(2-1) DO is by all key κi∈ K is encoded into ACSII code, and the purpose done so is in order to meet all data types
Data;
(2-2) sets t=2, n=3, determines a three-dimensional vector X={ x1,x2,x3, DO is by xiDistribute to pi∈ P, and xi
Value be disclosed;
(2-3) DO is randomly chosen a coefficient a1, then three order polynomial Pi(x) it is respectively defined as P1(x)=a1x1+
a0, P2(x)=a1x2+a0, P3(x)=a1x3+a0, polynomial value is the sub-secret Sub-Key after dividing;DO is each
Sub-Key generates a Sub-Key ID at random, and establishes concordance list, and two of them Sub-Key and Sub-Key ID is random
CSP and User are distributed in ground, and the Sub Key of User is kept in by AA, and concordance list is sent to CSP by DO.
Further, in the step (3) User shared data detailed process are as follows:
(3-1) user User sends inquiry request Query to CSP;
After (3-2) CSP receives request, it is related to the cipher key sets QK of data for Query, after search index table, will will include
κiThe attribute checking request of Key ID and Sub-Key IDs be sent to AA;
(3-3) AA inquires UACL table and verifies user property, if user property is legal, AA willIt is sent to user
User, and transmit verification result to CSP;
(3-4) if what CSP received is that attribute is verified, CSP is corresponding by ciphertext data and Sub-Key IDsIt is sent to User;If what is received is not pass through, it is illegal that CSP returns to user property;
(3-5) User is receivedWithκ is calculated using Lagrange interpolating function afterwardsi, User is by κiASCII
Code translates into plaintext value.
Further, in the step (3-3), when AA inquires user access control table verifying user property, judge its category
Property whether meet corresponding permission access tree T, each key accesses tree T with permission and is associated in user access control table, the root of T
Node isSpecific verification step is as follows:
(3-3-1) judges S if x is the leaf node of TiWhether property set S is belonged to, ifThenIf Si∈ S, then
(3-3-2) if x is not the leaf node of T, first calculateWherein x ' is the child node of x,
1 is returned and if only if at least kxA child node returns to 1;
(3-3-3) ifSo user User is legal;IfSo user User is illegal.
Further, in the step (3-5), User is receivedWithAfterwards, restore key if meeting threshold value 2
κi;
Assuming that vector X={ x1,x2,x3, x1、x2And x3It is randomly generated, such as x1=20, x2=10, x3=30,
User holds x1, CSP holds x2, DO holds x3, User holds there are two polynomial valueSo according to the following formula available κiSolution are as follows:
The utility model has the advantages that the present invention can either allow User directly to obtain shared data from the end CSP, and dramatically subtract
Workload of the light DO in data sharing process;Method can also verify the attribute of User, can be obtained with ensuring legal User
Access evidence.
Detailed description of the invention
Fig. 1 is the schematic diagram of access authority tree T in embodiment;
Fig. 2 is embodiment system architecture diagram;
Fig. 3 is initialization and the secret division phase flow figure of embodiment, wherein step 1-6 is initial phase, step
7-9 is the secret division stage;
Fig. 4 is inquiry phase architecture diagram in embodiment;
Fig. 5 is the flow chart of inquiry phase in embodiment.
Specific embodiment
Technical solution of the present invention is described in detail below, but protection scope of the present invention is not limited to the implementation
Example.
Big data sharing method towards cloud storage based on SMC of the invention includes following three phases:
(1) initialize: the encryption and upload of the complete paired data of DO, AA is initialized and user's registration.
As shown in figure 3, ciphertext with existing Encryption Algorithm encryption data and is uploaded to CSP first by (1-1) DO.DO is every
A key κi∈ K generates Key ID, corresponding Sub-Key IDs and access authority tree T.
(1-2) AA initialization.User access control table (UACL) is sent to believable attribute certification authority AA, UACL by DO
It is shown in Table 1, UACL contains Key ID and access authority tree T;Wherein, access authority tree T defines the access structure of key.
Assuming that key κiAccess authority tree TiAs shown in Figure 1, so user UiAttribute SiIt must satisfy Si={ A } or Si=B, C,
D } or Si={ E, F }, could restore κiValue.
(1-3) user's registration.System allows user UiApplication for registration is sent to CA, CA is each user UiDistribution one is only
One identity Uidi, CA issues attribute logging request to AA, and AA is according to the role of user
Or identity carrys out distributive property collection SiGive user Ui, and property set is returned into CA, CA is generated comprising user identity
UidiWith property set SiCertificateCertificate is sent to user U by exit passageway by CAi。
(2) secret division: DO passes through (2,3) threshold secret sharing scheme for secret (i.e. κi∈ K) it is divided into three parts:WithWhereinBe sent to AA temporarily and be save,It is sent to CSP, oneself storageFor κi, ginseng
Be divided into the secret division of person's set P={ User, CSP, DO } the following three steps:
(2-1) DO is by all key κi∈ K is encoded into ACSII code (the translater coding in Fig. 2).The purpose done so is
Meet the data of all data types.
(2-2) sets us and sets t=2, n=3.Determine a three-dimensional vector X={ x1,x2,x3}.DO is by xiDistribute to pi∈
P, and xiValue be disclosed.
(2-3) DO is randomly chosen a coefficient a1.So three order polynomial Pi(x) P can be defined as1(x)=
a1x1+a0, P2(x)=a1x2+a0, P3(x)=a1x3+a0, polynomial value is the sub-secret Sub-Key after dividing.DO is every
A Sub-Key generates a Sub-Key ID at random, and establishes concordance list (2) IndexTable is shown in Table, by two of them Sub-
Key and Sub-Key ID is randomly assigned to CSP and User (the Sub Key of User is kept in by AA).Concordance list is sent to by DO
CSP。
(3) it inquires: the process of User shared data (see Fig. 4).Inquiry phase is divided into following five steps:
(3-1) user User sends inquiry request Query to CSP.
After (3-2) CSP receives request, first analyzes Query and be related to the cipher key sets QK of data, search index table
It (IndexTable) will include κ afteriThe attribute checking request of Key ID and Sub-Key IDs be sent to AA.
(3-3) AA inquires UACL table and verifies user property, if user property is legal, AA willIt is sent to user
User, and CSP is transmitted verification result to, when AA inquires UACL table verifying user property, judge whether its attribute meets correspondence
Permission access tree T.Each key accesses tree T with permission and is associated in UACL, and the root node of T isSpecific verification process
It is as follows:
(3-3-1) judges S if x is the leaf node of TiWhether property set S is belonged to.IfThenIf Si∈ S, then
(3-3-2) if x is not the leaf node of T, first calculateWherein x ' is the child node of x,
1 is returned and if only if at least kxA child node returns to 1.
(3-3-3) ifSo user User is legal;IfSo user User is illegal.
(3-4) if what CSP received is that attribute is verified, CSP is corresponding by ciphertext data and Sub-Key IDsIt is sent to User;If what is received is not pass through, it is illegal that CSP returns to user property.
(3-5) User is receivedWithκ is calculated using Lagrange interpolating function afterwardsi, User is by κiASCII
Code translates into plaintext value (the translater decoding in Fig. 2).The flow chart of inquiry phase is as shown in Figure 5.The process of User decryption is such as
Under:
User is received with after, is met threshold value 2, can be restored key κi.Assuming that vector X={ x1=20, x2
=10, x3=30 }, User holds x1, CSP holds x2, DO holds x3.User is held there are two polynomial valueSo according to the following formula available κiSolution are as follows:
The present invention for method secret division and inquiry phase attribute evaluation, additionally provide secret division (SSDA) and
Two algorithms of attribute evaluation (AEA).
(1) secret division algorithm (Secret Share Distribution Algorithm, abbreviation SSDA): such as algorithm 1
Shown, the algorithm is using set K as input.Algorithm is by each key κ in set KiIt is divided into 3 Sub-Key:
Algorithm 1 sets the entity number of privacy sharing as 3 first, and the threshold value of secret reconstruction is 2 (line 1-2), then
Define a series of variables (line 3-6).Algorithm 1 is each key κi∈ K generates Key ID and Sub-Key an IDs
(line 7-11).Then an x is distributed for participant User, CSP and DOi(line 12-14) constitutes a three-dimensional vector
X←{x1,x2,x3}(line 15).For each xjEach key κ of ∈ Xi∈ K, algorithm 1 generate a multinomial, and multinomial
Formula coefficient is randomly selected (line 16-21).Finally by sub-key corresponding addition set (line 22-26), and will
As a result AA and CSP (line27-28) are sent to.Setting hypothesis, there are a cipher key sets K={ κ1,κ2,κ3,κ4,κ5(table
3), after the secret division stage, sub-secret (table 4a, 4b, 4c) is obtained, is held respectively by User, CSP and DO.
Table 3
Table 4a
Table 4b
Table 4c
(2) attribute evaluation algorithm (Attribute Evaluation Algorithm, abbreviation AEA): as shown in algorithm 2,
The algorithm be used to assess User attribute SUserWhether in UACL table corresponding access authority tree T is met.AEA is with UACL, User
Property set SUserAs input, while result is exported, if result=1, indicates that user property is legal;Otherwise illegal.
Algorithm 2 defines a series of variables (line 1-5) first, and wherein attr (x) indicates in node x to be the leaf node of T
When, the value of attribute corresponding with node x;TxIndicate a stalk tree of T, and using node x as root node;kxIndicate the thresholding of node x
Value.For user property collection SUserEach x node (line 6), first determine whether x whether be T leaf node.If node x
It is the leaf node of T, if attr (x) ∈ S,Otherwise(line 7-10).If node x is not
It is the leaf node (line 11) of T, then the child node x ' of calculate node xIt is worth (line 12).The x ' of accumulative return 1
Number, be stored in num (line 13-15).If kxA x ' return 1, thenOtherwise
Finally return to result (line 23).If user property is legal the result is that 1;Otherwise user property is illegal.
Above-mentioned secret division algorithm (SSDA) are as follows:
Above-mentioned attribute evaluation algorithm (AEA) are as follows:
It can be seen from above-described embodiment that the present invention has following two points advantage: (1) amount of storage of DO: participant's
The length of sub-secret is not less than the length of its shared secret.Method provided by the invention is by attribute and cipher key associated, and only to close
Key carries out privacy sharing.Therefore, opposite that initial data is carried out privacy sharing, the amount of storage of the DO of this scheme is smaller.DO is only
Need to store each encryption keyDO can be requested to CSP encrypted data andLagrange is recycled to insert
Value function restores clear data.(2) workload of DO: DO only completes the encryption of initial data and close in the initial phase of system
The segmentation of key and UACL table is sent to the work of AA.DO is not involved in inquiry phase.This means that DO does not need to complete largely
The work for uploading downloading, re-encrypted, does not need to keep always on yet.
Claims (5)
1. a kind of big data sharing method towards cloud storage based on SMC, it is characterised in that: successively the following steps are included:
(1) initialize: the encryption and upload of the complete paired data of DO, AA is initialized and user's registration;
(2) secret division: secret is divided into three parts by (2,3) threshold secret sharing scheme by DO: WithWhereinBe sent to AA temporarily and be save,It is sent to CSP, DO storageWherein, i.e. κi∈K;1≤i≤n, the key κ of encryption
There are n, κiIndicate one of them;
(3) it inquires: User shared data;
Wherein, the detailed process of the step (1) are as follows:
(1-1) DO is uploaded to CSP with Encryption Algorithm encryption data and by ciphertext first, and DO is each key κi∈ K generates one
Key ID, corresponding Sub-Key IDs and access authority tree T;
User access control table is sent to believable attribute certification authority AA, user access control table by (1-2) AA initialization, DO
In include Key ID and access authority tree T;
(1-3) user's registration allows user UiApplication for registration is sent to CA, CA is each user UiDistribute a unique identity
Uidi, CA is to AA sending attribute logging request, and AA is according to the role or identity of user come distributive property collection SiGive user Ui, and
Property set is returned into CA, CA generates the Uid comprising user identityiWith property set SiCertificateCA will be demonstrate,proved
Book is sent to user U by exit passagewayi。
2. the big data sharing method according to claim 1 towards cloud storage based on SMC, it is characterised in that: the step
Suddenly in (2), for κi, the secret division of participant's set P={ User, CSP, DO } be divided into the following three steps:
(2-1) DO is by all key κi∈ K is encoded into ACSII code;
(2-2) sets t=2, n=3, determines a three-dimensional vector X={ x1,x2,x3, DO is by xiDistribute to pi∈ P, and xiValue
It is disclosed;
(2-3) DO is randomly chosen a coefficient a1, then three order polynomial Pi(x) it is respectively defined as P1(x)=a1x1+a0, P2
(x)=a1x2+a0, P3(x)=a1x3+a0, polynomial value is the sub-secret Sub-Key after dividing;DO is each Sub-Key
Generate a Sub-Key ID at random, and establish concordance list, by two of them Sub-Key and Sub-Key ID be randomly assigned to
CSP and User, and the Sub Key of User is kept in by AA, concordance list is sent to CSP by DO.
3. the big data sharing method according to claim 1 towards cloud storage based on SMC, it is characterised in that: the step
Suddenly in (3) User shared data detailed process are as follows:
(3-1) user User sends inquiry request Query to CSP;
After (3-2) CSP receives request, it is related to the cipher key sets QK of data for Query, will will include κ after search index tablei's
The attribute checking request of Key ID and Sub-Key IDs are sent to AA;
(3-3) AA inquires UACL table and verifies user property, if user property is legal, AA willIt is sent to user User,
And transmit verification result to CSP;
(3-4) if what CSP received is that attribute is verified, CSP is corresponding by ciphertext data and Sub-Key IDs
It is sent to User;If what is received is not pass through, it is illegal that CSP returns to user property;
(3-5) User is receivedWithκ is calculated using Lagrange interpolating function afterwardsi, User is by κiASCII character translation
At plaintext value.
4. the big data sharing method according to claim 3 towards cloud storage based on SMC, it is characterised in that: the step
Suddenly in (3-3), when AA inquires user access control table verifying user property, judge whether its attribute meets corresponding permission access
T is set, each key accesses tree T with permission and is associated in user access control table, and the root node of T is γ;Specific verification step is such as
Under:
(3-3-1) judges S if x is the leaf node of TiWhether property set S is belonged to, ifThen Tx(γ)=0;
If Si∈ S, then Tx(γ)=1;
(3-3-2) if x is not the leaf node of T, first calculate Tx′(Υ), wherein x ' is the child node of x, Tx(Υ) is returned
1 is returned and if only if at least kxA child node returns to 1;
(3-3-3) is if Tx(Υ)=1, then user User is legal;If Tx(Υ)=0, then user User is illegal.
5. the big data sharing method according to claim 3 towards cloud storage based on SMC, it is characterised in that: the step
Suddenly in (3-5), User is receivedWithAfterwards, restore key κ if meeting threshold value 2i;
Assuming that vector X={ x1,x2,x3, User holds x1, CSP holds x2, DO holds x3, User holds there are two polynomial valueSo according to the following formula available κiSolution are as follows:
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610121114.0A CN105721146B (en) | 2016-03-03 | 2016-03-03 | A kind of big data sharing method towards cloud storage based on SMC |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610121114.0A CN105721146B (en) | 2016-03-03 | 2016-03-03 | A kind of big data sharing method towards cloud storage based on SMC |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105721146A CN105721146A (en) | 2016-06-29 |
CN105721146B true CN105721146B (en) | 2018-12-21 |
Family
ID=56157278
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610121114.0A Active CN105721146B (en) | 2016-03-03 | 2016-03-03 | A kind of big data sharing method towards cloud storage based on SMC |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105721146B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106656997B (en) * | 2016-11-09 | 2019-06-18 | 湖南科技学院 | One kind being based on the cross-domain friend-making method for secret protection of mobile social networking proxy re-encryption |
CN108418677B (en) * | 2017-02-09 | 2021-01-15 | 杭州海康威视数字技术股份有限公司 | Key backup and recovery method and device |
CN107086902A (en) * | 2017-03-22 | 2017-08-22 | 北京理工大学 | It is a kind of that tripartite's examination & verification and the cloud storage system of file duplicate removal are supported based on dynamic threshold password |
CN112364376A (en) * | 2020-11-11 | 2021-02-12 | 贵州大学 | Attribute agent re-encryption medical data sharing method |
CN112860790B (en) * | 2021-01-14 | 2023-05-30 | 华控清交信息科技(北京)有限公司 | Data management method, system and device |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101569132A (en) * | 2006-11-07 | 2009-10-28 | 安全第一公司 | Systems and methods for distributing and securing data |
WO2013131244A1 (en) * | 2012-03-06 | 2013-09-12 | Nokia Corporation | Methods, apparatuses, and computer-readable storage media for securely accessing social networking data |
CN104038349A (en) * | 2014-07-03 | 2014-09-10 | 西安电子科技大学 | Effective and verifiable public key searching encryption method based on KP-ABE |
CN105282171A (en) * | 2015-11-06 | 2016-01-27 | 北京大学深圳研究生院 | Safe and reliable distributed cloud storage method |
-
2016
- 2016-03-03 CN CN201610121114.0A patent/CN105721146B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101569132A (en) * | 2006-11-07 | 2009-10-28 | 安全第一公司 | Systems and methods for distributing and securing data |
WO2013131244A1 (en) * | 2012-03-06 | 2013-09-12 | Nokia Corporation | Methods, apparatuses, and computer-readable storage media for securely accessing social networking data |
CN104038349A (en) * | 2014-07-03 | 2014-09-10 | 西安电子科技大学 | Effective and verifiable public key searching encryption method based on KP-ABE |
CN105282171A (en) * | 2015-11-06 | 2016-01-27 | 北京大学深圳研究生院 | Safe and reliable distributed cloud storage method |
Also Published As
Publication number | Publication date |
---|---|
CN105721146A (en) | 2016-06-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104486315B (en) | A kind of revocable key outsourcing decryption method based on contents attribute | |
CN103731432B (en) | Multi-user supported searchable encryption method | |
Zhao et al. | Trusted data sharing over untrusted cloud storage providers | |
CN108881314B (en) | Privacy protection method and system based on CP-ABE ciphertext under fog computing environment | |
CN104168108B (en) | It is a kind of to reveal the traceable attribute base mixed encryption method of key | |
CN108768951B (en) | Data encryption and retrieval method for protecting file privacy in cloud environment | |
CN105721146B (en) | A kind of big data sharing method towards cloud storage based on SMC | |
CN108111540B (en) | Hierarchical access control system and method supporting data sharing in cloud storage | |
CN104158880B (en) | User-end cloud data sharing solution | |
CN110266687B (en) | Method for designing Internet of things security agent data sharing module by adopting block chain technology | |
CN114039790A (en) | Block chain-based fine-grained cloud storage security access control method | |
CN108632385B (en) | Time sequence-based cloud storage privacy protection method for multi-branch tree data index structure | |
CN113225302B (en) | Data sharing system and method based on proxy re-encryption | |
WO2018165835A1 (en) | Cloud ciphertext access control method and system | |
WO2017061950A1 (en) | Data security system and method for operation thereof | |
CN104993931A (en) | Multi-user encrypted search method in cloud storage | |
CN106612169A (en) | Safe data sharing method in cloud environment | |
CN113992330A (en) | Block chain data controlled sharing method and system based on proxy re-encryption | |
CN108462575A (en) | Upload data ciphering method based on no trusted party thresholding Hybrid Encryption | |
Jassem et al. | Enhancement of quantum key distribution protocol for data security in cloud environment | |
CN114697042A (en) | Block chain-based Internet of things security data sharing proxy re-encryption method | |
CN114430321B (en) | DFA self-adaptive security-based black box traceable key attribute encryption method and device | |
CN116208330A (en) | Industrial Internet cloud-edge cooperative data secure transmission method and system based on quantum encryption | |
Song et al. | A group key exchange and secure data sharing based on privacy protection for federated learning in edge‐cloud collaborative computing environment | |
Verma et al. | A hybrid two layer attribute based encryption for privacy preserving in public cloud |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20210318 Address after: 298 Xingye Road, Xinjie street, Yixing City, Wuxi City, Jiangsu Province Patentee after: JIANGSU ZHUOYI INFORMATION TECHNOLOGY Co.,Ltd. Address before: No. 302, Xuefu Road, Zhenjiang City, Jiangsu Province, 212000 Patentee before: JIANGSU University |