CN108200074A - A kind of logistics big data access control system and method based on encryption attribute - Google Patents
A kind of logistics big data access control system and method based on encryption attribute Download PDFInfo
- Publication number
- CN108200074A CN108200074A CN201810033267.9A CN201810033267A CN108200074A CN 108200074 A CN108200074 A CN 108200074A CN 201810033267 A CN201810033267 A CN 201810033267A CN 108200074 A CN108200074 A CN 108200074A
- Authority
- CN
- China
- Prior art keywords
- key
- data
- logistics
- encryption
- ciphertext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0478—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a kind of logistics big data access control system and method based on encryption attribute, wherein, four entities are included in the system:Trusted authority center, logistics data owner, logistics data visitor, Cloud Server;Access control method includes the following steps:Common parameter initialization, the generation of user's decrypted private key, data encryption and data deciphering.The invention has the beneficial effects that:In the method, logistics data owner oneself oneself will think that logistics information to be sharing is uploaded to Cloud Server, solve the problems, such as how to realize that logistics data is shared between different loglstics enterprises;The method introduces the access control scheme of the encryption attribute based on Ciphertext policy, and the access control to user is also achieved while ensure that data confidentiality.Present invention primarily contemplates the computing cost problems for reducing data owner and data visitor, realize the fine-granularity access control and safety certification of user.
Description
Technical field
The invention belongs to the field of information security technology in big data environment, specially a kind of logistics based on encryption attribute
Big data access control system and method.
Background technology
In recent years, the extensive concern of all circles is received as the big data technology of the important component of information technology, and
It has been widely applied to all directions such as logistics, power grid, electric business, traffic.China Logistics industry achieves winged in recent years
The development of speed, nowadays, using information technology come to promote the fast development of logistic industry be also one of current hot spot direction.Logistics
Big data generally refers mainly to the various information number that article is collected into the process of circulation by internet, Internet of Things and RFID etc.
According to.Logistics information can be shared between different loglstics enterprises to realize that utilizing for data maximizes, is by carrying out data analysis
User provides more reasonable and preferably service.
Cloud computing is a kind of new technique pattern that can provide various data services to the user, by will largely count
Calculate money storage resource, the resources such as software effectively link together calculating, storage and the application service that provides to the user and can determine.But
Logistics information generally comprises the private datas such as customer, enterprise, therefore under cloud computing environment, and the secret protection of logistics data is will
The matter of utmost importance of solution.Encryption system based on attribute is relatively suitably applied the secure access of shared data under cloud computing environment
Control program, many schemes are in terms of access control flexibility, safety and operational efficiency, all in the presence of the ground that can be improved and develop
Side.
Invention content
The purpose of the present invention is to provide a kind of logistics big data access control system and method based on encryption attribute, with
Solve the problems mentioned above in the background art.
To achieve the above object, the present invention provides a kind of logistics big data access control system and side based on encryption attribute
Method, which is characterized in that including four entities:Trusted authorization center, logistics data owner, logistics data visitor, cloud service
Device.
Trusted authorization center (TrustedAuthorization Center, TAC):It is mainly used for the public affairs of generation system
Parameter PK and master key MK altogether, and participate in the negotiation of session key between Cloud Server and user.
Logistics data owner (Logistics Data Owner, LDO):Representative, which possesses, thinks logistics information to be sharing in plain text
User.In this access control method, logistics data owner is not directly to carry out attribute to plaintext using Ciphertext policy to add
It is close, but selected symmetric key carries out symmetric cryptography to data, the access strategy cryptographic symmetrical for then reusing oneself definition is close
Key.
Logistics data visitor (Logistics Data Visitors, LDV):Logistics data visitor can read cloud
Encryption data in storage server, it is then close so as to obtain decrypted symmetric key to TAC by submitting the attribute set of oneself
The private key of text, if the user property of logistics data visitor meets the access strategy that logistics data owner defines, will pass through
The private key decryption of TAC distributions obtains symmetric cryptographic key, it is hereby achieved that in plain text, otherwise will be unable to obtain clear-text message.
Cloud Server (Cloud Storage Provider, CSP):Cloud Server provides logistics data storage and logistics number
According to two class services of management, it is believed that Cloud Server is suspicious but honest, it will honestly perform every appoint according to the rules
Business.
For the system entity of foregoing description, the program comprises the steps of:
A. Setup (1 is initializedk):This part is completed by TAC, the multiplicative cyclic group G that selected order is p and generation member is g0,
Construct Bilinear map e:G0×G0→GT, generate common parameter PK and master key MK.
B. key generation KeyGen (MK, A, u):This algorithm is completed by TAC, generates the decrypted private key of logistics data visitor
And the session key that CSP communicates with user securityWherein MK is system master key, and A represents user property set, u tables
Show system ordinary user.
C. data encryption Encrypt (PK, Km,T,M):This algorithm is performed by data sharing person, and user defines access strategy
T, with common parameter PK, plaintext M, symmetric cryptographic key KmAnd the access strategy T that user formulates is input, LDO uses symmetrical
Encrypted mode carries out symmetric cryptography to the logistics data for wanting to upload, and selects a symmetric cryptographic key K firstmTo data into
Row encryption generates the ciphertext C of plaintext M symmetric cryptographym, by CmAs the object of encryption attribute, after the encryption of ciphertext access strategy
Symmetric key ciphertext Ck, ultimately generate ciphertext C.
D. data re-encryption ReEncrypt (Cm,Ck,G):This algorithm is performed by CSP, and CSP is each set of properties GiWith
Machine selects a re-encrypted private keyAnd re-encryption ciphertext is established for each group of attribute, CSP utilizes the meeting negotiated
Words key pair re-encrypted private key is encrypted, and generates a message header corresponding with the ciphertext
Wherein G represents the attribute of user group.
E. data deciphering Decypt (Ck,A,SK,Km):LDV obtains ciphertext and its corresponding message header Head, LDV profit from CSP
Re-encrypted private key is obtained with session key decryption ciphertextCounterweight encrypted cipher text is decrypted to obtain C firstm, then using pair
Claim key KmDecrypt ciphertext CmObtain plaintext M
Description of the drawings
Fig. 1 is present system frame diagram;
Fig. 2 is the access control flow chart of the present invention;
Fig. 3 is the access-control protocol flow chart of the present invention.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present invention, the technical solution in the embodiment of the present invention is carried out clear, complete
Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, instead of all the embodiments.Based on this
Embodiment in invention, the every other reality that those of ordinary skill in the art are obtained without making creative work
Example is applied, shall fall within the protection scope of the present invention.
Referring to Fig. 1, the present invention provides a kind of logistics big data access control system and method based on encryption attribute, it is
System includes following four entities:
A. trusted authorization center (Trusted Authorization Center, TAC):It is mainly used for generation system
Common parameter PK and master key MK, and participate in the negotiation of session key between Cloud Server and user.
B. logistics data owner (Logistics Data Owner, LDO):Representative, which possesses, thinks that logistics information to be sharing is bright
The user of text.In this access control method, logistics data owner is not directly to carry out attribute to plaintext using Ciphertext policy
Encryption, but selected symmetric key carries out symmetric cryptography to data, then reuses the access strategy cryptographic symmetrical of oneself definition
Key.
C:Logistics data visitor (Logistics Data Visitors, LDV):Logistics data visitor can read
Encryption data on cloud storage service device, then by submitting the attribute set of oneself to TAC so as to obtain decrypted symmetric key
The private key of ciphertext, will be logical if the user property of logistics data visitor meets the access strategy that logistics data owner defines
The private key decryption for crossing TAC distributions obtains symmetric cryptographic key, it is hereby achieved that in plain text, otherwise will be unable to obtain clear-text message.
D:Cloud Server (Cloud Storage Provider, CSP):Cloud Server provides logistics data storage and logistics
Two class service of data management, it is believed that Cloud Server is suspicious but honest, it will honestly perform items according to the rules
Task.
Referring to Fig. 2, the present invention provides a kind of logistics big data access control method and system based on encryption attribute, visit
Ask that control method comprises the following steps:
A. Setup (1 is initializedk):This part is completed by TAC, generates common parameter PK and master key MK.
Specifically, step A further comprises:
A-a:Select multiplicative cyclic group G of the order for element p numbers0, wherein G0A generation member for g, define open mapping H:
{0,1}*→G0;
A-b:Construct Bilinear map e:G0×G0→GT;
A-c:Select random number α, β ∈ Zp, computing system common parameter PK and system master key MK, wherein ZpRepresent mould p's
Integer, specific configuration are as follows:
PK={ G0, g, h=gβ,e(g,g)α, MK={ β, gα}
B. key generation KeyGen (MK, A, u):This algorithm is completed by TAC, generates the decrypted private key of logistics data visitor
And the session key that CSP communicates with user security, wherein MK are system master key, A represents user property set, and u represents system
Unite ordinary user.
Specifically, step B further comprises:
B-a:The generation of user's decrypted private key SK.TAC performs algorithm KeyGen (MK, A, u) and generates logistics data visitor
Decrypted private key SK, trusted authorization center selection r ∈ Zp, and select random number r for attribute i ∈ A each in attribute seti∈
Zp, SK is exported as input parameter, it is specific as follows:
B-b:The generation of session key.In order to ensure user uiSecure communication between CSP, using public encryption system
A session key is negotiated with key agreement protocol
Specifically, step B-b further comprises:
B-b1:CSP by the identity of oneself and access ciphertext user uiIdentity issue TAC, it is specific as follows:
B-b2:TAC sends a public key certificate to CSP, specific as follows:
B-b3:CSP sends a session key to userAnd with the private key SK of oneselfCSPAnd the public key of userIt is encrypted, and ciphertext is issued to user u together with public key certificatei, it is specific as follows:
C. data encryption Encrypt (PK, Km,T,M):This algorithm is performed by data sharing person, with common parameter PK, plaintext
M, symmetric cryptographic key KmAnd the access strategy that user formulates is input, can generate the ciphertext C of plaintext M symmetric cryptography in the processm
And utilize the encrypted symmetric key ciphertext C of ciphertext access strategyk, ultimately generate ciphertext C.
Specifically, step C further comprises:
C-a:User defines the tree-like access structure T of Ciphertext policy, and algorithm needs each node definition to access tree
One multinomial qx, since root node root, the multinomial of each node is generated at random using top-down mode, if
The threshold value for accessing tree construction interior joint x is kx, then the degree d of the nodexIt is set as kx-1。
C-b:Data owner setsRandomly choose drootA node completes multinomial qroot's
Definition for the node x other than root node, sets qx(0)=qparent(x)(index (x)), multinomial others dxEach node according to
It is old that random manner is taken to select.
C-c:LDO carries out symmetric cryptography using the mode of symmetric cryptography to the logistics data for wanting to upload, and first selects one
Symmetric cryptographic key KmData are encrypted, it is specific as follows:
C-d:By KmAs the object of encryption attribute, C is calculatedk, it is specific as follows:
Wherein i represents property element corresponding with leafy node y.
C-e:By CkAnd CmIt is uploaded to Cloud Server.
D. data re-encryption ReEncrypt (Cm,Ck,G):This algorithm is performed by CSP, when the attribute of logistics data owner
When set changes, CSP is needed to CkRe-encryption operation is carried out, wherein G represents the attribute of user group.
Specifically.Step D further comprises:
D-a:CSP is each set of properties GiRandomly choose a re-encrypted private keyAnd it is each group of category
Property establishes re-encryption ciphertext, specific as follows:
D-b:CSP is encrypted re-encrypted private key using the session key of negotiation, and generation one is corresponding with the ciphertext
Message header Head:
E. data deciphering Decypt (Ck,A,SK,Km):Logistics data visitor first obtains ciphertext from cloud server end, then
Perform this operation.
Specifically, step E further comprises:
E-a:LDV obtains ciphertext from CSP and its corresponding message header Head, LDV are weighed using session key decryption ciphertext
Encryption key, i.e.,:
E-b:Define recursive decipherment algorithm DecryptNode (Ck, SK, x), for the leafy node in access strategy,
I=att (x) is defined, for non-leaf nodes x, defines i=index (z), S'x={ index (z):z∈Sx,Specific decryption is as follows:
Wherein z represents the child node of node x.
E-c:Counterweight encrypted cipher text first is decrypted, and then utilizes the symmetric key K obtained in step E-bmDecryption obtains
It obtains in plain text, it is specific as follows:
Claims (7)
1. a kind of logistics big data access control system based on encryption attribute, which is characterized in that including four entities:Trusted
Authorization center, logistics data owner, logistics data visitor, Cloud Server are attached by internet between four entities,
Specially:
A. trusted authorization center Trusted Authorization Center, TAC:For generating the common parameter PK of system
With master key MK, and the negotiation of session key between Cloud Server and user is participated in;
B. logistics data owner Logistics Data Owner, LDO:Represent the use for possessing and thinking logistics information plaintext to be sharing
Family;In this access control method, logistics data owner is not directly to carry out encryption attribute to plaintext using Ciphertext policy, and
It is that selected symmetric key carries out symmetric cryptography to data, then reuses the access strategy encrypted symmetric key of oneself definition;
C:Logistics data visitor Logistics Data Visitors, LDV:Logistics data visitor can read cloud storage
Encryption data on server, then by submitting the attribute set of oneself to TAC so as to obtain decrypted symmetric key ciphertext
Private key if the user property of logistics data visitor meets the access strategy that logistics data owner defines, will pass through TAC points
The private key decryption of hair obtains symmetric cryptographic key, it is hereby achieved that in plain text, otherwise will be unable to obtain clear-text message;
D:Cloud Server Cloud Storage Provider, CSP:Cloud Server provides logistics data storage and logistics data pipe
Manage two class services, it is believed that Cloud Server is suspicious but honest, it will honestly perform each task according to the rules.
2. the method for system according to claim 1, which is characterized in that comprise the steps of:
A. it initializes:Perform Setup (1k), this part is completed by TAC, generates common parameter PK and master key MK;
B. key generates:KeyGen (MK, A, u) is performed, this algorithm is completed by TAC, and the decryption for generating logistics data visitor is private
The session key that key and CSP communicate with user security, wherein MK are system master key, and A represents user property set, and u is represented
System ordinary user;
C. data encryption:Perform Encrypt (PK, Km, T, M), this algorithm is performed by data sharing person, with common parameter PK, plaintext
M, symmetric cryptographic key KmAnd the access strategy that user formulates is input, can generate the ciphertext C of plaintext M symmetric cryptography in the processm
And utilize the encrypted symmetric key ciphertext C of ciphertext access strategyk, ultimately generate ciphertext C;
D. data re-encryption:Perform Re Encrypt (Cm,Ck, G), this algorithm is performed by CSP, when the category of logistics data owner
When property set changes, CSP is needed to CkRe-encryption operation is carried out, wherein G represents the attribute of user group;
E. data deciphering:Perform Decypt (Ck,A,SK,Km), logistics data visitor will hold after obtaining ciphertext from cloud server end
This operation of row.
3. according to the method described in claim 2, it is characterized in that, the step A is further included:
A-a:Select multiplicative cyclic group G of the order for element p numbers0, wherein G0A generation member for g, define open mapping H:{0,1}*
→G0;
A-b:Construct Bilinear map e:G0×G0→GT;
A-c:Select random number α, β ∈ Zp, computing system common parameter PK and system master key MK, wherein ZpRepresent that mould p's is whole
Number, specific configuration are as follows:
PK={ G0, g, h=gβ,e(g,g)α, MK={ β, gα}。
4. according to the method described in claim 2, it is characterized in that, the step B is further included:
B-a:The generation of user's decrypted private key SK;TAC performs the solution that algorithm KeyGen (MK, A, u) generates logistics data visitor
Close private key SK, trusted authorization center selection r ∈ Zp, and select random number r for attribute i ∈ A each in attribute seti∈Zp, with
This exports SK for input parameter, specific as follows:
B-b:The generation of session key.In order to ensure user uiSecure communication between CSP, using public encryption system and close
Key agreement protocol negotiates a session key
5. according to the method described in claim 2, it is characterized in that, the step C is further included:
C-a:User defines the tree-like access structure T of Ciphertext policy, and algorithm needs each node definition one to access tree
Multinomial qx, since root node root, the multinomial of each node is generated at random using top-down mode, if accessed
The threshold value of tree construction interior joint x is kx, then the degree d of the nodexIt is set as kx-1;
C-b:Data owner setsRandomly choose drootA node completes multinomial qrootDefinition,
For the node x other than root node, q is setx(0)=qparent(x)(index (x)), multinomial others dxEach node is still adopted
Random manner is taken to select;
C-c:LDO carries out symmetric cryptography using the mode of symmetric cryptography to the logistics data for wanting to upload, and first selection one is symmetrical
Encryption key KmData are encrypted, it is specific as follows:
C-d:By KmAs the object of encryption attribute, C is calculatedk, it is specific as follows:
Wherein calculating formula att (y) represents property element corresponding with leafy node y;
C-e:By CkAnd CmIt is uploaded to Cloud Server.
6. according to the method described in claim 2, it is characterized in that, the step D is further included:
D-a:CSP is each set of properties GiRandomly choose a re-encrypted private keyAnd it is built for each group of attribute
Vertical re-encryption ciphertext, it is specific as follows:
D-b:CSP is encrypted re-encrypted private key using the session key of negotiation, and generates one and corresponding with the ciphertext disappear
Cease head Head:
7. according to the method described in claim 2, it is characterized in that, the step E is further included:
E-a:LDV obtains ciphertext from CSP and its corresponding message header Head, LDV obtain re-encryption using session key decryption ciphertext
Key, i.e.,:
E-b:Define recursive decipherment algorithm DecryptNode (Ck, SK, x), for the leafy node in access strategy, define i
=att (x) for non-leaf nodes x, defines i=index (z), S'x={ index (z):z∈Sx,Specific decryption is as follows:
Wherein z represents the child node of node x;
E-c:Counterweight encrypted cipher text first is decrypted, and then utilizes the symmetric key K obtained in step E-bmDecryption obtains bright
Text, it is specific as follows:
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810033267.9A CN108200074A (en) | 2018-01-14 | 2018-01-14 | A kind of logistics big data access control system and method based on encryption attribute |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810033267.9A CN108200074A (en) | 2018-01-14 | 2018-01-14 | A kind of logistics big data access control system and method based on encryption attribute |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108200074A true CN108200074A (en) | 2018-06-22 |
Family
ID=62589103
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810033267.9A Pending CN108200074A (en) | 2018-01-14 | 2018-01-14 | A kind of logistics big data access control system and method based on encryption attribute |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108200074A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109831444A (en) * | 2019-02-28 | 2019-05-31 | 南京邮电大学 | A kind of encryption attribute cloud storage access control method based on agency |
CN113411323A (en) * | 2021-06-16 | 2021-09-17 | 上海应用技术大学 | Medical record data access control system and method based on attribute encryption |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102916954A (en) * | 2012-10-15 | 2013-02-06 | 南京邮电大学 | Attribute-based encryption cloud computing safety access control method |
CN103220291A (en) * | 2013-04-09 | 2013-07-24 | 电子科技大学 | Access control method base on attribute encryption algorithm |
CN104584509A (en) * | 2014-12-31 | 2015-04-29 | 深圳大学 | An access control method, a device and a system for shared data |
CN108200066A (en) * | 2018-01-04 | 2018-06-22 | 南京邮电大学 | A kind of logistics big data access control system and method based on encryption attribute |
-
2018
- 2018-01-14 CN CN201810033267.9A patent/CN108200074A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102916954A (en) * | 2012-10-15 | 2013-02-06 | 南京邮电大学 | Attribute-based encryption cloud computing safety access control method |
CN103220291A (en) * | 2013-04-09 | 2013-07-24 | 电子科技大学 | Access control method base on attribute encryption algorithm |
CN104584509A (en) * | 2014-12-31 | 2015-04-29 | 深圳大学 | An access control method, a device and a system for shared data |
CN108200066A (en) * | 2018-01-04 | 2018-06-22 | 南京邮电大学 | A kind of logistics big data access control system and method based on encryption attribute |
Non-Patent Citations (1)
Title |
---|
余家福: "基于属性加密的云存储数据访问控制研究", 《中国优秀硕士学位论文全文数据库》 * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109831444A (en) * | 2019-02-28 | 2019-05-31 | 南京邮电大学 | A kind of encryption attribute cloud storage access control method based on agency |
CN113411323A (en) * | 2021-06-16 | 2021-09-17 | 上海应用技术大学 | Medical record data access control system and method based on attribute encryption |
CN113411323B (en) * | 2021-06-16 | 2022-09-30 | 上海应用技术大学 | Medical record data access control system and method based on attribute encryption |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US12086799B2 (en) | Method and system for zero-knowledge and identity based key management for decentralized applications | |
CN108200066A (en) | A kind of logistics big data access control system and method based on encryption attribute | |
CN104486307B (en) | A kind of fraction key management method based on homomorphic cryptography | |
CN104079574B (en) | User privacy protection method based on attribute and homomorphism mixed encryption under cloud environment | |
CN105991278B (en) | A kind of ciphertext access control method based on CP-ABE | |
CN103618728B (en) | A kind of encryption attribute method at more mechanism centers | |
CN103959735B (en) | For providing the system and method communicated in safe multicasting cluster | |
Huang et al. | Blockchain-assisted transparent cross-domain authorization and authentication for smart city | |
Zhang et al. | Feacs: A flexible and efficient access control scheme for cloud computing | |
CN107864040A (en) | A kind of intelligent grid big data information management system based on safe cloud computing | |
Sethia et al. | CP-ABE for selective access with scalable revocation: A case study for mobile-based healthfolder. | |
Zhang et al. | A secure revocable fine-grained access control and data sharing scheme for SCADA in IIoT systems | |
CN114697042A (en) | Block chain-based Internet of things security data sharing proxy re-encryption method | |
CN105790929B (en) | Access control method in a kind of encryption environment that rule-based redundancy is eliminated | |
Almuzaini et al. | Key Aggregation Cryptosystem and Double Encryption Method for Cloud‐Based Intelligent Machine Learning Techniques‐Based Health Monitoring Systems | |
CN108200074A (en) | A kind of logistics big data access control system and method based on encryption attribute | |
Aluvalu et al. | A novel and secure approach for quantum key distribution in a cloud computing environment | |
Manjusha et al. | Comparative study of attribute based encryption techniques in cloud computing | |
CN110492997A (en) | A kind of encryption system based on super account book, method, apparatus and storage medium | |
Kaur et al. | Authentication and context awareness access control in Internet of Things: A review | |
Fan et al. | EIV-BT-ABE: Efficient Attribute-Based Encryption With Black-Box Traceability Based On Encrypted Identity Vector | |
Zhao et al. | Research on digital identity technology and application based on identification code and trusted account blockchain fusion | |
Vishnukumar et al. | Scalable Access Control in Cloud Computing Using Hierarchical Attribute Set Based Encryption (HASBE) | |
Sathana et al. | Three level security system for dynamic group in cloud | |
Divya et al. | Secure Data Sharing in Cloud Environment Using Multi Authority Attribute Based Encryption |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20180622 |
|
WD01 | Invention patent application deemed withdrawn after publication |