CN108200074A - A kind of logistics big data access control system and method based on encryption attribute - Google Patents

A kind of logistics big data access control system and method based on encryption attribute Download PDF

Info

Publication number
CN108200074A
CN108200074A CN201810033267.9A CN201810033267A CN108200074A CN 108200074 A CN108200074 A CN 108200074A CN 201810033267 A CN201810033267 A CN 201810033267A CN 108200074 A CN108200074 A CN 108200074A
Authority
CN
China
Prior art keywords
key
data
logistics
encryption
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810033267.9A
Other languages
Chinese (zh)
Inventor
王海勇
彭垚
丁越
郭凯璇
潘启青
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Post and Telecommunication University
Nanjing University of Posts and Telecommunications
Original Assignee
Nanjing Post and Telecommunication University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Post and Telecommunication University filed Critical Nanjing Post and Telecommunication University
Priority to CN201810033267.9A priority Critical patent/CN108200074A/en
Publication of CN108200074A publication Critical patent/CN108200074A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a kind of logistics big data access control system and method based on encryption attribute, wherein, four entities are included in the system:Trusted authority center, logistics data owner, logistics data visitor, Cloud Server;Access control method includes the following steps:Common parameter initialization, the generation of user's decrypted private key, data encryption and data deciphering.The invention has the beneficial effects that:In the method, logistics data owner oneself oneself will think that logistics information to be sharing is uploaded to Cloud Server, solve the problems, such as how to realize that logistics data is shared between different loglstics enterprises;The method introduces the access control scheme of the encryption attribute based on Ciphertext policy, and the access control to user is also achieved while ensure that data confidentiality.Present invention primarily contemplates the computing cost problems for reducing data owner and data visitor, realize the fine-granularity access control and safety certification of user.

Description

A kind of logistics big data access control system and method based on encryption attribute
Technical field
The invention belongs to the field of information security technology in big data environment, specially a kind of logistics based on encryption attribute Big data access control system and method.
Background technology
In recent years, the extensive concern of all circles is received as the big data technology of the important component of information technology, and It has been widely applied to all directions such as logistics, power grid, electric business, traffic.China Logistics industry achieves winged in recent years The development of speed, nowadays, using information technology come to promote the fast development of logistic industry be also one of current hot spot direction.Logistics Big data generally refers mainly to the various information number that article is collected into the process of circulation by internet, Internet of Things and RFID etc. According to.Logistics information can be shared between different loglstics enterprises to realize that utilizing for data maximizes, is by carrying out data analysis User provides more reasonable and preferably service.
Cloud computing is a kind of new technique pattern that can provide various data services to the user, by will largely count Calculate money storage resource, the resources such as software effectively link together calculating, storage and the application service that provides to the user and can determine.But Logistics information generally comprises the private datas such as customer, enterprise, therefore under cloud computing environment, and the secret protection of logistics data is will The matter of utmost importance of solution.Encryption system based on attribute is relatively suitably applied the secure access of shared data under cloud computing environment Control program, many schemes are in terms of access control flexibility, safety and operational efficiency, all in the presence of the ground that can be improved and develop Side.
Invention content
The purpose of the present invention is to provide a kind of logistics big data access control system and method based on encryption attribute, with Solve the problems mentioned above in the background art.
To achieve the above object, the present invention provides a kind of logistics big data access control system and side based on encryption attribute Method, which is characterized in that including four entities:Trusted authorization center, logistics data owner, logistics data visitor, cloud service Device.
Trusted authorization center (TrustedAuthorization Center, TAC):It is mainly used for the public affairs of generation system Parameter PK and master key MK altogether, and participate in the negotiation of session key between Cloud Server and user.
Logistics data owner (Logistics Data Owner, LDO):Representative, which possesses, thinks logistics information to be sharing in plain text User.In this access control method, logistics data owner is not directly to carry out attribute to plaintext using Ciphertext policy to add It is close, but selected symmetric key carries out symmetric cryptography to data, the access strategy cryptographic symmetrical for then reusing oneself definition is close Key.
Logistics data visitor (Logistics Data Visitors, LDV):Logistics data visitor can read cloud Encryption data in storage server, it is then close so as to obtain decrypted symmetric key to TAC by submitting the attribute set of oneself The private key of text, if the user property of logistics data visitor meets the access strategy that logistics data owner defines, will pass through The private key decryption of TAC distributions obtains symmetric cryptographic key, it is hereby achieved that in plain text, otherwise will be unable to obtain clear-text message.
Cloud Server (Cloud Storage Provider, CSP):Cloud Server provides logistics data storage and logistics number According to two class services of management, it is believed that Cloud Server is suspicious but honest, it will honestly perform every appoint according to the rules Business.
For the system entity of foregoing description, the program comprises the steps of:
A. Setup (1 is initializedk):This part is completed by TAC, the multiplicative cyclic group G that selected order is p and generation member is g0, Construct Bilinear map e:G0×G0→GT, generate common parameter PK and master key MK.
B. key generation KeyGen (MK, A, u):This algorithm is completed by TAC, generates the decrypted private key of logistics data visitor And the session key that CSP communicates with user securityWherein MK is system master key, and A represents user property set, u tables Show system ordinary user.
C. data encryption Encrypt (PK, Km,T,M):This algorithm is performed by data sharing person, and user defines access strategy T, with common parameter PK, plaintext M, symmetric cryptographic key KmAnd the access strategy T that user formulates is input, LDO uses symmetrical Encrypted mode carries out symmetric cryptography to the logistics data for wanting to upload, and selects a symmetric cryptographic key K firstmTo data into Row encryption generates the ciphertext C of plaintext M symmetric cryptographym, by CmAs the object of encryption attribute, after the encryption of ciphertext access strategy Symmetric key ciphertext Ck, ultimately generate ciphertext C.
D. data re-encryption ReEncrypt (Cm,Ck,G):This algorithm is performed by CSP, and CSP is each set of properties GiWith Machine selects a re-encrypted private keyAnd re-encryption ciphertext is established for each group of attribute, CSP utilizes the meeting negotiated Words key pair re-encrypted private key is encrypted, and generates a message header corresponding with the ciphertext
Wherein G represents the attribute of user group.
E. data deciphering Decypt (Ck,A,SK,Km):LDV obtains ciphertext and its corresponding message header Head, LDV profit from CSP Re-encrypted private key is obtained with session key decryption ciphertextCounterweight encrypted cipher text is decrypted to obtain C firstm, then using pair Claim key KmDecrypt ciphertext CmObtain plaintext M
Description of the drawings
Fig. 1 is present system frame diagram;
Fig. 2 is the access control flow chart of the present invention;
Fig. 3 is the access-control protocol flow chart of the present invention.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present invention, the technical solution in the embodiment of the present invention is carried out clear, complete Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, instead of all the embodiments.Based on this Embodiment in invention, the every other reality that those of ordinary skill in the art are obtained without making creative work Example is applied, shall fall within the protection scope of the present invention.
Referring to Fig. 1, the present invention provides a kind of logistics big data access control system and method based on encryption attribute, it is System includes following four entities:
A. trusted authorization center (Trusted Authorization Center, TAC):It is mainly used for generation system Common parameter PK and master key MK, and participate in the negotiation of session key between Cloud Server and user.
B. logistics data owner (Logistics Data Owner, LDO):Representative, which possesses, thinks that logistics information to be sharing is bright The user of text.In this access control method, logistics data owner is not directly to carry out attribute to plaintext using Ciphertext policy Encryption, but selected symmetric key carries out symmetric cryptography to data, then reuses the access strategy cryptographic symmetrical of oneself definition Key.
C:Logistics data visitor (Logistics Data Visitors, LDV):Logistics data visitor can read Encryption data on cloud storage service device, then by submitting the attribute set of oneself to TAC so as to obtain decrypted symmetric key The private key of ciphertext, will be logical if the user property of logistics data visitor meets the access strategy that logistics data owner defines The private key decryption for crossing TAC distributions obtains symmetric cryptographic key, it is hereby achieved that in plain text, otherwise will be unable to obtain clear-text message.
D:Cloud Server (Cloud Storage Provider, CSP):Cloud Server provides logistics data storage and logistics Two class service of data management, it is believed that Cloud Server is suspicious but honest, it will honestly perform items according to the rules Task.
Referring to Fig. 2, the present invention provides a kind of logistics big data access control method and system based on encryption attribute, visit Ask that control method comprises the following steps:
A. Setup (1 is initializedk):This part is completed by TAC, generates common parameter PK and master key MK.
Specifically, step A further comprises:
A-a:Select multiplicative cyclic group G of the order for element p numbers0, wherein G0A generation member for g, define open mapping H: {0,1}*→G0
A-b:Construct Bilinear map e:G0×G0→GT
A-c:Select random number α, β ∈ Zp, computing system common parameter PK and system master key MK, wherein ZpRepresent mould p's Integer, specific configuration are as follows:
PK={ G0, g, h=gβ,e(g,g)α, MK={ β, gα}
B. key generation KeyGen (MK, A, u):This algorithm is completed by TAC, generates the decrypted private key of logistics data visitor And the session key that CSP communicates with user security, wherein MK are system master key, A represents user property set, and u represents system Unite ordinary user.
Specifically, step B further comprises:
B-a:The generation of user's decrypted private key SK.TAC performs algorithm KeyGen (MK, A, u) and generates logistics data visitor Decrypted private key SK, trusted authorization center selection r ∈ Zp, and select random number r for attribute i ∈ A each in attribute seti∈ Zp, SK is exported as input parameter, it is specific as follows:
B-b:The generation of session key.In order to ensure user uiSecure communication between CSP, using public encryption system A session key is negotiated with key agreement protocol
Specifically, step B-b further comprises:
B-b1:CSP by the identity of oneself and access ciphertext user uiIdentity issue TAC, it is specific as follows:
B-b2:TAC sends a public key certificate to CSP, specific as follows:
B-b3:CSP sends a session key to userAnd with the private key SK of oneselfCSPAnd the public key of userIt is encrypted, and ciphertext is issued to user u together with public key certificatei, it is specific as follows:
C. data encryption Encrypt (PK, Km,T,M):This algorithm is performed by data sharing person, with common parameter PK, plaintext M, symmetric cryptographic key KmAnd the access strategy that user formulates is input, can generate the ciphertext C of plaintext M symmetric cryptography in the processm And utilize the encrypted symmetric key ciphertext C of ciphertext access strategyk, ultimately generate ciphertext C.
Specifically, step C further comprises:
C-a:User defines the tree-like access structure T of Ciphertext policy, and algorithm needs each node definition to access tree One multinomial qx, since root node root, the multinomial of each node is generated at random using top-down mode, if The threshold value for accessing tree construction interior joint x is kx, then the degree d of the nodexIt is set as kx-1。
C-b:Data owner setsRandomly choose drootA node completes multinomial qroot's Definition for the node x other than root node, sets qx(0)=qparent(x)(index (x)), multinomial others dxEach node according to It is old that random manner is taken to select.
C-c:LDO carries out symmetric cryptography using the mode of symmetric cryptography to the logistics data for wanting to upload, and first selects one Symmetric cryptographic key KmData are encrypted, it is specific as follows:
C-d:By KmAs the object of encryption attribute, C is calculatedk, it is specific as follows:
Wherein i represents property element corresponding with leafy node y.
C-e:By CkAnd CmIt is uploaded to Cloud Server.
D. data re-encryption ReEncrypt (Cm,Ck,G):This algorithm is performed by CSP, when the attribute of logistics data owner When set changes, CSP is needed to CkRe-encryption operation is carried out, wherein G represents the attribute of user group.
Specifically.Step D further comprises:
D-a:CSP is each set of properties GiRandomly choose a re-encrypted private keyAnd it is each group of category Property establishes re-encryption ciphertext, specific as follows:
D-b:CSP is encrypted re-encrypted private key using the session key of negotiation, and generation one is corresponding with the ciphertext Message header Head:
E. data deciphering Decypt (Ck,A,SK,Km):Logistics data visitor first obtains ciphertext from cloud server end, then Perform this operation.
Specifically, step E further comprises:
E-a:LDV obtains ciphertext from CSP and its corresponding message header Head, LDV are weighed using session key decryption ciphertext Encryption key, i.e.,:
E-b:Define recursive decipherment algorithm DecryptNode (Ck, SK, x), for the leafy node in access strategy, I=att (x) is defined, for non-leaf nodes x, defines i=index (z), S'x={ index (z):z∈Sx,Specific decryption is as follows:
Wherein z represents the child node of node x.
E-c:Counterweight encrypted cipher text first is decrypted, and then utilizes the symmetric key K obtained in step E-bmDecryption obtains It obtains in plain text, it is specific as follows:

Claims (7)

1. a kind of logistics big data access control system based on encryption attribute, which is characterized in that including four entities:Trusted Authorization center, logistics data owner, logistics data visitor, Cloud Server are attached by internet between four entities, Specially:
A. trusted authorization center Trusted Authorization Center, TAC:For generating the common parameter PK of system With master key MK, and the negotiation of session key between Cloud Server and user is participated in;
B. logistics data owner Logistics Data Owner, LDO:Represent the use for possessing and thinking logistics information plaintext to be sharing Family;In this access control method, logistics data owner is not directly to carry out encryption attribute to plaintext using Ciphertext policy, and It is that selected symmetric key carries out symmetric cryptography to data, then reuses the access strategy encrypted symmetric key of oneself definition;
C:Logistics data visitor Logistics Data Visitors, LDV:Logistics data visitor can read cloud storage Encryption data on server, then by submitting the attribute set of oneself to TAC so as to obtain decrypted symmetric key ciphertext Private key if the user property of logistics data visitor meets the access strategy that logistics data owner defines, will pass through TAC points The private key decryption of hair obtains symmetric cryptographic key, it is hereby achieved that in plain text, otherwise will be unable to obtain clear-text message;
D:Cloud Server Cloud Storage Provider, CSP:Cloud Server provides logistics data storage and logistics data pipe Manage two class services, it is believed that Cloud Server is suspicious but honest, it will honestly perform each task according to the rules.
2. the method for system according to claim 1, which is characterized in that comprise the steps of:
A. it initializes:Perform Setup (1k), this part is completed by TAC, generates common parameter PK and master key MK;
B. key generates:KeyGen (MK, A, u) is performed, this algorithm is completed by TAC, and the decryption for generating logistics data visitor is private The session key that key and CSP communicate with user security, wherein MK are system master key, and A represents user property set, and u is represented System ordinary user;
C. data encryption:Perform Encrypt (PK, Km, T, M), this algorithm is performed by data sharing person, with common parameter PK, plaintext M, symmetric cryptographic key KmAnd the access strategy that user formulates is input, can generate the ciphertext C of plaintext M symmetric cryptography in the processm And utilize the encrypted symmetric key ciphertext C of ciphertext access strategyk, ultimately generate ciphertext C;
D. data re-encryption:Perform Re Encrypt (Cm,Ck, G), this algorithm is performed by CSP, when the category of logistics data owner When property set changes, CSP is needed to CkRe-encryption operation is carried out, wherein G represents the attribute of user group;
E. data deciphering:Perform Decypt (Ck,A,SK,Km), logistics data visitor will hold after obtaining ciphertext from cloud server end This operation of row.
3. according to the method described in claim 2, it is characterized in that, the step A is further included:
A-a:Select multiplicative cyclic group G of the order for element p numbers0, wherein G0A generation member for g, define open mapping H:{0,1}* →G0
A-b:Construct Bilinear map e:G0×G0→GT
A-c:Select random number α, β ∈ Zp, computing system common parameter PK and system master key MK, wherein ZpRepresent that mould p's is whole Number, specific configuration are as follows:
PK={ G0, g, h=gβ,e(g,g)α, MK={ β, gα}。
4. according to the method described in claim 2, it is characterized in that, the step B is further included:
B-a:The generation of user's decrypted private key SK;TAC performs the solution that algorithm KeyGen (MK, A, u) generates logistics data visitor Close private key SK, trusted authorization center selection r ∈ Zp, and select random number r for attribute i ∈ A each in attribute seti∈Zp, with This exports SK for input parameter, specific as follows:
B-b:The generation of session key.In order to ensure user uiSecure communication between CSP, using public encryption system and close Key agreement protocol negotiates a session key
5. according to the method described in claim 2, it is characterized in that, the step C is further included:
C-a:User defines the tree-like access structure T of Ciphertext policy, and algorithm needs each node definition one to access tree Multinomial qx, since root node root, the multinomial of each node is generated at random using top-down mode, if accessed The threshold value of tree construction interior joint x is kx, then the degree d of the nodexIt is set as kx-1;
C-b:Data owner setsRandomly choose drootA node completes multinomial qrootDefinition, For the node x other than root node, q is setx(0)=qparent(x)(index (x)), multinomial others dxEach node is still adopted Random manner is taken to select;
C-c:LDO carries out symmetric cryptography using the mode of symmetric cryptography to the logistics data for wanting to upload, and first selection one is symmetrical Encryption key KmData are encrypted, it is specific as follows:
C-d:By KmAs the object of encryption attribute, C is calculatedk, it is specific as follows:
Wherein calculating formula att (y) represents property element corresponding with leafy node y;
C-e:By CkAnd CmIt is uploaded to Cloud Server.
6. according to the method described in claim 2, it is characterized in that, the step D is further included:
D-a:CSP is each set of properties GiRandomly choose a re-encrypted private keyAnd it is built for each group of attribute Vertical re-encryption ciphertext, it is specific as follows:
D-b:CSP is encrypted re-encrypted private key using the session key of negotiation, and generates one and corresponding with the ciphertext disappear Cease head Head:
7. according to the method described in claim 2, it is characterized in that, the step E is further included:
E-a:LDV obtains ciphertext from CSP and its corresponding message header Head, LDV obtain re-encryption using session key decryption ciphertext Key, i.e.,:
E-b:Define recursive decipherment algorithm DecryptNode (Ck, SK, x), for the leafy node in access strategy, define i =att (x) for non-leaf nodes x, defines i=index (z), S'x={ index (z):z∈Sx,Specific decryption is as follows:
Wherein z represents the child node of node x;
E-c:Counterweight encrypted cipher text first is decrypted, and then utilizes the symmetric key K obtained in step E-bmDecryption obtains bright Text, it is specific as follows:
CN201810033267.9A 2018-01-14 2018-01-14 A kind of logistics big data access control system and method based on encryption attribute Pending CN108200074A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810033267.9A CN108200074A (en) 2018-01-14 2018-01-14 A kind of logistics big data access control system and method based on encryption attribute

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810033267.9A CN108200074A (en) 2018-01-14 2018-01-14 A kind of logistics big data access control system and method based on encryption attribute

Publications (1)

Publication Number Publication Date
CN108200074A true CN108200074A (en) 2018-06-22

Family

ID=62589103

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810033267.9A Pending CN108200074A (en) 2018-01-14 2018-01-14 A kind of logistics big data access control system and method based on encryption attribute

Country Status (1)

Country Link
CN (1) CN108200074A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109831444A (en) * 2019-02-28 2019-05-31 南京邮电大学 A kind of encryption attribute cloud storage access control method based on agency
CN113411323A (en) * 2021-06-16 2021-09-17 上海应用技术大学 Medical record data access control system and method based on attribute encryption

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102916954A (en) * 2012-10-15 2013-02-06 南京邮电大学 Attribute-based encryption cloud computing safety access control method
CN103220291A (en) * 2013-04-09 2013-07-24 电子科技大学 Access control method base on attribute encryption algorithm
CN104584509A (en) * 2014-12-31 2015-04-29 深圳大学 An access control method, a device and a system for shared data
CN108200066A (en) * 2018-01-04 2018-06-22 南京邮电大学 A kind of logistics big data access control system and method based on encryption attribute

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102916954A (en) * 2012-10-15 2013-02-06 南京邮电大学 Attribute-based encryption cloud computing safety access control method
CN103220291A (en) * 2013-04-09 2013-07-24 电子科技大学 Access control method base on attribute encryption algorithm
CN104584509A (en) * 2014-12-31 2015-04-29 深圳大学 An access control method, a device and a system for shared data
CN108200066A (en) * 2018-01-04 2018-06-22 南京邮电大学 A kind of logistics big data access control system and method based on encryption attribute

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
余家福: "基于属性加密的云存储数据访问控制研究", 《中国优秀硕士学位论文全文数据库》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109831444A (en) * 2019-02-28 2019-05-31 南京邮电大学 A kind of encryption attribute cloud storage access control method based on agency
CN113411323A (en) * 2021-06-16 2021-09-17 上海应用技术大学 Medical record data access control system and method based on attribute encryption
CN113411323B (en) * 2021-06-16 2022-09-30 上海应用技术大学 Medical record data access control system and method based on attribute encryption

Similar Documents

Publication Publication Date Title
US12086799B2 (en) Method and system for zero-knowledge and identity based key management for decentralized applications
CN108200066A (en) A kind of logistics big data access control system and method based on encryption attribute
CN104486307B (en) A kind of fraction key management method based on homomorphic cryptography
CN104079574B (en) User privacy protection method based on attribute and homomorphism mixed encryption under cloud environment
CN105991278B (en) A kind of ciphertext access control method based on CP-ABE
CN103618728B (en) A kind of encryption attribute method at more mechanism centers
CN103959735B (en) For providing the system and method communicated in safe multicasting cluster
Huang et al. Blockchain-assisted transparent cross-domain authorization and authentication for smart city
Zhang et al. Feacs: A flexible and efficient access control scheme for cloud computing
CN107864040A (en) A kind of intelligent grid big data information management system based on safe cloud computing
Sethia et al. CP-ABE for selective access with scalable revocation: A case study for mobile-based healthfolder.
Zhang et al. A secure revocable fine-grained access control and data sharing scheme for SCADA in IIoT systems
CN114697042A (en) Block chain-based Internet of things security data sharing proxy re-encryption method
CN105790929B (en) Access control method in a kind of encryption environment that rule-based redundancy is eliminated
Almuzaini et al. Key Aggregation Cryptosystem and Double Encryption Method for Cloud‐Based Intelligent Machine Learning Techniques‐Based Health Monitoring Systems
CN108200074A (en) A kind of logistics big data access control system and method based on encryption attribute
Aluvalu et al. A novel and secure approach for quantum key distribution in a cloud computing environment
Manjusha et al. Comparative study of attribute based encryption techniques in cloud computing
CN110492997A (en) A kind of encryption system based on super account book, method, apparatus and storage medium
Kaur et al. Authentication and context awareness access control in Internet of Things: A review
Fan et al. EIV-BT-ABE: Efficient Attribute-Based Encryption With Black-Box Traceability Based On Encrypted Identity Vector
Zhao et al. Research on digital identity technology and application based on identification code and trusted account blockchain fusion
Vishnukumar et al. Scalable Access Control in Cloud Computing Using Hierarchical Attribute Set Based Encryption (HASBE)
Sathana et al. Three level security system for dynamic group in cloud
Divya et al. Secure Data Sharing in Cloud Environment Using Multi Authority Attribute Based Encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20180622

WD01 Invention patent application deemed withdrawn after publication