CN108111540B - Hierarchical access control system and method supporting data sharing in cloud storage - Google Patents

Hierarchical access control system and method supporting data sharing in cloud storage Download PDF

Info

Publication number
CN108111540B
CN108111540B CN201810091589.9A CN201810091589A CN108111540B CN 108111540 B CN108111540 B CN 108111540B CN 201810091589 A CN201810091589 A CN 201810091589A CN 108111540 B CN108111540 B CN 108111540B
Authority
CN
China
Prior art keywords
user
user group
key
group
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810091589.9A
Other languages
Chinese (zh)
Other versions
CN108111540A (en
Inventor
陈晓峰
邱震尧
张志为
陶晓玲
王勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201810091589.9A priority Critical patent/CN108111540B/en
Publication of CN108111540A publication Critical patent/CN108111540A/en
Application granted granted Critical
Publication of CN108111540B publication Critical patent/CN108111540B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention belongs to the technical field of protecting data access through a platform, and discloses a hierarchical access control system and a method for supporting data sharing in cloud storage, wherein the hierarchical access control system comprises the following steps: the trusted authorization center generates system secret information and public information and discloses the system public information to the user; the trusted authorization center generates a key of each user group based on a key aggregation method according to the user group hierarchical structure and distributes the key to all corresponding users; the user encrypts data to be shared by using system public information of any target user group, and uploads and stores the data to the cloud server; a legal user acquires ciphertext data stored in the cloud server and decrypts the data by using a user group key; when the access right of a certain user needs to be revoked, the trusted authorization center and the cloud server perform system updating and re-encryption processes. The invention realizes the layered access control which supports flexible data safety sharing and does not need a key derivation process under a public key cryptosystem facing to a cloud storage environment.

Description

Hierarchical access control system and method supporting data sharing in cloud storage
Technical Field
The invention belongs to the technical field of data access protection through a platform, and particularly relates to a hierarchical access control system and method supporting data sharing in cloud storage.
Background
Currently, the current state of the art commonly used in the industry is such that:cloud computing is a new computing mode, and is based on a dynamic scalable virtualization technology, computing is used as a resource, and on-demand computing services are provided for users with limited resources through the internet. As the amount of data in a network space grows explosively, the problem of storing data becomes increasingly problematic. The cloud storage service is an extension of the cloud computing technology and provides an outsourcing storage solution for data. The cloud service provider provides data storage resources and related management services to the user by using the cloud storage server. The user pays a certain feeAnd purchasing a storage service and outsourcing and storing the related data on the cloud server. Compared with the mode that an organization or an individual user deploys storage equipment and management software, the outsourcing storage mode has the advantages of low cost, selection as required, convenience in management, everywhere access and the like. However, the outsourced storage data of the user may contain sensitive information, such as government confidential documents, business data of enterprises, personal medical information, and the like, so that the cloud storage mode brings convenience to the user and also brings security threats to the data stored in the cloud of the user. Once the user uploads the data to the cloud server, the user can only access and process the outsourced storage data in a remote operation mode. Thus, the user is likely to lose the discretion of outsourcing the storage data. In addition, in addition to malicious attackers, the cloud service provider may be motivated to operate in a semi-trusted mode by interests, that is, the cloud service provider strictly executes the provisions of the protocol, but maximally acquires the private information of the user through interaction with the user. Therefore, a user should encrypt data and store the data in a form of a ciphertext on a cloud server to ensure that data information is not leaked to an unauthorized user, and how to ensure that a plurality of users perform secure sharing and access control of the data in a cloud storage mode becomes an urgent problem to be solved. The existing cloud storage data security sharing and access control scheme is generally based on an attribute-based encryption (ABE) technology, namely, a group of specific attributes are distributed to users according to the identities of the users, different access control strategies are formulated for file data with different access authority requirements, and only the users with the attributes meeting the requirements of the file access control strategies can decrypt files. However, in some common cloud storage reality application scenarios, such as an enterprise cloud, a government affairs cloud, and the like, users are organized in a hierarchical structure, that is, different users belong to different user groups, and the user groups have a hierarchical relationship, a high-level user has an authority to access data of its subordinate user, and a low-level user cannot access data of a high-level user. Aiming at the problem of data access control in a layered scene, a solution based on cryptography is firstly provided, and the hierarchical structure among user sets is describedThe partial order set relation among the security classes is described, a hierarchical key management scheme for preventing collusion is provided based on a symmetric cryptosystem by utilizing a plurality of theorems in number theory, but the scheme has the problem that the size of a key is rapidly increased along with the increase of the breadth and the depth of a user hierarchical structure, and is not suitable for being expanded into a large-scale complex structure. A hierarchical access control implementation scheme under a tree structure is provided based on a one-way function idea, and different users in the scheme have a single key with a fixed size. Later, a multi-user security access control scheme for outsourcing data is proposed, the scheme is tree-shaped for the user hierarchy structure type, and a key derivation method based on a one-way function is adopted, so that the defect that each user needs to store a plurality of symmetric encryption keys is overcome. A dynamic grade key management scheme expresses partial order relations among security classes in the form of a directed graph, and a key derivation process from any high-grade class to a next-generation low-grade class is realized by endowing specific public information to nodes and edges in the graph and utilizing a hash function. The current hierarchical access control method is mostly based on a symmetric cryptosystem, and users generally only can possess symmetric keys of the users and subordinate users, so that keys of other users can not be used for encrypting data to be shared, and ciphertext data which can be decrypted by a party can be shared with the users in cloud storage.
In summary, the problems of the prior art are as follows:in the hierarchical access control method based on the symmetric cryptosystem, a user generally cannot share ciphertext data which can be decrypted by the opposite party to any other user, and the method is not suitable for a secure cloud storage data sharing scene.
The difficulty and significance for solving the technical problems are as follows:how to apply and improve the cryptology method under the public key cryptosystem to realize the level key management in the user hierarchical application scene is a difficult point for solving the technical problems, and the flexible data sharing facing to users of any hierarchy under the cloud storage environment and the hierarchical access control without the key derivation process can be realized.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides a hierarchical access control system and a hierarchical access control method for supporting data sharing in cloud storage.
The invention is realized in such a way that a hierarchical access control method supporting data sharing in cloud storage comprises the following steps: the trusted authorization center generates system secret information and public information and discloses the system public information to the user; the trusted authorization center generates a key of each user group based on a key aggregation method according to the user group hierarchical structure and distributes the key to all corresponding users; the user encrypts data to be shared by using system public information of any target user group, and uploads and stores the data to the cloud server; a legal user acquires ciphertext data stored in the cloud server and decrypts the data by using a user group key; when the access right of a certain user needs to be revoked, the trusted authorization center and the cloud server perform system updating and re-encryption processes.
Further, the hierarchical access control method supporting data sharing in cloud storage comprises the following steps:
(1) trusted authority operating system establishment algorithm Setup (1)λG), input of safety parameters 1λAnd a user group hierarchy G for generating random numbers α not exposed to the outside and system parameters [ gamma ] representing n user groups not exposed to the outsideiIdentity of n user groups { id }iThe public matrix M and the system public parameter param, and the public user group identity (id)iThe common matrix M and the system common parameter param;
(2) the trusted authority generates and distributes keys for each user group in the system, runs a key generation algorithm KeyGen (G, param, i, gamma)i) Inputting user group hierarchy G, system public parameter param, user group serial number i of key to be distributed and corresponding system parameter gammaiGenerating a secret key K of a user group iiAnd distributing to all users in the user group i;
(3) when any user wants to share the file DataFile to the target user group k, a symmetric encryption key DEK is randomly generated by adopting a mixed encryption method, and the file is symmetrically addedThe cipher algorithm is encrypted as { DataFile }DEKRunning the encryption algorithm Encrypt (param, DEK, k, id)k) Inputting system public parameter param, symmetric encryption key DEK of file to be shared, target user group serial number k and identity id thereofkTo obtain a ciphertext CDEKAnd the ciphertext header (k, C)DEK) And ciphertext body { DataFile }DEKUploading and storing the data to a cloud server;
(4) a user u in the user group i obtains a ciphertext header (k, C) of a target user group k from the cloud serverDEK) And ciphertext body { DataFile }DEKRunning the decryption algorithm Decrypt (G, M, param, i, K)i,(k,CDEK) Input user group hierarchy G, public matrix M, system public parameter param, serial number i of group where user u is located and key K corresponding to serial number iiAnd ciphertext header (k, C)DEK) If the user group k is the user group i and the subordinate group thereof, decrypting to obtain a symmetric key DEK, further decrypting by adopting a symmetric cryptographic algorithm to obtain a DataFile, otherwise, decrypting cannot be carried out;
(5) when a user v in the group l needs to be moved out of the group, i.e. the user no longer has the hierarchical access rights to the group l and its subordinate groups, the trusted authority runs the Update algorithm Update (α, { γ) in the groupi}, param, l) updates the key of the group l in which the revoked user is located and all the subordinate user groups thereof, inputs the random number α which is not disclosed, and the parameter { gamma } which represents the non-disclosure of the n user groupsiThe new public matrix M' and the user group l and all subordinate user groups thereof are generated by the public parameter param of the system and the group serial number l of the user v to be revoked
Figure BDA0001563851910000041
New system parameter [ gamma ]q' } New identity { id, not disclosed to anyoneq' }, new key Kq' } and a re-encrypted token for each user group TKq}, disclose new M' and { idq' }, distributing new K to users in user group l and all subordinate user groups thereofq', and will re-encrypt the token (q, TK)q) Sending the data to a cloud server;
cloud server for each user group involved, namely user group l and all subordinate user groups thereof
Figure BDA0001563851910000042
Respectively running a re-encryption algorithm ReEncrypt ((q, C)DEK),TKq) Inputting the ciphertext header (q, C)DEK) And corresponding re-encrypted token TKqGenerating a new ciphertext header (q, C)DEK') and updates are made in the cloud server.
Further, the specific process of the system establishment algorithm in (1) is as follows:
Setup(1λ,G)→(α,{γi},{idi}, M, param): g ═ (V, E) is a directed acyclic graph representing the hierarchical structure of the user group, where V ═ { SC ═i}1≤i≤nRepresenting a vertex set of n user groups in the system, and E representing a directed edge set of partial order relations among the user groups;
randomly selecting bilinear cyclic groups of order prime p
Figure BDA0001563851910000051
Wherein 2λ≤p≤2λ+1In a group of
Figure BDA0001563851910000052
In the p-order prime field, a generator g is selected
Figure BDA0001563851910000053
The random number α is selected not to be disclosed externally, and is calculated for i 1
Figure BDA0001563851910000054
Setting the system common parameter as param ═ g, g1,...,gn,gn+2,...,g2n);
In the p-th prime domain
Figure BDA0001563851910000055
Wherein n is selected for n user groups in the systemNumber of random numbers [ gamma ]i}1≤i≤nThe identity of each user group i is set as
Figure BDA00015638519100000515
Setting the public matrix as:
Figure BDA0001563851910000056
wherein, if
Figure BDA00015638519100000516
Then order
Figure BDA0001563851910000057
Then
Figure BDA0001563851910000058
Otherwise, let ti,k=0。
Further, the key generation algorithm in (2) specifically includes the following processes:
KeyGen(G,param,i,γi)→Ki: for inclusion of SC in graph GiAnd the user group set of all descendant nodes thereof, all j being such that
Figure BDA00015638519100000517
Order to
Figure BDA0001563851910000059
Computing
Figure BDA00015638519100000510
Is the private key of user group i.
Further, the encryption algorithm in (3) specifically comprises the following steps:
Encrypt(param,m,k,idk)→(k,Cm): k for any message of the target user group
Figure BDA00015638519100000511
In the p-th prime domain
Figure BDA00015638519100000512
In the method, a random number t is selected, and a ciphertext is calculated as
Figure BDA00015638519100000514
Further, the decryption algorithm in (4) specifically includes the following steps:
Decrypt(G,M,param,i,Ki,(k,Cm))→md: if in FIG. G
Figure BDA00015638519100000513
The user in the user group i cannot use the key KiFor ciphertext CmDecrypting and returning to ⊥;
if in FIG. G
Figure BDA00015638519100000518
The user in the user group i can use the key KiAnd (4) decrypting to obtain a plaintext:
Figure BDA0001563851910000061
wherein
Figure BDA0001563851910000062
Can be taken from the common matrix M, return Md
Further, the specific process of updating the algorithm in (5) is as follows:
Figure BDA0001563851910000063
in the p-th prime domain
Figure BDA0001563851910000064
Respectively selecting new random numbers for the user group l to be updated and all subordinate user groups thereof
Figure BDA0001563851910000065
The user group l and the subordinate user groups thereof are updated without being disclosed by any personIs identified as
Figure BDA0001563851910000066
Updating the sum in the common matrix M
Figure BDA0001563851910000067
The related elements generate a new public matrix M', and the private keys of the user group l and the subordinate user groups thereof are recalculated
Figure BDA0001563851910000068
Wherein
Figure BDA0001563851910000069
Generating a re-encrypted token
Figure BDA00015638519100000610
Further, the specific process of the re-encryption algorithm in (5) is as follows:
ReEncrypt((q,Cm),TKq)→(q,Cm'): using re-encrypted tokens
Figure BDA00015638519100000611
All the cryptographs of the user group q to be updated
Figure BDA00015638519100000612
In (1)
Figure BDA00015638519100000613
Is updated to
Figure BDA00015638519100000614
Obtain new cipher text
Figure BDA00015638519100000615
Another object of the present invention is to provide a hierarchical access control system supporting data sharing in cloud storage, in which the hierarchical access control method supporting data sharing in cloud storage includes:
the trusted authorization center module is connected with the hierarchical user group module and the cloud server module, and is used for generating system information and keys of all user groups in the hierarchical user group module, generating a re-encryption token and re-encrypting data by the cloud server module;
the hierarchical user group module is connected with the trusted authorization center module and the cloud server module, and is used for encrypting the local data to be shared and storing the encrypted data in the cloud, acquiring ciphertext data stored in the cloud server module, and submitting a management task of the data to the cloud server module;
and the cloud server module is connected with the trusted authorization center module and the layered user group module and is used for providing data outsourcing storage and ciphertext data re-encryption service to replace a user to store and manage data.
The invention also aims to provide a cloud storage service system applying the hierarchical access control method supporting data sharing in the cloud storage.
In summary, the advantages and positive effects of the invention are: the invention realizes the layered access control under the public key cryptosystem based on the key aggregation method, and can realize the decryption of the data of the user group where the user is located and the subordinate user group only by distributing a single key with a fixed length to the user. Meanwhile, the user can share the ciphertext data which can be decrypted by the other party to the user group of any level, the data to be shared does not need to be encrypted by using a secret key of the other party, and the method is suitable for a safe sharing scene of the cloud storage data. In addition, the decryption process of the invention does not need a key derivation step, and the user can directly use the key of the user group to decrypt the ciphertext data of the subordinate user group. In addition, the invention also supports local key updating and cloud server entrusted re-encryption, namely in the user revocation process, only the keys of the group where the revoked user is located and the subordinate groups thereof are needed to be updated and the cloud server is entrusted to re-encrypt the data of the user groups, and other user groups are not influenced.
The technical effect achieved by the present invention is shown in table 1 in comparison with the prior art.
TABLE 1
Figure BDA0001563851910000071
Drawings
Fig. 1 is a flowchart of a hierarchical access control method for supporting data sharing in cloud storage according to an embodiment of the present invention.
Fig. 2 is a schematic structural diagram of a hierarchical access control system supporting data sharing in cloud storage according to an embodiment of the present invention;
in the figure: 1. a trusted authority module; 2. a hierarchical user group module; 3. and a cloud server module.
Fig. 3 is a block diagram of a hierarchical access control system supporting data sharing in cloud storage according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The invention realizes the layered access control under the public key cryptosystem based on the key aggregation method, and can realize the decryption of the data of the user group where the user is located and the subordinate user group only by distributing a single key with a fixed length to the user.
As shown in fig. 1, a hierarchical access control method for supporting data sharing in cloud storage according to an embodiment of the present invention includes the following steps:
s101: initializing a system: the trusted authorization center generates system secret information and public information and discloses the system public information to the user;
s102: and (3) distributing the hierarchical key: the trusted authorization center generates a key of each user group based on a key aggregation method according to the user group hierarchical structure and distributes the key to all corresponding users;
s103: and (3) ciphertext data sharing: the user encrypts data to be shared by using system public information of any target user group, and uploads and stores the data to the cloud server;
s104: data decryption: a legal user acquires ciphertext data stored in the cloud server and decrypts the data by using a user group key;
s105: and (3) user revocation: when the access right of a certain user needs to be revoked, the trusted authorization center and the cloud server perform system updating and re-encryption processes.
As shown in fig. 2, the hierarchical access control system supporting data sharing in cloud storage according to an embodiment of the present invention includes: the system comprises a trusted authorization center module 1, a hierarchical user group module 2 and a cloud server module 3.
The trusted authorization center module 1 is connected with the hierarchical user group module 2 and the cloud server module 3, and is used for generating system information and keys of all user groups in the hierarchical user group module 2, and generating a re-encryption token for re-encrypting data by the cloud server module 3;
the hierarchical user group module 2 is connected with the trusted authorization center module 1 and the cloud server module 3, and is used for encrypting the local data to be shared and storing the encrypted data in the cloud, acquiring ciphertext data stored in the cloud server module 3, and submitting a management task of the data to the cloud server module 3;
and the cloud server module 3 is connected with the trusted authorization center module 1 and the layered user group module 2 and is used for providing data outsourcing storage and ciphertext data re-encryption service to replace a user to store and manage data.
The present invention assumes that the cloud server is honest but curious. That is, the cloud server may honestly perform operations such as data storage and re-encryption specified by the protocol, but may attempt to analyze and acquire relevant plaintext information from ciphertext data stored in the cloud server.
The invention discloses a hierarchical access control method supporting data sharing in cloud storage, which mainly realizes the following aims:
flexible data sharing. All users can select any user group in the layered user groups as a target group, encrypt data to be shared, and generate and share ciphertext data which can be decrypted by a counterpart.
And (4) safety. For ciphertext data stored in the cloud server, only users in a corresponding target user group and a subordinate user group can decrypt the ciphertext data, and the cloud server and other users cannot acquire plaintext information of the data.
Dynamic updating is supported. When a user in a user group exits the user group, the trusted authorization center can update the information related to the user group and the subordinate user groups in the system, and entrust the cloud server to re-encrypt the ciphertext data of the related user group, so as to realize forward and backward security.
In the system of the embodiment of the present invention, the cryptographic primitives used by the system are bilinear pairs, which are described in detail as follows:
order to
Figure BDA0001563851910000101
And
Figure BDA0001563851910000102
for two cyclic groups of order prime p,
Figure BDA0001563851910000103
is a mapping having the following properties:
1) bilinear: for arbitrary
Figure BDA0001563851910000104
And
Figure BDA0001563851910000105
are all provided with
Figure BDA0001563851910000106
If true;
2) non-degradability: exist of
Figure BDA0001563851910000107
Satisfies that e (g, g) ≠ 1;
3) calculability: presence of effective calculationMethod of making for arbitrary
Figure BDA0001563851910000108
Can calculate e (g)1,g2)。
Wherein,
Figure BDA0001563851910000109
referred to as a bilinear group. Many types of elliptic curves satisfy the property of bilinear groups.
Hierarchical access control method of the present invention
(1) System initialization
Trusted authority operating system establishment algorithm Setup (1)λG), input of safety parameters 1λAnd a user group hierarchy G for generating random numbers α not exposed to the outside and system parameters [ gamma ] representing n user groups not exposed to the outsideiIdentity of n user groups { id }iThe public matrix M and the system public parameter param, and the public user group identity (id)iThe common matrix M and the system common parameter param;
(2) hierarchical key distribution
The trusted authority generates and distributes keys for each user group in the system, runs a key generation algorithm KeyGen (G, param, i, gamma)i) Inputting user group hierarchy G, system public parameter param, user group serial number i of key to be distributed and corresponding system parameter gammaiGenerating a secret key K of a user group iiAnd distributing to all users in the user group i;
(3) ciphertext data sharing
When any user wants to share a file DataFile with a target user group k, a mixed encryption method is adopted, firstly, a symmetric encryption key DEK is randomly generated, and the file is encrypted into { DataFile }by using a symmetric encryption algorithmDEKThen runs the encryption algorithm Encrypt (param, DEK, k, id)k) Inputting system public parameter param, symmetric encryption key DEK of file to be shared, target user group serial number k and identity id thereofkTo obtain a ciphertext CDEKAnd transmits the ciphertext header (k),CDEK) And ciphertext body { DataFile }DEKUploading and storing the data to a cloud server;
(4) data decryption
A user u in the user group i obtains a ciphertext header (k, C) of a target user group k from the cloud serverDEK) And ciphertext body { DataFile }DEKRunning the decryption algorithm Decrypt (G, M, param, i, K)i,(k,CDEK) Input user group hierarchy G, public matrix M, system public parameter param, serial number i of group where user u is located and key K corresponding to serial number iiAnd ciphertext header (k, C)DEK) If the user group k is the user group i and the subordinate group thereof, decrypting to obtain a symmetric key DEK, further decrypting by adopting a symmetric cryptographic algorithm to obtain a DataFile, otherwise, decrypting cannot be carried out;
(5) user revocation
In a real application scene, the change frequency of the hierarchical structure of the user group is low, such as adding the user group, deleting the user group, adding the hierarchical relationship, deleting the hierarchical relationship and the like, the system initialization and the subsequent steps are considered to be carried out again in the first case, and the processes of updating the hierarchical structure G of the user group, carrying out the key updating and re-encryption of the related user group and the like are considered in the last three cases. The invention mainly considers the more frequent updating condition of revoking a certain user access right in the user group.
When a user v in the group l needs to be moved out of the group, i.e. the user no longer has the hierarchical access rights to the group l and its subordinate groups, the trusted authority runs the Update algorithm Update (α, { γ) in the groupi}, param, l) updates the key of the group l in which the revoked user is located and all the subordinate user groups thereof, inputs the random number α which is not disclosed, and the parameter { gamma } which represents the non-disclosure of the n user groupsiThe new public matrix M' and the user group l and all subordinate user groups thereof are generated by the public parameter param of the system and the group serial number l of the user v to be revoked
Figure BDA0001563851910000111
New system parameter [ gamma ]q' } not to anyPublic, new identity of person { idq' }, new key Kq' } and a re-encrypted token for each user group TKq}, disclose new M' and { idq' }, distributing new K to users in user group l and all subordinate user groups thereofq', and will re-encrypt the token (q, TK)q) Sending the data to a cloud server;
cloud server for each user group involved, namely user group l and all subordinate user groups thereof
Figure BDA0001563851910000121
Respectively running a re-encryption algorithm ReEncrypt ((q, C)DEK),TKq) Inputting the ciphertext header (q, C)DEK) And corresponding re-encrypted token TKqGenerating a new ciphertext header (q, C)DEK') and updates are made in the cloud server.
Detailed description of the algorithms involved in the invention
The hierarchical structure of the user group in the present invention can be composed of a partially ordered set
Figure BDA0001563851910000128
And (4) showing. Here, V ═ { SC1,...,SCnIs the user group set. Element SCiRepresenting an access group consisting of one single user or a plurality of users with equal access rights. Binary relation
Figure BDA0001563851910000129
Representing the hierarchical relationship of the elements in the set V. Symbol
Figure BDA00015638519100001210
Meaning the user group SCjCan access the user group SCiCorresponding data. That is, the user group SCjHigher on the access level than the user group SCi. If it is not
Figure BDA00015638519100001211
And no SC existsk∈ V make
Figure BDA00015638519100001212
If it is true, it is marked as
Figure BDA00015638519100001213
From the point of view of graph theory, any one partially ordered set
Figure BDA00015638519100001214
May be represented as a directed graph G ═ V, E. If SCi,SCj∈ V and satisfies
Figure BDA00015638519100001215
Then there is one slave SC in GjTo SCiThe edge of (2). In the hierarchical access control method of the present invention, a directed acyclic graph is used as a parameter for describing a hierarchical structure of a user group.
1) System establishment algorithm Setup (1)λ,G)→(α,{γi},{idi},M,param):
G ═ (V, E) is a directed acyclic graph representing the hierarchical structure of the user group, where V ═ { SC ═i}1≤i≤nRepresenting a vertex set of n user groups in the system, and E representing a directed edge set of partial order relations among the user groups;
randomly selecting bilinear cyclic groups of order prime p
Figure BDA0001563851910000122
Wherein 2λ≤p≤2λ+1In a group of
Figure BDA0001563851910000123
In the p-order prime field, a generator g is selected
Figure BDA0001563851910000124
The random number α is selected not to be disclosed externally, and is calculated for i 1
Figure BDA0001563851910000125
Setting the system common parameter as param ═ g, g1,...,gn,gn+2,...,g2n);
In the p-th prime domain
Figure BDA0001563851910000126
Wherein n random numbers y are selected for n user groups in the systemi}1≤i≤nThe identity of each user group i is set as
Figure BDA0001563851910000127
Setting the public matrix as:
Figure BDA0001563851910000131
wherein, if
Figure BDA00015638519100001315
Then order
Figure BDA0001563851910000132
Then
Figure BDA0001563851910000133
Otherwise, let ti,k=0;
2) Key Generation Algorithm KeyGen (G, param, i, γ)i)→Ki
For inclusion of SC in graph GiAnd the user group set of all descendant nodes thereof, i.e. all j' s
Figure BDA00015638519100001316
Order to
Figure BDA0001563851910000134
Computing
Figure BDA0001563851910000135
Is the private key of user group i.
3) Encryption algorithm Encrypt (param, m, k, id)k)→(k,Cm):
K for any message of the target user group
Figure BDA0001563851910000136
In the p-th prime domain
Figure BDA0001563851910000137
In the method, a random number t is selected, and a ciphertext is calculated as
Figure BDA00015638519100001314
4) Decryption algorithm Decrypt (G, M, param, i, K)i,(k,Cm))→md
If in FIG. G
Figure BDA0001563851910000138
The user in the user group i cannot use the key KiFor ciphertext CmDecrypting and returning to ⊥;
if in FIG. G
Figure BDA00015638519100001317
The user in the user group i can use the key KiAnd (4) decrypting to obtain a plaintext:
Figure BDA0001563851910000139
wherein
Figure BDA00015638519100001310
Can be taken from the common matrix M, return Md
5) Updating algorithm
Figure BDA00015638519100001311
In the p-th prime domain
Figure BDA00015638519100001312
Respectively selecting new random numbers for the user group l to be updated and all subordinate user groups thereof
Figure BDA00015638519100001313
The identities of the user group l and the subordinate user groups thereof are updated without being disclosed by any person
Figure BDA0001563851910000141
Updating the sum in the common matrix M
Figure BDA0001563851910000142
The related elements generate a new public matrix M', and the private keys of the user group l and the subordinate user groups thereof are recalculated
Figure BDA0001563851910000143
Wherein
Figure BDA0001563851910000144
Generating a re-encrypted token
Figure BDA0001563851910000145
6) Re-encryption algorithm ReEncrypt ((q, C)m),TKq)→(q,Cm′):
Using re-encrypted tokens
Figure BDA0001563851910000146
All the cryptographs of the user group q to be updated
Figure BDA0001563851910000147
In (1)
Figure BDA0001563851910000148
Is updated to
Figure BDA0001563851910000149
Obtain new cipher text
Figure BDA00015638519100001410
Analysis of correctness
The correctness of the data decryption process in the invention can be obtained by the following detailed derivation process:
ciphertext of k for target user group
Figure BDA00015638519100001414
If it is
Figure BDA00015638519100001415
The users in the user group i can use those in the common matrix M
Figure BDA00015638519100001411
And group key
Figure BDA00015638519100001412
And (4) decrypting to obtain a plaintext:
Figure BDA00015638519100001413
the above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (9)

1. A hierarchical access control method supporting data sharing in cloud storage is characterized by comprising the following steps: the trusted authorization center generates system secret information and public information and discloses the system public information to the user; the trusted authorization center generates a key of each user group based on a key aggregation method according to the user group hierarchical structure and distributes the key to all corresponding users; the user encrypts data to be shared by using system public information of any target user group, and uploads and stores the data to the cloud server; a legal user acquires ciphertext data stored in the cloud server and decrypts the data by using a user group key; when the access right of a certain user needs to be revoked, the trusted authorization center and the cloud server perform system updating and re-encryption processes;
the hierarchical access control method supporting data sharing in cloud storage comprises the following steps:
(1) trusted authority operating system establishment algorithm Setup (1)λG), input of safety parameters 1λAnd a user group hierarchy G for generating random numbers α not exposed to the outside and system parameters [ gamma ] representing n user groups not exposed to the outsideiIdentity of n user groups { id }iThe public matrix M and the system public parameter param, and the public user group identity (id)iThe common matrix M and the system common parameter param;
(2) the trusted authority generates and distributes keys for each user group in the system, runs a key generation algorithm KeyGen (G, param, i, gamma)i) Inputting user group hierarchy G, system public parameter param, user group serial number i of key to be distributed and corresponding system parameter gammaiGenerating a secret key K of a user group iiAnd distributing to all users in the user group i;
(3) when any user wants to share the file DataFile with the target user group k, a symmetric encryption key DEK is randomly generated by adopting a hybrid encryption method, and the file is encrypted into { DataFile }by using a symmetric encryption algorithmDEKRunning the encryption algorithm Encrypt (param, DEK, k, id)k) Inputting system public parameter param, symmetric encryption key DEK of file to be shared, target user group serial number k and identity id thereofkTo obtain a ciphertext CDEKAnd the ciphertext header (k, C)DEK) And ciphertext body { DataFile }DEKUploading and storing the data to a cloud server;
(4) a user u in the user group i obtains a ciphertext header (k, C) of a target user group k from the cloud serverDEK) And ciphertext body { DataFile }DEKRunning the decryption algorithm Decrypt (G, M, param, i, K)i,(k,CDEK) Input user group hierarchy G, public matrix M, system public parameter param, serial number i of group where user u is located and key K corresponding to serial number iiAnd ciphertext header (k, C)DEK) If the user group k is the user group i and its subordinate group, the symmetric key DEK can be obtained by decryption, and then the pair is adoptedThe password algorithm is called to decrypt to obtain DataFile, otherwise, the DataFile cannot be decrypted;
(5) when a user v in the group l needs to be moved out of the group, i.e. the user no longer has the hierarchical access rights to the group l and its subordinate groups, the trusted authority runs the Update algorithm Update (α, { γ) in the groupi}, param, l) updates the key of the group l in which the revoked user is located and all the subordinate user groups thereof, inputs the random number α which is not disclosed, and the parameter { gamma } which represents the non-disclosure of the n user groupsiThe new public matrix M' and the user group l and all subordinate user groups thereof are generated by the public parameter param of the system and the group serial number l of the user v to be revoked
Figure FDA0002590761130000021
New system parameter [ gamma ]q' } New identity { id, not disclosed to anyoneq' }, new key Kq' } and a re-encrypted token for each user group TKq}, disclose new M' and { idq' }, distributing new K to users in user group l and all subordinate user groups thereofq', and will re-encrypt the token (q, TK)q) Sending the data to a cloud server;
cloud server for each user group involved, namely user group l and all subordinate user groups thereof
Figure FDA0002590761130000022
Respectively running a re-encryption algorithm ReEncrypt ((q, C)DEK),TKq) Inputting the ciphertext header (q, C)DEK) And corresponding re-encrypted token TKqGenerating a new ciphertext header (q, C)DEK') and updates are made in the cloud server.
2. The layered access control method for supporting data sharing in cloud storage according to claim 1, wherein the specific process of the system establishment algorithm in (1) is as follows:
Setup(1λ,G)→(α,{γi},{idi}, M, param): g ═ V, E is shown in the tableDirected acyclic graph showing a hierarchical structure of user groups, wherein V ═ SCi}1≤i≤nRepresenting a vertex set of n user groups in the system, and E representing a directed edge set of partial order relations among the user groups;
randomly selecting bilinear cyclic groups of order prime p
Figure FDA0002590761130000023
Wherein 2λ≤p≤2λ+1In a group of
Figure FDA0002590761130000024
In the p-order prime field, a generator g is selected
Figure FDA0002590761130000036
The random number α is selected not to be disclosed externally, and is calculated for i 1
Figure FDA0002590761130000037
Setting the system common parameter as param ═ g, g1,...,gn,gn+2,...,g2n);
In the p-th prime domain
Figure FDA0002590761130000038
Wherein n random numbers y are selected for n user groups in the systemi}1≤i≤nThe identity of each user group i is set as
Figure FDA0002590761130000039
Setting the public matrix as:
Figure FDA0002590761130000031
wherein, if
Figure FDA00025907611300000310
Then order
Figure FDA0002590761130000032
Then
Figure FDA0002590761130000033
Otherwise, let ti,k=0。
3. The layered access control method for supporting data sharing in cloud storage according to claim 1, wherein the key generation algorithm in (2) is specifically performed as follows:
KeyGen(G,param,i,γi)→Ki: for inclusion of SC in graph GiAnd the user group set of all descendant nodes thereof, all j being such that
Figure FDA00025907611300000311
Order to
Figure FDA0002590761130000034
Computing
Figure FDA0002590761130000035
Is the private key of user group i.
4. The layered access control method for supporting data sharing in cloud storage according to claim 1, wherein the encryption algorithm in (3) specifically comprises the following processes:
Encrypt(param,m,k,idk)→(k,Cm): k for any message of the target user group
Figure FDA00025907611300000312
In the p-th prime domain
Figure FDA00025907611300000313
In the method, a random number t is selected, and a ciphertext is calculated as
Figure FDA00025907611300000314
5. The layered access control method supporting data sharing in cloud storage according to claim 1, wherein the decryption algorithm in (4) specifically comprises the following processes:
Decrypt(G,M,param,i,Ki,(k,Cm))→md: if in FIG. G
Figure FDA00025907611300000315
The user in the user group i cannot use the key KiFor ciphertext CmDecrypting and returning to ⊥;
if in FIG. G
Figure FDA0002590761130000047
The user in the user group i can use the key KiAnd (4) decrypting to obtain a plaintext:
Figure FDA0002590761130000041
wherein
Figure FDA0002590761130000042
Can be taken from the common matrix M, return Md
6. The layered access control method for supporting data sharing in cloud storage according to claim 1, wherein the specific process of updating the algorithm in (5) is as follows:
Figure FDA0002590761130000048
in the p-th prime domain
Figure FDA0002590761130000049
Respectively selecting new random numbers for the user group l to be updated and all subordinate user groups thereof
Figure FDA00025907611300000410
The identities of the user group l and the subordinate user groups thereof are updated without being disclosed by any person
Figure FDA00025907611300000411
Updating the sum in the common matrix M
Figure FDA00025907611300000412
The related elements generate a new public matrix M', and the private keys of the user group l and the subordinate user groups thereof are recalculated
Figure FDA0002590761130000043
Wherein
Figure FDA0002590761130000044
Generating a re-encrypted token
Figure FDA0002590761130000045
7. The layered access control method for supporting data sharing in cloud storage according to claim 1, wherein the specific process of the re-encryption algorithm in (5) is as follows:
ReEncrypt((q,Cm),TKq)→(q,Cm'): using re-encrypted tokens
Figure FDA0002590761130000046
All the cryptographs of the user group q to be updated
Figure FDA00025907611300000413
In (1)
Figure FDA00025907611300000414
Is updated to
Figure FDA00025907611300000415
Obtain new cipher text
Figure FDA00025907611300000416
8. The hierarchical access control system supporting data sharing in cloud storage according to the hierarchical access control method supporting data sharing in cloud storage of claim 1, wherein the hierarchical access control system supporting data sharing in cloud storage includes:
the trusted authorization center module is connected with the hierarchical user group module and the cloud server module, and is used for generating system information and keys of all user groups in the hierarchical user group module, generating a re-encryption token and re-encrypting data by the cloud server module;
the hierarchical user group module is connected with the trusted authorization center module and the cloud server module, and is used for encrypting the local data to be shared and storing the encrypted data in the cloud, acquiring ciphertext data stored in the cloud server module, and submitting a management task of the data to the cloud server module;
and the cloud server module is connected with the trusted authorization center module and the layered user group module and is used for providing data outsourcing storage and ciphertext data re-encryption service to replace a user to store and manage data.
9. A cloud storage service system applying the hierarchical access control method supporting data sharing in the cloud storage according to any one of claims 1 to 7.
CN201810091589.9A 2018-01-30 2018-01-30 Hierarchical access control system and method supporting data sharing in cloud storage Active CN108111540B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810091589.9A CN108111540B (en) 2018-01-30 2018-01-30 Hierarchical access control system and method supporting data sharing in cloud storage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810091589.9A CN108111540B (en) 2018-01-30 2018-01-30 Hierarchical access control system and method supporting data sharing in cloud storage

Publications (2)

Publication Number Publication Date
CN108111540A CN108111540A (en) 2018-06-01
CN108111540B true CN108111540B (en) 2020-08-28

Family

ID=62220644

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810091589.9A Active CN108111540B (en) 2018-01-30 2018-01-30 Hierarchical access control system and method supporting data sharing in cloud storage

Country Status (1)

Country Link
CN (1) CN108111540B (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109936630B (en) * 2019-02-27 2021-09-28 重庆邮电大学 Distributed service access authorization and access control method based on attribute-based password
CN110012312B (en) * 2019-03-28 2021-09-28 南京信息工程大学 Key management based access control method suitable for pay television system
CN114079877B (en) * 2020-08-13 2023-05-09 如般量子科技有限公司 Group communication method and system based on hierarchical symmetric key pool
CN112035853B (en) * 2020-08-13 2024-07-05 南京育志光科技有限公司 Storage data access control system based on enterprise cloud disk
CN113472835A (en) * 2020-08-17 2021-10-01 青岛海信电子产业控股股份有限公司 Data reading and uploading method and device
CN112187456B (en) * 2020-09-27 2022-09-16 上海万向区块链股份公司 Key hierarchical management and collaborative recovery system and method
US12010226B2 (en) * 2021-03-17 2024-06-11 International Business Machines Corporation Blockchain data segregation
CN113708917B (en) * 2021-08-18 2022-12-09 上海应用技术大学 APP user data access control system and method based on attribute encryption
CN115865953B (en) * 2023-02-17 2023-05-16 广州合利宝支付科技有限公司 Distributed storage system based on cross-border payment
CN117478437B (en) * 2023-12-27 2024-03-01 苏州元脑智能科技有限公司 Data sharing method, device, equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103107992A (en) * 2013-02-04 2013-05-15 杭州师范大学 Multistage authority management method for cloud storage enciphered data sharing
US8862895B2 (en) * 2010-04-27 2014-10-14 Fuji Xerox Co., Ltd. Systems and methods for communication, storage, retrieval, and computation of simple statistics and logical operations on encrypted data
CN104539610A (en) * 2014-12-25 2015-04-22 华中科技大学 Agent re-encryption method for improving outsourced encrypted data sharing function
CN105208007A (en) * 2015-08-26 2015-12-30 中标软件有限公司 Data sharing system
CN106788988A (en) * 2016-11-28 2017-05-31 暨南大学 Voidable key polymerization encryption method under cloud environment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8862895B2 (en) * 2010-04-27 2014-10-14 Fuji Xerox Co., Ltd. Systems and methods for communication, storage, retrieval, and computation of simple statistics and logical operations on encrypted data
CN103107992A (en) * 2013-02-04 2013-05-15 杭州师范大学 Multistage authority management method for cloud storage enciphered data sharing
CN104539610A (en) * 2014-12-25 2015-04-22 华中科技大学 Agent re-encryption method for improving outsourced encrypted data sharing function
CN105208007A (en) * 2015-08-26 2015-12-30 中标软件有限公司 Data sharing system
CN106788988A (en) * 2016-11-28 2017-05-31 暨南大学 Voidable key polymerization encryption method under cloud environment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Cheng-Kang Chu etc..Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage.《IEEE》.2013,全文. *

Also Published As

Publication number Publication date
CN108111540A (en) 2018-06-01

Similar Documents

Publication Publication Date Title
CN108111540B (en) Hierarchical access control system and method supporting data sharing in cloud storage
Zhao et al. Trusted data sharing over untrusted cloud storage providers
Kumar et al. Secure storage and access of data in cloud computing
EP3616384B1 (en) Orthogonal access control for groups via multi-hop transform encryption
US7715565B2 (en) Information-centric security
Samanthula et al. An efficient and secure data sharing framework using homomorphic encryption in the cloud
Kaaniche et al. ID based cryptography for cloud data storage
Sabitha et al. Multi-level on-demand access control for flexible data sharing in cloud
Liu et al. A blockchain-based secure cloud files sharing scheme with fine-grained access control
CN113055164A (en) Cipher text strategy attribute encryption algorithm based on state cipher
Sharma et al. H-IBE: Hybrid-identity based encryption approach for cloud security with outsourced revocation
Shanthi et al. Efficient secure system of data in cloud using steganography based cryptosystem with FSN
Chennam et al. Cloud security in crypt database server using fine grained access control
Thushara et al. A survey on secured data sharing using ciphertext policy attribute based encryption in cloud
Varghese et al. A varied approach to attribute based access model for secure storage in cloud
Verma et al. A hybrid two layer attribute based encryption for privacy preserving in public cloud
SATHEESH et al. A NOVEL HARDWARE PARAMETERS BASED CLOUD DATA ENCRYPTION AND DECRYPTION AGAINST UNAUTHORIZED USERS.
Naik et al. Original Research Article Key management and access control based on combination of cipher text-policy attribute-based encryption with Proxy Re-Encryption for cloud data
Mary Sheeba et al. Hybrid Security for Data in Cloud Computing: A Review
Ghorpade et al. Notice of Violation of IEEE Publication Principles: Towards Achieving Efficient and Secure Way to Share the Data
Kumar et al. Web Application Security on Top of Public Cloud
Rao et al. Application of elliptical curve cryptography in empowering cloud data security
Das Fine‐Grained Access Through Attribute‐Based Encryption for Fog Computing
Baviskar et al. Reliable and Efficient Revocation and Data Sharing using Identity based Encryption over Cloud
Liu et al. A blockchain-based secure data sharing approach with proxy re-encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant