CN112257112B - Data access control method based on block chain - Google Patents

Data access control method based on block chain Download PDF

Info

Publication number
CN112257112B
CN112257112B CN202011278801.6A CN202011278801A CN112257112B CN 112257112 B CN112257112 B CN 112257112B CN 202011278801 A CN202011278801 A CN 202011278801A CN 112257112 B CN112257112 B CN 112257112B
Authority
CN
China
Prior art keywords
data
access control
attribute
sharing platform
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011278801.6A
Other languages
Chinese (zh)
Other versions
CN112257112A (en
Inventor
刘博�
王心妍
张鸿雁
郭建勋
秦龙
张静
陈鑫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
Information and Telecommunication Branch of State Grid Henan Electric Power Co Ltd
Original Assignee
State Grid Corp of China SGCC
Information and Telecommunication Branch of State Grid Henan Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, Information and Telecommunication Branch of State Grid Henan Electric Power Co Ltd filed Critical State Grid Corp of China SGCC
Priority to CN202011278801.6A priority Critical patent/CN112257112B/en
Publication of CN112257112A publication Critical patent/CN112257112A/en
Application granted granted Critical
Publication of CN112257112B publication Critical patent/CN112257112B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computational Linguistics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a data access control method based on a block chain, which effectively solves the problems that a data sharing intelligent contract needs to be established, a data user cannot obtain a data plaintext, and a data owner cannot manage own data in the prior art, and provides a credible data sharing platform between the data owner and the data user by using the block chain.

Description

Data access control method based on block chain
Technical Field
The invention relates to the field of data access control, in particular to a data access control method based on a block chain.
Background
In the field of data sharing, security of data transfer is very important. In a traditional data sharing mode, a data owner uploads data to a platform, and the data owner asks for the data from the platform. In this case, ownership of the data is transferred to the platform, and it is difficult to secure the rights of the owner of the data. In addition, data safety is completely controlled by a centralized platform, risks such as secret key leakage and data leakage exist, a single center cannot obtain multi-party trust at the same time, and the scope of data sharing is severely limited.
The block chain is used as a decentralized technology, and data sharing support can be realized in a centerless scene; as a distributed account book technology, the data stored by the distributed account book technology has the non-tampering characteristic due to the non-tampering characteristic, and traceability and credibility are provided for the data sharing process. Therefore, the functions of data transmission, authority management and the like are realized by building a platform through the block chain, and the method becomes a research hotspot.
Prior art 1: a patent of a block chain data sharing method and device with the patent number of CN 110224814A relates to a data sharing method, which comprises the following two steps: firstly, a data owner encrypts data by combining a data hash value and a user public key and then sends the encrypted data to an intelligent contract; secondly, the data requester decrypts the data by using a private key, but the method requires that both data sharing parties establish a data sharing intelligent contract on the basis of the block chain to realize data sharing;
prior art 2: the method provided by the patent of 'a block chain data sharing encryption and decryption method, equipment and storage medium' with the patent number of CN 111385301A is carried out by the following steps: the first step is as follows: a data owner generates a public key A1 and a private key A, encrypts a plaintext to obtain A1, and uploads the A1 to a block chain; the second step is that: the block chain generates a key C1 for the data owner; the third step: the data owner encrypts A by using the key C1 to obtain reA and uploads the A to the block chain; the fourth step: the intelligent contract encrypts the ciphertext a1 by utilizing reA to obtain a2; the fifth step: and the data user performs homomorphic operation by using a2, decrypts the result by using C1, and can obtain the calculation result without knowing the plaintext. The method realizes multi-party safe calculation, and a data requester cannot obtain data plaintext and cannot calculate complete data sharing;
prior art 3: a data security sharing method based on a block chain is disclosed in patent number CN 111444264A, and relates to a data sharing method, which comprises the following steps: firstly, a data owner desensitizes and cleans data and uploads the data to a data sharing platform; secondly, after encrypting the data, the platform obtains the hash of the data and writes the hash into a block chain; thirdly, the platform writes the data authority and the access rule into an intelligent contract to be deployed to a block chain; and fourthly, the data requester queries the data from the platform by using the authority of the data requester. The data encryption and the authority management of the method are completely owned by the platform, and the data owner can not manage the data of the owner.
The present invention therefore provides a new solution to this problem.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a data access control method based on a block chain, which effectively solves the problems that a data sharing intelligent contract needs to be established, a data requester cannot obtain data plaintext, and a data owner cannot manage own data on the basis of the block chain in the prior art.
The technical scheme for solving the problem is that the control method for the data access based on the block chain comprises the following specific steps:
s1, a plurality of attribute management centers theta jointly establish a data sharing platform based on a block chain, and nodes of the data sharing platform initialize the data sharing platform, wherein the nodes of the data sharing platform comprise the attribute management centers theta;
s2, the data owner issues data through a data sharing platform;
and S3, the data user retrieves and inquires the required data through the data sharing platform, acquires the data and completes decryption.
Furthermore, the nodes are servers participating in maintaining and operating the block chains, the nodes are multiple, the data owner issues the data by using the block chains, the data user acquires the data through the block chains, and the attribute management center theta is a server for managing data authority control of the data owner.
Further, the step S1 needs to go through the following steps:
s11, each node of the block chain is negotiated to generate parameters including bilinear group G and element G,
H(user_id)→G
and making a hash function: f (access _ policy) → G, wherein the H function is used for mapping id user _ id of the user to the bilinear group G, the F function is used for mapping the access control policy access _ policy to the bilinear group G, and the node comprises an attribute management center;
s12, defining bilinear operation e (G, G) to map G × G → G for bilinear group G T
S13, parameters disclosed to the data sharing platform comprise G, e (G, G), G and id user _ id of a user;
s14, each attribute management center theta generates random numbers for itself as private keys (alpha) θ ,y θ ) Publishing public keys
Figure BDA0002780028580000031
To a data sharing platform;
and S15, completing initialization of the data sharing platform.
Further, the step S2 is performed by:
s21, encrypting the data by the data owner to obtain a ciphertext C = Me (g, g) z Where M is the encrypted data plaintext, z is the encryption key;
s22, a data owner generates an access control strategy p, wherein the access control strategy p is C@c AND B@b, the access _ policy which is abbreviated for convenience of expression represents that data can be accessed when a C attribute issued by an attribute management center C AND a B attribute issued by an attribute management center B exist at the same time, the access control strategy p in the platform is (A, delta AND rho), wherein A is an access control matrix corresponding to the access control strategy p, l rows AND n columns are total, delta refers to a mapping function delta (x) AND represents an attribute corresponding to an x-th row, AND rho refers to a mapping function rho (x) AND represents an attribute management center theta corresponding to the x-th row;
s23, generating an access control ciphertext CT according to the access control strategy p (A, delta, rho), firstly generating a random number T in the data encryption process, and constructing a vector v = (z, v) 2 ...,v n ) T And w = (0,w) 2 ...,w n ) T Let λ be x =<A x ,v>Wherein A is x To access the xth row of the control matrix A, a random number t is then generated for each row separately x The access control ciphertext CT calculation process is as follows:
Figure BDA0002780028580000033
Figure BDA0002780028580000034
Figure BDA0002780028580000035
Figure BDA0002780028580000036
CT={C 1,x ,C 2,x ,C 3,x ,C 4,x }
and S24, uploading the ciphertext C, the access control ciphertext CT and the access control strategy p to a data sharing platform.
Further, the step S3 is performed by:
s31, the data user requests the key K corresponding to the attribute u from each attribute management center theta, and for each attribute u, the corresponding attribute management center generates a random number t and generates keys K1 and K2
Figure BDA0002780028580000037
K2 uid,u =g t
Inquiring data from the data sharing platform, and acquiring an access control ciphertext CT, a ciphertext C and an access control strategy p of the required data, wherein uid is a user _ id which is abbreviated for convenience of expression;
s32, the access control strategy p is converted into a form of (A, delta, rho) again, and c is calculated x Make sigma x c x A x = (1,0.. 0), calculate for each row:
Figure BDA0002780028580000041
s33, obtaining data plaintext M = C 0 /e(g,g) z And decryption is completed.
Due to the adoption of the technical scheme, compared with the prior art, the invention has the following advantages:
(1) The data owner and the data user can provide a credible data sharing platform by using the block chain, the attribute management center theta issues a public parameter through the block chain, the data owner encrypts a data plaintext M based on a data attribute by using the public parameter to obtain a ciphertext C, the ciphertext C is transmitted to the block chain, and the data user requests a key K corresponding to an attribute u through each attribute management center theta of the block chain to obtain the data plaintext M, so that the problem that the data owner can not manage own data is solved;
(2) Aiming at the safety problem existing in the data sharing process, the invention designs a mechanism based on multi-main-body attribute encryption: the key K can only be unlocked by the user with the corresponding attribute, because the attribute comes from different key management centers, the keys generated by different users in different attributes cannot be combined, the plaintext is not subjected to any public transmission, the attribute keys are also combined locally by the data user, and the data plaintext is obtained through decryption, so that the risk of data leakage is avoided, the data sharing can be realized without establishing a data sharing intelligent contract in more steps, and the data safety in the data sharing process is ensured.
Drawings
Fig. 1 is a schematic diagram of a block chain-based data access control method according to the present invention.
Detailed Description
The foregoing and other technical and other features and advantages of the invention will be apparent from the following detailed description of the embodiments, which proceeds with reference to fig. 1. The structural contents mentioned in the following embodiments are all referred to the attached drawings of the specification.
Exemplary embodiments of the present invention will be described below with reference to the accompanying drawings.
A data access control method based on a block chain is characterized in that a data sharing platform based on the block chain is established by a plurality of attribute management centers theta, data sharing is realized between a data owner and a data user based on the data sharing platform, a data requester is the data user, and a data owner is the data owner, and the control method comprises the following specific steps:
s1, establishing a data sharing platform based on a block chain by a plurality of attribute management centers theta, and initializing the data sharing platform by nodes of the data sharing platform, wherein the nodes of the data sharing platform comprise each attribute management center;
s2, the data owner releases data through the data sharing platform;
and S3, the data user retrieves and inquires the required data through the data sharing platform, acquires the data and completes decryption. The nodes are servers participating in maintenance and operation of the block chains, the nodes are multiple, the data owner issues data by using the block chains, the data user acquires the data through the block chains, and the attribute management center theta is a server for managing the data authority control attribute of the data owner;
the step S1 needs to go through the following steps:
s11, negotiating among all nodes of the block chain, generating parameters including bilinear groups G and elements G, and formulating a hash function:
Figure BDA0002780028580000051
the H function is used for mapping id user _ id of a user to a bilinear group G, the F function is used for mapping access control strategy access _ policy to the bilinear group G, and the node comprises an attribute management center;
s12, defining bilinear operation e (G, G) to map G × G → G for bilinear group G T
S13, parameters disclosed to the data sharing platform comprise G, e (G, G), G and id user _ id of a user;
s14, each attribute management center theta generates random numbers for itself as private keys (alpha) θ ,y θ ) Publishing public keys
Figure BDA0002780028580000052
To a data sharing platform;
s15, initializing the data sharing platform;
the step S2 comprises the following steps:
s21, encrypting the data by the data owner to obtain a ciphertext C = Me (g, g) z Wherein M is the encrypted data plaintext and z is the encryption key;
s22, a data owner generates an access control strategy p, wherein the access control strategy p is C@c AND B@b, the access _ policy which is abbreviated for convenience of expression represents that data can be accessed when a C attribute issued by an attribute management center C AND a B attribute issued by an attribute management center B exist at the same time, AND the access control strategy p in the platform is (A, delta, rho), wherein A is an access control matrix corresponding to the access control strategy p, the column is divided into l rows AND n columns, delta refers to a mapping function delta (x) AND represents an attribute corresponding to an x row, AND rho refers to a mapping function rho (x) AND represents an attribute management center theta corresponding to the x row;
s23, generating an access control ciphertext CT according to the access control strategy p (A, delta, rho), firstly generating a random number T in the data encryption process, and constructing a vector v = (z, v) 2 ...,v n ) T And w = (0,w) 2 ...,w n ) T Let λ be x =<A x ,v>Wherein A is x To access the xth row of the control matrix A, a random number t is then generated for each row separately x The access control ciphertext CT calculation process is as follows:
Figure BDA0002780028580000061
Figure BDA0002780028580000062
Figure BDA0002780028580000063
Figure BDA0002780028580000064
CT={C 1,x ,C 2,x ,C 3,x ,C 4,x }
s24, uploading the ciphertext C, the access control ciphertext CT and the access control strategy p to a data sharing platform;
the step S3 comprises the following steps:
s31, the data user requests the key K corresponding to the attribute u from each attribute management center theta, and for each attribute u, the corresponding attribute management center generates a random number t and generates keys K1 and K2
Figure BDA0002780028580000065
K2 uid,u =g t
Inquiring data from the data sharing platform, and acquiring an access control ciphertext CT, a ciphertext C and an access control strategy p of the required data, wherein uid is a user _ id which is abbreviated for convenience of expression;
s32, the access control strategy p is converted into a form of (A, delta, rho) again, and c is calculated x Make sigma x c x A x = (1,0.. 0), calculate for each row:
Figure BDA0002780028580000066
s33, obtaining data plaintext M = C 0 /e(g,g) z And decryption is completed.
When the method is used specifically, a Fabric building block chain is adopted, a Charm frame is used for realizing encryption and decryption of attributes, and experimental results are as follows:
the block chain experimental environment is a 1-core 2G server and an Ubuntu 16.04 system which are deployed on Jin Shanyun, a block chain architecture adopts HyperLegendr 1.4.0, a docker container is utilized to deploy alliance chain nodes, an intelligent contract is compiled by JavaScript, an average value is run for 50 times, so that the time consumption of writing the steps on the chain is 2060ms, the time consumption of consensus is 75ms, and the time consumption of inquiry is 14ms, therefore, the time consumption of a global initialization link is 2060ms;
Figure BDA0002780028580000071
the initialization of each attribute center, the encryption link of a data owner and the decryption link of a data requester are all carried out under a chain, and are realized by adopting a charm framework, under the environment of an Ubuntu 16.04 system, a CPU main frequency 2.4GHZ, a 2G RAM and a Python3.5.3, the use time is as shown in the following table under different curves:
since the computing power of the attribute management center may far exceed that of the data owner and user, the initialization link and the key generation link are negligible, the data requester is not required to know immediately after the data is released for uplink, and the uplink time has little practical influence on the present invention.
The time overhead of the data owner and the data user is therefore only analyzed: taking SS512 curve, attribute 4 as an example, for the data owner, the time to publish the data is: encryption 75ms + consensus is 75ms =150ms, for the data user, the time to obtain the data is: query time 14ms + key generation time 91.5ms + decryption time 34.5ms =140ms.
The control method provided by the invention does not influence the time used by a data owner and a data user, a credible data sharing platform is provided between the data owner and a data requester by utilizing a block chain, an attribute management center theta issues a public parameter through the block chain, the data owner encrypts a data plaintext M based on a data attribute by utilizing the public parameter to obtain a ciphertext C and transmits the ciphertext C to the block chain, and the data user requests a key K corresponding to an attribute u through each attribute management center theta of the block chain to obtain the data plaintext M, so that the problem that the data owner cannot manage own data is avoided, the data user can obtain the data plaintext locally, and the safety of the data plaintext in the data sharing process is also ensured by a mechanism based on multi-body attribute encryption.

Claims (2)

1. A block chain-based data access control method is characterized by comprising the following specific steps:
s1, a plurality of attribute management centers theta jointly establish a data sharing platform based on a block chain, and nodes of the data sharing platform initialize the data sharing platform, wherein the nodes of the data sharing platform comprise the attribute management centers theta;
s2, the data owner releases data through the data sharing platform;
s3, retrieving and inquiring required data through a data sharing platform by a data user, acquiring the data and finishing decryption;
the step S1 needs to go through the following steps:
s11, negotiating among all nodes of the block chain, generating parameters including bilinear groups G and elements G, and formulating a hash function:
Figure FDA0003816339070000011
the H function is used for mapping id user _ id of a user to a bilinear group G, the F function is used for mapping access control strategy access _ policy to the bilinear group G, and the node comprises an attribute management center theta;
s12, defining bilinear operation e (G, G) to map G × G → G for bilinear group G T
S13, parameters disclosed to the data sharing platform comprise G, e (G, G), G and id user _ id of a user;
s14, each attribute management center theta generates random numbers for itself as private keys (alpha) θ ,y θ ) Publishing the public key
Figure FDA0003816339070000012
Figure FDA0003816339070000013
To a data sharing platform;
s15, initializing the data sharing platform;
the step S2 comprises the following steps:
s21, encrypting the data by the data owner to obtain a ciphertext C = Me (g, g) z Wherein M is the encrypted data plaintext and z is the encryption key;
s22, a data owner generates an access control strategy p, wherein the access control strategy p is C@c AND B@b, the access _ policy which is abbreviated for convenience of expression represents that data can be accessed when a C attribute issued by an attribute management center C AND a B attribute issued by an attribute management center B exist at the same time, the access control strategy p in the platform is (A, delta AND rho), wherein A is an access control matrix corresponding to the access control strategy p, l rows AND n columns are total, delta refers to a mapping function delta (x) AND represents an attribute corresponding to an x-th row, AND rho refers to a mapping function rho (x) AND represents an attribute management center theta corresponding to the x-th row;
s23, generating an access control ciphertext CT according to the access control strategy p (A, delta, rho), firstly generating a random number T in the data encryption process, and constructing a vector v = (z, v) 2 ...,v n ) T And w = (0,w) 2 ...,w n ) T Let λ be x =<A x ,v>Wherein A is x To access the xth row of the control matrix A, a random number t is then generated for each row separately x The access control ciphertext CT calculation process is as follows:
Figure FDA0003816339070000021
Figure FDA0003816339070000022
Figure FDA0003816339070000023
Figure FDA0003816339070000024
CT={C 1,x ,C 2,x ,C 3,x ,C 4,x }
s24, uploading the ciphertext C, the access control ciphertext CT and the access control strategy p to a data sharing platform;
the step S3 comprises the following steps:
s31, the data user requests the key K corresponding to the attribute u from each attribute management center theta, and for each attribute u, the corresponding attribute management center generates a random number t and generates keys K1 and K2
Figure FDA0003816339070000025
K2 uid,u =g t
Inquiring data from the data sharing platform, and acquiring an access control ciphertext CT, a ciphertext C and an access control strategy p of the required data, wherein uid is a user _ id which is abbreviated for convenience of expression;
s32, the access control strategy p is converted into a form of (A, delta, rho) again, and c is calculated x Make sigma x c x A x = (1,0.. 0), calculate for each row:
Figure FDA0003816339070000026
Figure FDA0003816339070000027
s33, obtaining data plaintext M = C/e (g, g) Z The decryption is completed.
2. The method as claimed in claim 1, wherein the node is a server participating in maintaining and operating the blockchain, the number of nodes is plural, the node using the blockchain to issue its own data is a data owner, the node using the blockchain to acquire the data is a data user, and the attribute management center θ is a server managing the attribute of data authority control of the data owner.
CN202011278801.6A 2020-11-16 2020-11-16 Data access control method based on block chain Active CN112257112B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011278801.6A CN112257112B (en) 2020-11-16 2020-11-16 Data access control method based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011278801.6A CN112257112B (en) 2020-11-16 2020-11-16 Data access control method based on block chain

Publications (2)

Publication Number Publication Date
CN112257112A CN112257112A (en) 2021-01-22
CN112257112B true CN112257112B (en) 2022-10-14

Family

ID=74266080

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011278801.6A Active CN112257112B (en) 2020-11-16 2020-11-16 Data access control method based on block chain

Country Status (1)

Country Link
CN (1) CN112257112B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113010911B (en) * 2021-02-07 2024-05-10 腾讯科技(深圳)有限公司 Data access control method, device and computer readable storage medium
CN113242123B (en) * 2021-04-29 2023-03-17 龚健 Common user data acquisition method and device and server
CN114143055B (en) * 2021-11-24 2023-12-01 国网江苏省电力有限公司营销服务中心 Block chain-based data distribution method and trusted traceability method
CN114185993B (en) * 2021-12-21 2023-02-03 北京理工大学 Auditable data sharing method based on block chain
CN114640473A (en) * 2022-05-18 2022-06-17 山东省计算中心(国家超级计算济南中心) Cross-data center access control method and system based on block chain and ABAC

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016197770A1 (en) * 2015-06-12 2016-12-15 深圳大学 Access control system and access control method thereof for cloud storage service platform
WO2018049601A1 (en) * 2016-09-14 2018-03-22 深圳大学 Outsourcing access control method for fog computing and system thereof
JP6478361B1 (en) * 2018-08-11 2019-03-06 株式会社bitFlyer Blockchain network and determination method therefor
CN109768987A (en) * 2019-02-26 2019-05-17 重庆邮电大学 A kind of storage of data file security privacy and sharing method based on block chain
CN109951498A (en) * 2019-04-18 2019-06-28 中央财经大学 A kind of block chain access control method and device based on ciphertext policy ABE encryption
CN110098919A (en) * 2019-04-26 2019-08-06 西安电子科技大学 The acquisition methods of data permission based on block chain
CN111143471A (en) * 2019-12-27 2020-05-12 北京工业大学 Ciphertext retrieval method based on block chain
CN111385301A (en) * 2020-03-06 2020-07-07 湖南智慧政务区块链科技有限公司 Block chain data sharing encryption and decryption method, equipment and storage medium
CN111614680A (en) * 2020-05-25 2020-09-01 华中科技大学 CP-ABE-based traceable cloud storage access control method and system
CN111859444A (en) * 2020-06-12 2020-10-30 中国科学院信息工程研究所 Block chain data supervision method and system based on attribute encryption
CN111917721A (en) * 2020-06-28 2020-11-10 石家庄铁道大学 Attribute encryption method based on block chain
CN111914269A (en) * 2020-07-07 2020-11-10 华中科技大学 Data security sharing method and system under block chain and cloud storage environment

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016197770A1 (en) * 2015-06-12 2016-12-15 深圳大学 Access control system and access control method thereof for cloud storage service platform
WO2018049601A1 (en) * 2016-09-14 2018-03-22 深圳大学 Outsourcing access control method for fog computing and system thereof
JP6478361B1 (en) * 2018-08-11 2019-03-06 株式会社bitFlyer Blockchain network and determination method therefor
CN109768987A (en) * 2019-02-26 2019-05-17 重庆邮电大学 A kind of storage of data file security privacy and sharing method based on block chain
CN109951498A (en) * 2019-04-18 2019-06-28 中央财经大学 A kind of block chain access control method and device based on ciphertext policy ABE encryption
CN110098919A (en) * 2019-04-26 2019-08-06 西安电子科技大学 The acquisition methods of data permission based on block chain
CN111143471A (en) * 2019-12-27 2020-05-12 北京工业大学 Ciphertext retrieval method based on block chain
CN111385301A (en) * 2020-03-06 2020-07-07 湖南智慧政务区块链科技有限公司 Block chain data sharing encryption and decryption method, equipment and storage medium
CN111614680A (en) * 2020-05-25 2020-09-01 华中科技大学 CP-ABE-based traceable cloud storage access control method and system
CN111859444A (en) * 2020-06-12 2020-10-30 中国科学院信息工程研究所 Block chain data supervision method and system based on attribute encryption
CN111917721A (en) * 2020-06-28 2020-11-10 石家庄铁道大学 Attribute encryption method based on block chain
CN111914269A (en) * 2020-07-07 2020-11-10 华中科技大学 Data security sharing method and system under block chain and cloud storage environment

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
A blockchain-based access control system for cloud storage;Ilya Sukhodolskiy等;《2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus)》;20180315;全文 *
An Access Control Model and Its Application in Blockchain;Xiangwu Ding等;《2019 International Conference on Communications, Information System and Computer Engineering (CISCE)》;20190822;全文 *
区块链技术下电力系统安全测评管理系统的应用;王心妍等;《电力信息与通信技术》;20200630;第18卷(第6期);全文 *
基于区块链的云存储加密数据共享方案;梁艳丽等;《计算机工程与应用》;20200901;第56卷(第17期);全文 *

Also Published As

Publication number Publication date
CN112257112A (en) 2021-01-22

Similar Documents

Publication Publication Date Title
CN112257112B (en) Data access control method based on block chain
CN110099043B (en) Multi-authorization-center access control method supporting policy hiding and cloud storage system
Seliem et al. BIoMT: Blockchain for the internet of medical things
Liu et al. Cloud-based electronic health record system supporting fuzzy keyword search
Rana et al. Efficient and secure attribute based access control architecture for smart healthcare
Li et al. A Lightweight Fine‐Grained Searchable Encryption Scheme in Fog‐Based Healthcare IoT Networks
CN104836790B (en) Fine-grained access control method is stored based on the chain type of encryption attribute and timestamp
CN113515759A (en) Block chain-based power terminal data access control method and system
Hao et al. Secure data sharing with flexible user access privilege update in cloud-assisted IoMT
Padhya et al. BTG-RKASE: Privacy Preserving Revocable Key Aggregate Searchable Encryption with Fine-grained Multi-delegation & Break-The-Glass Access Control.
Zhang et al. Cerberus: Privacy-preserving computation in edge computing
Mosteiro-Sanchez et al. End to end secure data exchange in value chains with dynamic policy updates
Preetha et al. Securing IoT-based healthcare systems from counterfeit medicine penetration using Blockchain
Oleiwi et al. A survey of the blockchain concept and mitigation challenges in different networks
CN109740383A (en) A kind of secret protection control method calculating medical system towards mist
Shi et al. Delegated Key‐Policy Attribute‐Based Set Intersection over Outsourced Encrypted Data Sets for CloudIoT
Lu et al. Novel Searchable Attribute‐Based Encryption for the Internet of Things
CN114244567B (en) CP-ABE method for supporting circuit structure in cloud environment
Almarwani et al. Flexible Access Control and Confidentiality over Encrypted Data for Document-based Database.
Soltani et al. Data capsule: A self-contained data model as an access policy enforcement strategy
CN111680306A (en) Attribute-based collaborative access control revocation method
CN111491294A (en) Switching-based privacy protection delay tolerant network routing method
Zhen et al. Multiauthority Attribute‐Based Keyword Search over Cloud‐Edge‐End Collaboration in IoV
Zheng et al. A Secure and Trusted Data Sharing Scheme Based on Blockchain for Government Data
Sun et al. Towards efficient sharing of encrypted data in cloud-based mobile social network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant