CN110022309A - Safe and efficient data sharing method in a kind of mobile cloud computing system - Google Patents

Safe and efficient data sharing method in a kind of mobile cloud computing system Download PDF

Info

Publication number
CN110022309A
CN110022309A CN201910186772.1A CN201910186772A CN110022309A CN 110022309 A CN110022309 A CN 110022309A CN 201910186772 A CN201910186772 A CN 201910186772A CN 110022309 A CN110022309 A CN 110022309A
Authority
CN
China
Prior art keywords
cloud
user
calculation server
shared information
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910186772.1A
Other languages
Chinese (zh)
Other versions
CN110022309B (en
Inventor
鲁秀青
潘振宽
程相国
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Center Information Technology Ltd By Share Ltd
Original Assignee
Qingdao University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qingdao University filed Critical Qingdao University
Priority to CN201910186772.1A priority Critical patent/CN110022309B/en
Publication of CN110022309A publication Critical patent/CN110022309A/en
Application granted granted Critical
Publication of CN110022309B publication Critical patent/CN110022309B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Automation & Control Theory (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention provides safe and efficient data sharing method in a kind of mobile cloud computing system, the first step, system initialization, trust center generation common parameter, master key and other entity keys;Second step, the encryption of shared information, data owner and cloud calculation server are jointly encrypted shared information;Key is generated for user in third step, the generation of user key, trust center;4th step, the integrity verification of shared information, cloud calculation server calculate the integrality of shared information;5th step, the decryption of shared information, if shared information is that completely, user downloads ciphertext from cloud storage service device and is decrypted.The operation efficiency and communication efficiency of mobile cloud computing data-sharing systems can be improved in this method, while ensureing the safety in data sharing process and privacy.

Description

Safe and efficient data sharing method in a kind of mobile cloud computing system
Technical field
The invention belongs to cloud storage security technology area, it is total to be related to safe and efficient data in a kind of mobile cloud computing system Enjoy method.
Background technique
Wireless technology and Internet of Things universal so that the data sharing in mobile cloud computing system is fast-developing, sensor and The node that the mobile devices such as mobile phone can be used as shared information acquisition and light weight is handled, and the storage of shared information and intensive fortune Calculation is realized by Cloud Server.For example in mobile cloud electron medical treatment computing system, patient can pass through wireless mobile sensing equipment And personal electron medical treatment information is uploaded to cloud and shared by intelligent terminal, for Medical Technologist etc. carry out medical diagnosis on disease or For researcher carry out deeper into excavation, thus the distribution and prevention of study of disease.Information uploads to cloud and share not Local memory space is only saved, the operation efficiency of data is improved, and greatly reduces personal and enterprise and is purchased in software It buys and the investment on hardware maintenance.But data storage, which beyond the clouds loses user, directly controls data, it cannot be complete Guarantee the privacy and data safety of user.Therefore, the data sharing method of the cloud computing system of design and implementation safety extremely closes It is important.
In existing data sharing method, need to carry out a large amount of encryptions and decryption operation at data owner end.But In mobile cloud computing system, the resources such as the storage of mobile device and computing capability are extremely limited, intensive encryption and decryption operation It is a heavy burden for mobile device.Therefore it not only can guarantee the safety of shared big data, but also be able to achieve mobile terminal Lightweight operation be problem in the urgent need to address.The present invention realizes safe and efficient shared in a kind of mobile cloud computing system The method of big data, not only can ensure that the integrality of fine-granularity access control and shared data based on attribute, and ensure that The lightweight operation of mobile terminal improves the operation efficiency and communication efficiency of whole system.
Summary of the invention
In order to realize the lightweight operation of mobile terminal, operation efficiency and the communication of mobile cloud computing data-sharing systems are improved Efficiency, while ensureing the safety in data sharing process and privacy, the present invention proposes a kind of suitable for mobile cloud computing system The safely and efficiently data-sharing systems and method, this method of system can not only safely be realized based on attribute during realization Fine-granularity access control and integrity verification based on algebra signature, and ensure that the lightweight operation of mobile terminal, move Dynamic terminal only operates shared data on a small quantity, and most of operation is realized by cloud calculation server, it is ensured that mobile cloud computing The safety and high efficiency of data sharing in system.
The present invention proposes safe and efficient data sharing method in a kind of mobile cloud computing system comprising:
The first step, system initialization, trust center generate common parameter, master key and other entity keys;
Second step, the encryption of shared information, data owner and cloud calculation server jointly carry out at encryption shared information Reason;
Key is generated for user in third step, the generation of user key, trust center;
4th step, the integrity verification of shared information, cloud calculation server calculate the integrality of shared information;
5th step, the decryption of shared information, if cloud calculation server verifying shared information is completely that user deposits from cloud Storage server downloading ciphertext is simultaneously decrypted.
Wherein, the first step is further specifically by trust center using security parameter and attribute space as input, Export the private key of common parameter, master key and data owner, cloud storage service device and cloud calculation server.
Wherein, the second step is further specially the communication and computation burden in order to reduce mobile terminal, and data owner is only Lightweight operation is carried out, is encrypted and defined access control structure including the plaintext to shared data, and ciphertext block, utilization The operation such as algebra signature calculation block label is realized by cloud calculation server.
Wherein, the third step is further specially that each user for accessing shared information can be close to trust center sending Key generates request, and corresponding user identifier, public key and solution can be generated for user according to the attribute and master key of user in trust center Key.
Wherein, the 4th step is further specially that user Xiang Yun calculation server sends integrality verification request, Yun Yun After calculation server receives checking request, whether the identity for verifying user is legal, if identity is illegal, returns to ⊥, otherwise, cloud Calculation server randomly chooses c data block and corresponding random number, and sends integrality challenge to cloud storage service device.Yun Cun After storage server receives challenge, calculating data proves to prove with label, and will demonstrate that and be sent to cloud calculation server.Finally Cloud calculation server carries out integrality to shared information according to the information for proving and being locally stored and verifies, and by verification result User is returned to, which is completed by cloud calculation server and the interaction of cloud storage service device.
Beneficial technical effect
The present invention realizes the lightweight operation of mobile terminal, and the operation effect of mobile cloud computing data-sharing systems can be improved Rate and communication efficiency, while ensureing the safety in data sharing process and privacy.
Detailed description of the invention
Fig. 1 is system model figure of the invention;
Fig. 2 is data-sharing systems flow chart of the invention.
Specific embodiment
The present invention proposes safe and efficient data sharing method in a kind of mobile cloud computing system comprising:
The first step, system initialization export public ginseng by trust center using security parameter and attribute space as input The private key of number, master key and data owner, cloud storage service device and cloud calculation server;
Second step, the encryption of shared information, the step are realized jointly by data owner and cloud calculation server, are moved to reduce The communication and computation burden of moved end, data owner only carry out lightweight operation, are encrypted simultaneously including the plaintext to shared data It defines access control structure, and ciphertext block, is operated using algebra signature calculation block label etc. and realized by cloud calculation server;
Third step, the generation of user key, it is raw that the user of each access shared information can issue key to trust center At request, it is close that corresponding user identifier, public key and decryption can be generated for user in trust center according to the attribute and master key of user Key;
4th step, the integrity verification of shared information, the step are completed by cloud calculation server and the interaction of cloud storage service device, User's Xiang Yun calculation server sends integrality verification request and verifies user's after cloud calculation server receives checking request Whether identity legal, if identity is illegal, return ⊥, otherwise, cloud calculation server randomly choose c data block and accordingly Random number, and integrality challenge is sent to cloud storage service device.After cloud storage service device receives challenge, calculate data prove and Label proves, and will demonstrate that and be sent to cloud calculation server.Last cloud calculation server is according to the letter for proving and being locally stored Breath carries out integrality to shared information and verifies, and verification result is returned to user;
5th step, the decryption of shared information, if cloud calculation server verifying shared information is completely that user deposits from cloud Storage server downloading ciphertext is simultaneously decrypted.
Trust center is served as by believable third party, is responsible for being that system generates master key, common parameter by security parameter, It is responsible for the generation, update and revocation of other entity keys simultaneously.
Data owner be responsible for generate and acquire shared information, specially have sensor device, wireless network and mobile phone, The intelligent terminals such as pad, data owner are responsible for defining access structure and carry out lightweight operation to shared information.
Only tested in the integrality that the user that trust center registered could entrust cloud calculation server to carry out shared information Card, and download shared information from cloud storage service device and decrypt use.
Cloud storage service device is responsible for providing safe and reliable, large capacity storage environment to be tested with storing shared data and integrality Demonstrate,prove label.
Prevent mobile client from consuming excessive calculating and the communication resource, cloud calculation server is mainly responsible in carry out system Complex calculation, including by the encrypted ciphertext block of data owner, utilize algebra signature calculation block.
The first step is further specially to export public ginseng using security parameter para and attribute space U as input The private key k of number PK, master key MK and data owner, cloud storage service device and cloud calculation server1、k2And k3
Trust center completes following steps:
1-a step, selects the cyclic group G with identical Prime Orders q1And G2, and g is G1Generation member;Random number α is chosen, β∈Zq, f1, f2..., fU∈G1, and calculate σ=gβAnd θ=e (g, g)α;Select the cryptographic Hash function h of safety: With bilinear map e:G1×G1→G2, define the exclusive or homorphic function d with key:With algebra signature sigγ, Wherein γ is the primitive element in Galois Field;Random selectionRespectively as data owner, cloud calculation server and The private key union of cloud storage service device
1-b step, trust center is by common parameter PK=(e, g, θ, σ, f1, f2..., fU, h, d) publication, by MK=(α, It β) is used as master key, and by k1It securely transmits and gives data owner, k2Cloud calculation server, k are sent to k3Send cloud storage clothes to Business device.
Specific step is as follows in the second step:
2-a step, in order to make user's ability accessing shared data with access authority, data owner passes through PK and access Structure A encrypts shared information, and owner defines access control structure A=(M, ρ) first, and wherein M is the matrix of l row n column, ρ: [1, l] → [1, U] is the function that each row of matrix M is mapped to attribute, then randomly chooses s ∈ ZqAnd column vectorAnd it calculatesIf shared information is F, length r1, data owner calculating ciphertext C= F·θs, C '=gs, finally C and C ' is sent to cloud storage service device, by info=(C, A, λi) send cloud calculation server to;
2-b step, cloud calculation server randomly choose ri∈Zq, i ∈ [1, l], and calculate
2-c step, in order to verify the integrality of shared information, cloud calculation server need by the ciphertext C of shared information into Row piecemeal simultaneously passes through algebra signature calculation block label, and ciphertext C is divided into N number of data block m by cloud calculation server firsti∈Zq, and with Machine selects Ri, i ∈ [1, N], calculating bi=h (i),AndWherein i is block number, and then cloud is transported Server is calculated by tiIt is sent to data owner, data owner calculatesAnd by v 'iCloud calculation server is returned to, finally Cloud calculation server calculation block label Ti=sigγ(vi||bi);
2-d step, cloud calculation server is by pf1=(mi, Ti, i ∈ [1, N]) and pf2=(Ci, Di, i ∈ [1, l]) and it sends To cloud storage service device.
The third step is further specially that the user of each access shared information can issue key life to trust center At request requestKeyGen(S).Corresponding key can be generated for user according to the attribute S and master key MK of user in trust center SK.The specific implementation process is as follows:
User's collection is combined into U, generates request request when the user u ∈ U that attribute is S sends key to trust centerKeyGen(S) When, trust center random selectionAs the identity of user, and calculate Upk=gUidAs the public key of relative users, Meanwhile trust center randomly chooses t ∈ Zq, calculate the key of user uAnd By (Uid, SK, gt, Ut=Uidt) and secret is sent to user.
4th step, user request cloud calculation server to test shared information progress integrality before downloading shared information Card.Integrity verifying step is specific as follows:
4-a step, user's Xiang Yun calculation server send integrality verification request requestInteVer(Upk, S, gt, Ut);
4-b step, cloud calculation server pass through formula e (Upk, gt)=e (g, g)UtWhether the identity for verifying user is legal. If identity is legal, cloud calculation server randomly chooses c data block and corresponding random numberAnd to cloud storage service Device sends integrality and challenges ch=(i, li), i ∈ [1, c];
4-c step, after cloud storage service device receives challenge ch, calculating data is provedIt is demonstrate,proved with label It is brightAnd by proof=(μi, η) and it is sent to cloud calculation server;
4-d step, receives after proving proof, and cloud calculation server calculates And verify equationIt is whether true.If equation is set up, indicate shared information F be it is complete, it is no Then return to ⊥.
5th step enjoys the decryption of information, if privacy information is that completely, user downloads ciphertext from cloud storage service device and solves It is close, specifically:
5-a step, definitionS is the attribute of user.If { ωi∈Zq, i ∈ I is constant, If effective share λ of siIn the presence of then equation ∑i∈Iωiλi=s is set up, and cloud calculation server first verifies equation ∑i∈IωiMi= (1,0 ..., 0) whether true, if equation is invalid, returns to ⊥ and otherwise ciphertext is decrypted into next step;
5-b step, user calculateAnd calculate F =C/CK ' obtains the corresponding plaintext of shared information.
Below using embodiment and attached drawing come the embodiment that the present invention will be described in detail, how skill is applied to the present invention whereby Art means solve technical problem, and the realization process for reaching technical effect can fully understand and implement.
As depicted in figs. 1 and 2, specific steps of the invention are implemented as follows:
The first step, system initialization, the step are run by trust center.Using security parameter para and attribute space U as The private key k of input, output common parameter PK, master key MK and data owner, cloud storage service device and cloud calculation server1、k2 And k3
(1) trust center executes following operation: selecting the cyclic group G with identical Prime Orders q1And G2, and g is G1Life Cheng Yuan;Choose random number α, β ∈ Zq, f1, f2..., fU∈G1, and calculate σ=gβAnd θ=e (g, g)α;Select the password of safety Hash function h:With bilinear map e:G1×G1→G2, define the exclusive or homorphic function d with key:With algebra signature sigγ, wherein γ is the primitive element in Galois Field;Random selectionRespectively Private key union as data owner, cloud calculation server and cloud storage service device
(2) trust center is by common parameter PK=(e, g, θ, σ, f1, f2..., fU, h, d) and publication, MK=(α, β) is made For master key, and by k1It securely transmits and gives data owner, k2Cloud calculation server, k are sent to k3Send cloud storage service to Device.
Second step, the encryption of shared information, in order to reduce the communications burden and computation burden of mobile terminal, data owner only into Row lightweight operation.By ciphertext block, is operated according to algebra signature calculation block label etc. and realized by cloud calculation server.
(1) in order to make user's ability accessing shared data with access authority, data owner passes through PK and access structure A Shared information is encrypted, owner defines access control structure A=(M, ρ) first, wherein matrix of the M for l row n column, ρ: [1, L] → [1, U] be the function that each row of matrix M is mapped to attribute, then randomly choose s ∈ ZqAnd column vectorAnd it calculatesIf shared information is F, length r1, data owner calculating ciphertext C= F·θs, C '=gs, finally C and C ' is sent to cloud storage service device, by info=(C, A, λi) send cloud calculation server to.
(2) cloud calculation server randomly chooses ri∈Zq, i ∈ [1, l], and calculate
(3) in order to verify the integrality of shared information, cloud calculation server needs the ciphertext C of shared information carrying out piecemeal And by algebra signature calculation block label, ciphertext C is divided into N number of data block m by cloud calculation server firsti∈Zq, and randomly choose Ri, i ∈ [1, N], calculating bi=h (i),AndWherein i is block number, then cloud computational service Device is by tiIt is sent to data owner, data owner calculatesAnd by v 'iReturn to cloud calculation server, last cloud operation Server calculation block label Ti=sigγ(vi||bi)。
(4) cloud calculation server is by pf1=(mi, Ti, i ∈ [1, N]) and pf2=(Ci, Di, i ∈ [1, l]) and it is sent to cloud and deposits Store up server.
Third step, the user of each access shared information can issue key to trust center and generate request requestKeyGen(S).Corresponding key SK can be generated for user according to the attribute S and master key MK of user in trust center.Specifically Realization process is as follows:
User's collection is combined into U, generates request request when the user u ∈ U that attribute is S sends key to trust centerKeyGen(S) When, trust center random selectionAs the identity of user, and calculate Upk=gUidAs the public key of relative users, Meanwhile trust center randomly chooses t ∈ Zq, calculate the key of user uAnd By (Uid, SK, gt, Ut=Uidt) and secret is sent to user.
4th step, user request cloud calculation server to carry out integrity verification to shared information before downloading shared information. Integrity verifying step is specific as follows:
(1) user Xiang Yun calculation server sends integrality verification request requestInteVer(Upk, S, gt, Ut);
(2) cloud calculation server passes through formula e (Upk, gt)=e (g, g)UtWhether the identity for verifying user is legal.If Identity is legal, and cloud calculation server randomly chooses c data block and corresponding random numberAnd it is sent out to cloud storage service device Integrality is sent to challenge ch=(i, li), i ∈ [1, c];
(3) after cloud storage service device receives challenge ch, calculating data is provedIt is proved with labelAnd by proof=(μi, η) and it is sent to cloud calculation server;
(4) it receives after proving proof, cloud calculation server calculatesAnd Verify equationIt is whether true.If equation is set up, indicate completely, otherwise shared information F is In return.
5th step enjoys the decryption of information, if privacy information is that completely, user downloads ciphertext from cloud storage service device and solves It is close, specifically:
(1) it definesS is the attribute of user.If { ωi∈Zq, i ∈ I is constant, if s Effective share λiIn the presence of then equation ∑i∈Iωiλi=s is set up, and cloud calculation server first verifies equation ∑i∈IωiMi=(1, 0 ..., 0) whether true, if equation is invalid, returns to ⊥ and otherwise ciphertext is decrypted into next step;
(2) user calculatesAnd calculate F=C/ CK ' obtains the corresponding plaintext of shared information.
All above-mentioned this intellectual properties of primarily implementation, there is no this new products of implementation of setting limitation other forms And/or new method.Those skilled in the art will utilize this important information, above content modification, to realize similar execution feelings Condition.But all modifications or transformation belong to the right of reservation based on new product of the present invention.
The above described is only a preferred embodiment of the present invention, being not that the invention has other forms of limitations, appoint What those skilled in the art changed or be modified as possibly also with the technology contents of the disclosure above equivalent variations etc. Imitate embodiment.But without departing from the technical solutions of the present invention, according to the technical essence of the invention to above embodiments institute Any simple modification, equivalent variations and the remodeling made, still fall within the protection scope of technical solution of the present invention.

Claims (5)

1. safe and efficient data sharing method in a kind of mobile cloud computing system characterized by comprising
The first step, system initialization, trust center generate common parameter, master key and other entity keys;
Second step, the encryption of shared information, data owner and cloud calculation server are jointly encrypted shared information;
Key is generated for user in third step, the generation of user key, trust center;
4th step, the integrity verification of shared information, cloud calculation server calculate the integrality of shared information;
5th step, the decryption of shared information, if cloud calculation server verifying shared information is that completely, user takes from cloud storage Business device downloading ciphertext is simultaneously decrypted.
2. safe and efficient data sharing method in mobile cloud computing system as described in claim 1, it is characterised in that: described For the first step further specifically by trust center using security parameter and attribute space as input, output common parameter, master are close Key and the private key of data owner, cloud storage service device and cloud calculation server.
3. safe and efficient data sharing method in mobile cloud computing system as claimed in claim 1 or 2, it is characterised in that: The second step is further specially the communication and computation burden in order to reduce mobile terminal, and data owner only carries out lightweight fortune It calculates, is encrypted and defined access control structure including the plaintext to shared data, and ciphertext block, utilize algebra signature calculation The operation such as block label is realized wherein by cloud calculation server.
4. safe and efficient data sharing method in mobile cloud computing system as described in claims 1 to 3, it is characterised in that: The third step is further specially that the user of each access shared information can issue key generation request, letter to trust center Appoint center corresponding user identifier, public key and decruption key can be generated for user according to the attribute and master key of user.
5. safe and efficient data sharing method in the mobile cloud computing system as described in Claims 1-4, it is characterised in that: 4th step is further specially that user Xiang Yun calculation server sends integrality verification request, and cloud calculation server receives After checking request, whether the identity for verifying user is legal, if identity is illegal, returns to ⊥, otherwise, cloud calculation server is random C data block and corresponding random number are selected, and sends integrality challenge to cloud storage service device.Cloud storage service device receives After challenge, calculating data proves to prove with label, and will demonstrate that and be sent to cloud calculation server.Last cloud calculation server root It is demonstrated that and the information that is locally stored integrality is carried out to shared information and is verified, and verification result is returned into user, should Step is completed by cloud calculation server and the interaction of cloud storage service device.
CN201910186772.1A 2019-03-12 2019-03-12 Safe and efficient data sharing method in mobile cloud computing system Active CN110022309B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910186772.1A CN110022309B (en) 2019-03-12 2019-03-12 Safe and efficient data sharing method in mobile cloud computing system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910186772.1A CN110022309B (en) 2019-03-12 2019-03-12 Safe and efficient data sharing method in mobile cloud computing system

Publications (2)

Publication Number Publication Date
CN110022309A true CN110022309A (en) 2019-07-16
CN110022309B CN110022309B (en) 2022-03-15

Family

ID=67189536

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910186772.1A Active CN110022309B (en) 2019-03-12 2019-03-12 Safe and efficient data sharing method in mobile cloud computing system

Country Status (1)

Country Link
CN (1) CN110022309B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111107094A (en) * 2019-12-25 2020-05-05 青岛大学 Lightweight ground-oriented medical Internet of things big data sharing system
CN111586036A (en) * 2020-05-06 2020-08-25 陕西师范大学 Decentralized multi-cloud self-auditing method and system
CN112187798A (en) * 2020-09-28 2021-01-05 安徽大学 Bidirectional access control method and system applied to cloud-side data sharing
WO2021026763A1 (en) * 2019-08-13 2021-02-18 Nokia Shanghai Bell Co., Ltd. Data security for network slice management
CN113312327A (en) * 2021-05-24 2021-08-27 何细妹 Cloud storage file sharing system suitable for mobile terminal
EP4332811A1 (en) * 2022-09-05 2024-03-06 Bull Sas Method, computer program and system for collecting confidential data from several data providers, for joint analysis of said data

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150113290A1 (en) * 2009-11-16 2015-04-23 Rahul V. Auradkar Containerless data for trustworthy computing and data services
CN104993937A (en) * 2015-07-07 2015-10-21 电子科技大学 Method for testing integrity of cloud storage data
CN105515778A (en) * 2015-12-25 2016-04-20 河南城建学院 Cloud storage data integrity service signature method
CN105787390A (en) * 2016-03-02 2016-07-20 深圳大学 Data integrity verification method and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150113290A1 (en) * 2009-11-16 2015-04-23 Rahul V. Auradkar Containerless data for trustworthy computing and data services
CN104993937A (en) * 2015-07-07 2015-10-21 电子科技大学 Method for testing integrity of cloud storage data
CN105515778A (en) * 2015-12-25 2016-04-20 河南城建学院 Cloud storage data integrity service signature method
CN105787390A (en) * 2016-03-02 2016-07-20 深圳大学 Data integrity verification method and system

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
KAI HE等: "Identity-Preserving Public Auditing for Shared", 《2015 IEEE 23RD INTERNATIONAL SYMPOSIUM ON QUALITY OF SERVICE》 *
卢珂: "云存储中数据完整性验证技术研究", 《中国优秀硕士学位论文全文数据库(信息科技辑)》 *
姜红等: "改进的保护身份的云共享数据完整性公开审计方案", 《信息网络安全》 *
王谦等: "一种面向移动云存储的可验证访问控制方案", 《计算机工程》 *
第10卷: "Hui Tian等", 《IEEE TRANSACTIONS ON SERVICES COMPUTING》 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021026763A1 (en) * 2019-08-13 2021-02-18 Nokia Shanghai Bell Co., Ltd. Data security for network slice management
CN114223233A (en) * 2019-08-13 2022-03-22 上海诺基亚贝尔股份有限公司 Data security for network slice management
CN111107094A (en) * 2019-12-25 2020-05-05 青岛大学 Lightweight ground-oriented medical Internet of things big data sharing system
CN111107094B (en) * 2019-12-25 2022-05-20 青岛大学 Lightweight ground-oriented medical Internet of things big data sharing system
CN111586036A (en) * 2020-05-06 2020-08-25 陕西师范大学 Decentralized multi-cloud self-auditing method and system
CN111586036B (en) * 2020-05-06 2022-11-29 北京城建智控科技股份有限公司 Decentralized multi-cloud self-auditing method and system
CN112187798A (en) * 2020-09-28 2021-01-05 安徽大学 Bidirectional access control method and system applied to cloud-side data sharing
CN113312327A (en) * 2021-05-24 2021-08-27 何细妹 Cloud storage file sharing system suitable for mobile terminal
EP4332811A1 (en) * 2022-09-05 2024-03-06 Bull Sas Method, computer program and system for collecting confidential data from several data providers, for joint analysis of said data

Also Published As

Publication number Publication date
CN110022309B (en) 2022-03-15

Similar Documents

Publication Publication Date Title
CN110022309A (en) Safe and efficient data sharing method in a kind of mobile cloud computing system
Guo et al. Blockchain meets edge computing: A distributed and trusted authentication system
CN108881314B (en) Privacy protection method and system based on CP-ABE ciphertext under fog computing environment
CN105871538B (en) Quantum key distribution system, quantum key delivering method and device
CN104468615B (en) file access and modification authority control method based on data sharing
CN104811450B (en) The date storage method and integrity verification method of a kind of identity-based in cloud computing
CN110011795B (en) Symmetric group key negotiation method based on block chain
CN103780607B (en) The method of the data de-duplication based on different rights
CN111986755A (en) Data sharing system based on block chain and attribute-based encryption
CN110912897B (en) Book resource access control method based on ciphertext attribute authentication and threshold function
CN108173882A (en) Edge calculations node identities authentication method based on aes algorithm
TW201904232A (en) Method and system for establishing trusted point-to-point communication between blockchain network nodes
CN107483585A (en) The efficient data integrality auditing system and method for safe duplicate removal are supported in cloud environment
CN109314705A (en) Use the systems, devices and methods for extensive scalable Dynamic Multipoint Virtual private network of group encryption keys
CN112383550B (en) Dynamic authority access control method based on privacy protection
CN106656997B (en) One kind being based on the cross-domain friend-making method for secret protection of mobile social networking proxy re-encryption
CN106487506A (en) A kind of many mechanisms KP ABE method supporting pre-encrypt and outsourcing deciphering
CN106789042A (en) User in IBC domains accesses the authentication key agreement method of the resource in PKI domains
CN108600174A (en) A kind of access control mechanisms and its implementation of big merger network
CN115065679B (en) Electronic health record sharing model, method, system and medium based on blockchain
CN110933033A (en) Cross-domain access control method for multiple Internet of things domains in smart city environment
Li et al. A Lightweight Fine‐Grained Searchable Encryption Scheme in Fog‐Based Healthcare IoT Networks
Zhao et al. A verifiable hidden policy CP‐ABE with decryption testing scheme and its application in VANET
CN106209774B (en) The cloud service outsourcing access right control method obscured based on undistinguishable
CN113111379A (en) Bidirectional anonymous authentication method supporting location privacy protection in intelligent medical treatment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 266071 Shandong city of Qingdao province Ningxia City Road No. 308

Applicant after: Qingdao University

Address before: 266071 Ningxia Road, Shandong, China, No. 308, No.

Applicant before: Qingdao University

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20220920

Address after: 250014 No. 19, ASTRI Road, Lixia District, Shandong, Ji'nan

Patentee after: Shandong center information technology Limited by Share Ltd.

Address before: 266071 Shandong city of Qingdao province Ningxia City Road No. 308

Patentee before: QINGDAO University

TR01 Transfer of patent right