CN107329911B - Cache replacement method based on CP-ABE attribute access mechanism - Google Patents
Cache replacement method based on CP-ABE attribute access mechanism Download PDFInfo
- Publication number
- CN107329911B CN107329911B CN201710535708.0A CN201710535708A CN107329911B CN 107329911 B CN107329911 B CN 107329911B CN 201710535708 A CN201710535708 A CN 201710535708A CN 107329911 B CN107329911 B CN 107329911B
- Authority
- CN
- China
- Prior art keywords
- attribute
- file
- cache
- value
- values
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/02—Addressing or allocation; Relocation
- G06F12/08—Addressing or allocation; Relocation in hierarchically structured memory systems, e.g. virtual memory systems
- G06F12/12—Replacement control
- G06F12/121—Replacement control using replacement algorithms
Abstract
The invention discloses a cache replacement algorithm based on a CP-ABE attribute access mechanism, which is characterized by firstly analyzing an access strategy of cloud storage data based on CP-ABE encryption, and aiming at the CP-ABE encrypted data, providing an effective cache replacement algorithm, namely a minimum attribute value algorithm (MAV for short), combining an encrypted file access strategy, counting high-frequency attribute values, combining attribute similarity and file SIZE, calculating file attribute value, and replacing a cache file with the minimum file attribute value.
Description
Technical Field
The invention relates to the field of computer cache replacement methods, in particular to a cache replacement method based on a CP-ABE attribute access mechanism, which is applied to the cloud storage cache replacement of data encrypted based on CP-ABE.
Background
With the rapid development of telecom operation business, the data volume managed by a business system of the telecom operation business is larger and larger, and in the face of increasing big data of a power grid, a new generation information technology represented by the internet of things and cloud computing is widely applied to the power industry gradually. The power department terminal dynamically monitors the power infrastructure and acquires data, how to efficiently and safely protect the data and transmit the data to the cloud platform is an important problem for protecting the big power data. The method for solving the safety problem of the large data of the power grid under the unsafe cloud platform is an effective method for utilizing an encryption technology to encrypt the large data of the power grid and then storing the large data in the cloud.
The cloud storage caching technology is used for shortening the distance between an object and an application, and is an important means for improving the application performance of a cloud platform. The core of the cloud storage cache is a replacement strategy of cache contents. Cache replacement refers to a process of replacing an old object with a new object when a cache is full, a cache replacement algorithm is an important factor influencing cache performance, and a good cache replacement algorithm can generate a high cache hit rate, so that the cache performance is improved.
At present, the cache replacement strategies commonly used in the cloud storage cache strategies are mainly the following:
(1) l RU algorithm, which replaces the least recently used element object from the cache to ensure that the current remaining space can accommodate the new element object, is easy to implement, but fails to consider the problems of delay time, access frequency, object size, etc., and the hit rate of the system is low.
(2) L FU algorithm, which replaces the element object with the least number of accesses out of the cache, though the algorithm is simple to implement, the factors such as access time interval, object size and the like are not considered, and the algorithm has no application value to the 'hot spot' data scene.
(3) The SIZE algorithm replaces the largest element object out of the cache. Because the algorithm only considers the size of the object, the realization is easy, but the elements which are cleaned out of the cache are put into the cache, and the hit rate is low.
(4) L UV algorithm, which saves the access history of the object, and replaces the least expensive object in the cache by designing a cost function to estimate the probability of the object being accessed again according to the access times and the access elapsed time.
(5) The MIX algorithm optimizes parameter configuration by considering a plurality of attributes such as element object size, access frequency, access time difference and the like, but the parameter optimization scheme is complex to realize.
In the face of an unsafe cloud storage environment, different encryption technologies are used for encrypting data, and the data are stored in the cloud end, so that a better solution is provided. However, the currently proposed cache replacement algorithm aims at plaintext data, and no cache replacement strategy is provided for encrypted data.
Disclosure of Invention
The invention aims to design a cache replacement method for CP-ABE encrypted data, which can be used for counting the attribute values of encrypted files, calculating the value of the attribute values of the files and replacing the files with the minimum attribute value by utilizing an access strategy of the files encrypted based on a CP-ABE algorithm. The method well solves the problem of the replacement of the cloud storage cache of the file encrypted based on the CP-ABE.
The purpose of the invention is realized as follows:
a cache replacement method based on a CP-ABE attribute access mechanism comprises the following specific steps:
(1) establishing an attribute table T in combination with an access strategy of the encrypted file, and counting attribute value information;
(2) according to the table T, calculating the attribute similarity of the encrypted file by using the text similarity in data mining;
(3) and calculating the attribute value of the file according to the attribute similarity and the file size, and replacing the cache file with the minimum file attribute value.
The specific steps of establishing the attribute table T are as follows:
(1) let attribute table T, capacity C, A ═ a1,a2,...,aqThe attribute set in the table T is divided into three columns, which are respectively recorded as: sequence number, attribute value and attribute value number;
(2) arranging the attribute values in the table T according to the accessed time of the file containing the attribute values and the principle that the most recently used attribute values are arranged at the top;
(3) when a file in the cache is replaced, the number of the attribute values of the replaced file in the table T is reduced, and when the number of certain attributes is reduced to 0, the attribute values are deleted from the table T; when a new file is replaced in the cache, the number of attribute values of the new file is increased in the table T, and the arrangement sequence of attributes in the table T is changed according to the new access time.
The method for calculating the attribute similarity of the encrypted file by using the text similarity in data mining comprises the following specific calculation formula:
wherein the content of the first and second substances,is an attribute frequency vector, xi,yiThe attribute weight is regarded as the key word, the number of the attribute values is used as the weight of the attribute, thereby obtaining the attribute frequency vectorThe attribute value in the access strategy of the encrypted file is regarded as a keyword, the number of the attribute values is calculated and used as the weight of the attribute, and another attribute frequency vector is obtained
The attribute value of the file is calculated according to the attribute similarity and the file size, and the specific calculation formula is as follows:
wherein, FAViFor the value of the attribute value of the file, SizeiRepresents the size of the file Fi; in the process of cache replacement, the attribute value values of the files in the cache and the new files to be replaced are respectively calculated to replace FAViThe file with the smallest value.
The invention utilizes the access strategy of the CP-ABE encryption algorithm, the file encrypted based on the CP-ABE has a corresponding access strategy, the access strategy is embodied in the form of an access structure tree, the access structure tree is composed of connecting words and attribute values of the file, leaf nodes of the access structure tree represent the attribute values of the encrypted file, and other nodes are the connecting words.
The invention establishes an attribute value table according to the access strategy of the encrypted file, and is used for storing and counting the attribute values of the accessed encrypted file. Let the capacity of the attribute storage table be C, A ═ a1,a2,...,aqThe attribute is set in table T, and attribute statistics table T is divided into three columns, which are respectively recorded: sequence number, attribute value and number of attribute values. The arrangement order of the attribute values in the table T is arranged according to the accessed time of the file containing the attribute value and the principle that the most recently used attribute value is arranged at the top. When a file in the cache is replaced, the corresponding number of the attribute values of the replaced file in the table T is reduced, and when the number of certain attributes is reduced to 0, the attribute values are deleted from the table T; when a new file is replaced in the cache, the number of attribute values of the new file is correspondingly increased in the table T, and the arrangement sequence of the attributes in the table T is changed correspondingly according to the new access time.
After the attribute table is established, the attribute similarity of the encrypted file is calculated by utilizing the concept of the text similarity commonly used in data mining. And meanwhile, considering the size factor of the cache file, calculating the value of the attribute value (FAV) of the file, and taking the value of the attribute value as the standard for replacing the file in the cache. In the attribute table T, the table T is regarded as a text, the attribute values in the table T are regarded as keywords, and the number of the attribute values is used as the weight of the attribute, so that the attribute frequency vector is obtainedSimilarly, a single encrypted file is regarded as a text, the attribute values in the access strategy of the encrypted file are regarded as keywords, the number of the attribute values is calculated and used as the weight of the attribute, and another attribute frequency vector is obtainedCalculating the attribute similarity according to a cosine similarity formula, and calculating the attribute value FAV of the file by combining the size factor of the filei,SizeiPresentation document FiSize of (D), value of attribute value FAViThe calculation formula of (2) is as follows:
in the process of cache replacement, the attribute value values of the files in the cache and the new files to be replaced are respectively calculated to replace FAViThe file with the smallest value.
The invention has the beneficial effects that:
the invention provides a cache replacement method of data based on CP-ABE encryption, MAV, the method is a low-cost, high-performance and adaptive method, it combines the special access strategy of the file based on CP-ABE encryption, through the attribute value in the access strategy of the statistics encryption file, establish the attribute value statistical table, calculate the attribute weight, utilize the cosine similarity algorithm in the method of calculating text similarity, calculate the attribute value similarity of the encryption file, consider the SIZE factor of the file at the same time, calculate the attribute value of the file in the cache, replace the file with the minimum attribute value.
The invention fully considers the characteristics of the file encrypted based on the CP-ABE, combines the access strategy of the encrypted file, simultaneously considers the access time interval and the access frequency of the file, establishes the attribute value statistical table, and applies the method for calculating the text similarity to the cache replacement method, so that the method simultaneously considers the access time, the access frequency, the attribute similarity and the file size of the file, is favorable for better predicting the cache file, and is favorable for leading the method to be superior to other methods in the aspects of the file hit rate and the byte hit rate.
Drawings
FIG. 1 is a schematic diagram of a CP-ABE algorithm access policy tree in the present invention;
FIG. 2 is a schematic diagram of an attribute value statistical table according to the present invention;
FIG. 3 is a diagram illustrating a statistical table of changed attribute values according to the present invention;
FIG. 4 is a graph showing the comparison of the file hit rate of the present invention with other algorithms;
FIG. 5 is a diagram showing the comparison of the byte hit rate of the present invention with other algorithms;
FIG. 6 is a flow chart of a method of the present invention;
Detailed Description
The method of the present invention is described in detail below with reference to the accompanying drawings.
In the CP-ABE attribute policy, a user key is associated with a set of attributes. When uploading a file, before encrypting the file, a corresponding access policy is designed, the access policy is established as an access structure tree, leaf nodes of the tree are all corresponding attributes, and the access policy tree is shown in fig. 1. When in decryption, the user firstly uploads the attribute of the user, the system compares the attribute value of the user to be decrypted with the attribute value in the access strategy, and a corresponding private key can be formed when the requirement is met, so that the file can be decrypted; otherwise, the access request of the user is directly rejected. From the access control of the CP-ABE attributes, it can be seen that the files encrypted based on the CP-ABE all contain an access policy, and the attributes of the encrypted files are closely related to the access policy. The attribute matching process is also needed when the encrypted file is accessed, so for the file data encrypted based on the CP-ABE, a cache replacement method based on the attribute access policy can be proposed by starting from the access policy of the file.
The MAV algorithm provided by the invention is used for counting the attribute values in the access strategy of the cache file. Establishing an attribute table T with the capacity of C, A ═ a1,a2,...,aqThe attribute is set in table T, and attribute statistics table T is divided into three columns, which are respectively recorded: sequence number, attribute value and number of attribute values. The arrangement order of the attribute values in the table T is arranged according to the accessed time of the file containing the attribute value and the principle that the most recently used attribute value is arranged at the top. When a file in the cache is replaced, the corresponding number of the attribute values of the replaced file in the table T is reduced, and when the number of certain attributes is reduced to 0, the attribute values are deleted from the table T; when a new file is replaced in the cache, the number of attribute values of the new file is correspondingly increased in the table T, and the arrangement sequence of the attributes in the table T is correspondingly carried out according to the new access timeA change in position. Suppose that A, B, C, D, E files exist in the cache at present, the access sequence is B, D, A, C, E, and the attribute values in the access strategies of the 5 files are respectively A, Huashida, software college, embedded type and student; b, Master of China, software college, embedded type, teacher; c, Master Hua, software college, cryptography and students; d, Master Hua, education college, preschool education, student; e: huashida, sports college, aerobics exercises and students. The statistical table of the attribute values of the above five files is shown in fig. 2 according to the number of access times of the attribute values and the access frequency of the attribute values. The arrangement order of the attribute values in the table T is arranged according to the accessed time of the file containing the attribute value and the principle that the most recently used attribute value is arranged at the top, and the changed attribute value statistical table is shown in fig. 3.
In the method, the concept of 'text similarity' commonly used in data mining is used for reference, the 'attribute similarity' of the encrypted file is calculated, the size factor of the cache file is considered, the File Attribute Value (FAV) is calculated, and the attribute value is used as the standard for replacing the file in the cache. The attribute similarity of the encrypted file is calculated by adopting a cosine similarity method, the cosine similarity uses the cosine value of the included angle of two vectors in a vector space as the size for measuring the difference between two individuals, and the closer the cosine value is to 1, the closer the included angle is to 0 degree, namely the more similar the two vectors are.
In the attribute table T, the table T is regarded as a text, the attribute values in the table T are regarded as keywords, and the number of the attribute values is used as the weight of the attribute, so that the attribute frequency vector is obtainedWherein each component corresponds to an attribute a in the attribute table TiComponent value xiIs attribute aiThe number of (2); similarly, a single encrypted file is regarded as a text, the attribute values in the access strategy of the encrypted file are regarded as keywords, the number of the attribute values is calculated and used as the weight of the attribute, and another attribute frequency vector is obtainedWherein each component corresponds to an attribute value p in the file access policyiComponent value yiAlso attribute piThe number of (2). Here, a vector is requiredSum vectorWhere n is m, but in table T the attribute set a is a1,a2,...,aqAnd attribute set P ═ P of a single file1,p2,...,pkIn ≠ k and q>>k. For similarity calculation, m is made k, and n is sequentially assigned from the number 1 to q in the table T according to the size of m. According to the cosine similarity calculation formula,andthe attribute similarity calculation formula of (2) is as follows:
according to the property of cosine similarity, the closer the calculated attribute similarity is to 1, the closer the included angle is to 0 degree, namely the more similar the two texts are. Taking file A as an example, the vector is obtained from table TDeriving vectors from File AComputingAndgenus ofThe similarity is:
let FAViFor the value of the attribute value of the file, the initial value is set to 0, and P ═ P1,p2,...,pkIs a cache file FiSet of attribute values of, SizeiPresentation document FiThe FAV is obtained by combining the traditional strategy of SIZE algorithmiThe calculation formula of (a) is as follows:
in the process of cache replacement, the attribute value values of the files in the cache and the new files to be replaced are respectively calculated to replace FAViThe file with the smallest value.
The experimental comparison results of the present invention with other cache replacement algorithms are shown in fig. 4 and 5, it can be seen from fig. 4 and 5 that the hit rate and byte hit rate of the encrypted file of the MAV algorithm proposed herein are higher than those of the L RU algorithm and the SIZE algorithm, and slightly lower than those of the L FU algorithm when the cache SIZE is less than 20%, and the hit rate of the encrypted file of the MAV algorithm is higher than those of the other three algorithms when the cache SIZE is greater than 20%.
Claims (1)
1. A cache replacement method based on a CP-ABE attribute access mechanism is characterized by comprising the following specific steps:
(1) establishing an attribute table T in combination with an access strategy of the encrypted file, and counting attribute value information;
(2) according to the table T, calculating the attribute similarity of the encrypted file by using the text similarity in data mining;
(3) calculating the attribute value of the file according to the attribute similarity and the file size, and replacing the cache file with the minimum file attribute value; wherein:
the establishing of the attribute table T specifically includes:
(1) set attribute tableT, capacity C, A ═ a1,a2,...,aqThe attribute set in the table T is divided into three columns, which are respectively recorded as: sequence number, attribute value and attribute value number;
(2) arranging the attribute values in the table T according to the accessed time of the file containing the attribute values and the principle that the most recently used attribute values are arranged at the top;
(3) when a file in the cache is replaced, the number of the attribute values of the replaced file in the table T is reduced, and when the number of certain attributes is reduced to 0, the attribute values are deleted from the table T; when a new file is replaced in the cache, the number of attribute values of the new file is increased in the table T, and the arrangement sequence of attributes in the table T is changed according to new access time;
the method for calculating the attribute similarity of the encrypted file by using the text similarity in data mining comprises the following specific calculation formula:
wherein the content of the first and second substances,is an attribute frequency vector, xi,yiThe attribute weight is regarded as the key word, the number of the attribute values is used as the weight of the attribute, thereby obtaining the attribute frequency vectorThe attribute value in the access strategy of the encrypted file is regarded as a keyword, the number of the attribute values is calculated and used as the weight of the attribute, and another attribute frequency vector is obtainedThe attribute value of the file is calculated according to the attribute similarity and the file size, and the specific calculation formula is as follows:
wherein, FAViFor the value of the attribute value of the file, SizeiPresentation document FiThe size of (d); in the process of cache replacement, the attribute value values of the files in the cache and the new files to be replaced are respectively calculated to replace FAViThe file with the smallest value.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710535708.0A CN107329911B (en) | 2017-07-04 | 2017-07-04 | Cache replacement method based on CP-ABE attribute access mechanism |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710535708.0A CN107329911B (en) | 2017-07-04 | 2017-07-04 | Cache replacement method based on CP-ABE attribute access mechanism |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107329911A CN107329911A (en) | 2017-11-07 |
CN107329911B true CN107329911B (en) | 2020-07-28 |
Family
ID=60198079
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710535708.0A Active CN107329911B (en) | 2017-07-04 | 2017-07-04 | Cache replacement method based on CP-ABE attribute access mechanism |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107329911B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110008190B (en) * | 2019-03-21 | 2020-11-17 | 武汉理工大学 | Periodic small file cache replacement method |
CN110363015A (en) * | 2019-07-10 | 2019-10-22 | 华东师范大学 | A kind of construction method of the markov Prefetching Model based on user property classification |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5481691A (en) * | 1991-04-22 | 1996-01-02 | International Business Machines Corporation | Cache page replacement using sequential LIFO and non-sequential LRU cast out |
CN1485744A (en) * | 2002-08-13 | 2004-03-31 | �Ҵ���˾ | Data processing device and electronic equipment |
CN101395586A (en) * | 2006-03-02 | 2009-03-25 | Nxp股份有限公司 | Method and apparatus for dynamic resizing of cache partitions based on the execution phase of tasks |
CN101630291A (en) * | 2009-08-03 | 2010-01-20 | 中国科学院计算技术研究所 | Virtual memory system and method thereof |
CN103593476A (en) * | 2013-11-28 | 2014-02-19 | 中国科学院信息工程研究所 | Multi-keyword plaintext and ciphertext retrieving method and device oriented to cloud storage |
CN104025059A (en) * | 2011-10-31 | 2014-09-03 | 国际商业机器公司 | Method and system for selective space reclamation of data storage memory employing heat and relocation metrics |
CN105530303A (en) * | 2015-12-15 | 2016-04-27 | 南京信息工程大学 | Linear network cache substitution method |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8972407B2 (en) * | 2007-05-30 | 2015-03-03 | International Business Machines Corporation | Information processing method for determining weight of each feature in subjective hierarchical clustering |
-
2017
- 2017-07-04 CN CN201710535708.0A patent/CN107329911B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5481691A (en) * | 1991-04-22 | 1996-01-02 | International Business Machines Corporation | Cache page replacement using sequential LIFO and non-sequential LRU cast out |
CN1485744A (en) * | 2002-08-13 | 2004-03-31 | �Ҵ���˾ | Data processing device and electronic equipment |
CN101395586A (en) * | 2006-03-02 | 2009-03-25 | Nxp股份有限公司 | Method and apparatus for dynamic resizing of cache partitions based on the execution phase of tasks |
CN101630291A (en) * | 2009-08-03 | 2010-01-20 | 中国科学院计算技术研究所 | Virtual memory system and method thereof |
CN104025059A (en) * | 2011-10-31 | 2014-09-03 | 国际商业机器公司 | Method and system for selective space reclamation of data storage memory employing heat and relocation metrics |
CN103593476A (en) * | 2013-11-28 | 2014-02-19 | 中国科学院信息工程研究所 | Multi-keyword plaintext and ciphertext retrieving method and device oriented to cloud storage |
CN105530303A (en) * | 2015-12-15 | 2016-04-27 | 南京信息工程大学 | Linear network cache substitution method |
Non-Patent Citations (2)
Title |
---|
《An Efficient Access Control Optimizing Technique Based on Local Agency in Cryptographic Cloud Storage》;Shidong Zhu等;《ICCCS 2015: Cloud Computing and Security》;20160105;全文 * |
《基于PageRank的缓存替换策略基于PageRank的缓存替换策略》;肖敬伟;《信息技术》;20160625(第6期);全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN107329911A (en) | 2017-11-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Li et al. | Efficient multi-keyword ranked query over encrypted data in cloud computing | |
CN106803784B (en) | Lattice-based multi-user fuzzy searchable encryption method in secure multimedia cloud storage | |
Yuan et al. | SEISA: Secure and efficient encrypted image search with access control | |
US8832427B2 (en) | Range-based queries for searchable symmetric encryption | |
US8898478B2 (en) | Method for querying data in privacy preserving manner using attributes | |
Rashid et al. | A secure data deduplication framework for cloud environments | |
CN106610995B (en) | Method, device and system for creating ciphertext index | |
CN109361644B (en) | Fuzzy attribute based encryption method supporting rapid search and decryption | |
CN111026788A (en) | Homomorphic encryption-based multi-keyword ciphertext sorting and retrieving method in hybrid cloud | |
US8769302B2 (en) | Encrypting data and characterization data that describes valid contents of a column | |
CN104967693A (en) | Document similarity calculation method facing cloud storage based on fully homomorphic password technology | |
CN110866135B (en) | Response length hiding-based k-NN image retrieval method and system | |
Zhang et al. | PRMS: A personalized mobile search over encrypted outsourced data | |
Chen et al. | DMRS: an efficient dynamic multi-keyword ranked search over encrypted cloud data | |
CN112332979B (en) | Ciphertext search method, system and equipment in cloud computing environment | |
CN107329911B (en) | Cache replacement method based on CP-ABE attribute access mechanism | |
Gao et al. | Secure data deduplication for Internet-of-things sensor networks based on threshold dynamic adjustment | |
Sreelatha et al. | Integrity and memory consumption aware electronic health record handling in cloud | |
Rasina Begum et al. | SEEDDUP: a three-tier SEcurE data DedUPlication architecture-based storage and retrieval for cross-domains over cloud | |
US11461551B1 (en) | Secure word search | |
Zhang et al. | Efficient personalized search over encrypted data for mobile edge-assisted cloud storage | |
Lam et al. | Gpu-based private information retrieval for on-device machine learning inference | |
Rajkumar et al. | Fuzzy-Dedup: A secure deduplication model using cosine based Fuzzy interference system in cloud application | |
Zheng et al. | An efficient multikeyword fuzzy ciphertext retrieval scheme based on distributed transmission for Internet of Things | |
CN115310125A (en) | Encrypted data retrieval system, method, computer equipment and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |