CN114244501A - Power data privacy protection system and implementation method thereof, and encryption attribute revocation method - Google Patents

Power data privacy protection system and implementation method thereof, and encryption attribute revocation method Download PDF

Info

Publication number
CN114244501A
CN114244501A CN202111353818.8A CN202111353818A CN114244501A CN 114244501 A CN114244501 A CN 114244501A CN 202111353818 A CN202111353818 A CN 202111353818A CN 114244501 A CN114244501 A CN 114244501A
Authority
CN
China
Prior art keywords
user
key
attribute
data
decryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111353818.8A
Other languages
Chinese (zh)
Inventor
薛庆水
时雪磊
薛震
王晨阳
王俊华
马海峰
单志勇
纵卫东
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Chanmao Technology Co ltd
Donghua University
Shanghai Institute of Technology
Original Assignee
Shanghai Chanmao Technology Co ltd
Donghua University
Shanghai Institute of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Chanmao Technology Co ltd, Donghua University, Shanghai Institute of Technology filed Critical Shanghai Chanmao Technology Co ltd
Priority to CN202111353818.8A priority Critical patent/CN114244501A/en
Publication of CN114244501A publication Critical patent/CN114244501A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0471Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying encryption by an intermediary, e.g. receiving clear information at the intermediary and encrypting the received information at the intermediary before forwarding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to a power data privacy protection system, an implementation method thereof and an encryption attribute revocation method, which comprise six entities: the system comprises an attribute authorization center, an electric power data owner, an electric power data user, a cloud storage server, an agent decryption server and a user verification center, wherein the six entities are communicated through the Internet; an attribute encryption technology is introduced, a private key revocation scheme is given, fine-grained decryption authority of a user is achieved through an attribute-based encryption mode, whether the user has the decryption authority or not is judged through user attributes, and privacy of power users is protected. The method is used for protecting the private data of the user and preventing the user from being maliciously accessed.

Description

Power data privacy protection system and implementation method thereof, and encryption attribute revocation method
Technical Field
The invention relates to a personal data security technology, in particular to a power data privacy protection system and an implementation method thereof, and an encryption attribute revocation method.
Background
With the development of internet technology, various industries are merging with network acceleration and making these industries reform. The 'internet +' in the early years provides powerful policy support for the development of the internet, the internet technology of China has gone ahead of the world after years of development, and the network becomes an indispensable component in life unconsciously. But the network provides convenience for life and has various hidden dangers. Today, the world is under the wave of information revolution, and various behaviors of people are shown in the form of data on the network, and the network world is just like a digital mapping of the real world, which can make some invisible behaviors and laws exist in the network in the form of data, and through the image analysis of the data, the personal privacy is exposed. There is no privacy talkable to the user in front of the network if the data in the network is not protected. Currently, the power industry is developing towards a smart grid, electric energy transaction is also transferred from off-line to on-line, and various privacy information of people is transmitted in the on-line power transaction process, so that it is important to safely protect power transaction data.
In 2005, Sahai and Waters first proposed concepts and algorithms for attribute-based encryption at the european annual meeting of cryptography. A set of attributes is granted to the user, and the ciphertext or the key is associated with the user attributes, so that the user can correctly decrypt the ciphertext only if the user attribute set meets the access policy. In 2007, Bethenconort et al proposed ciphertext policy attribute based encryption (CP-ABE), associated access policies with data ciphertexts, and embedded user attributes into a user private key, thereby implementing a one-person encryption and multi-person decryption encryption scheme.
Disclosure of Invention
Aiming at the problem of information security of private data of power users, an electric power data privacy protection system, an implementation method thereof and an encryption attribute revocation method are provided, and an attribute-based encryption scheme is applied to a smart grid scene to protect the private data of the users in the scene.
The technical scheme of the invention is as follows: a power data privacy protection system comprising six entities: the system comprises an attribute authorization center, an electric power data owner, an electric power data user, a cloud storage server, an agent decryption server and a user verification center, wherein the six entities are communicated through the Internet;
the attribute authorization center is a trusted entity and is used for generating a system master key MK, a system public key PK and a user identity key VKuUser private key SK and setting version PK for user attributexAnd mixing PK and PKxDisclosed in the system, will VKuSK is separately sent to corresponding data access users;
the cloud storage server: the system is used for storing the encrypted ciphertext of the electric power data owner and re-encrypting the ciphertext containing the revocation attribute in the access strategy when the system attribute is revoked;
the proxy decryption server: the user entrusts to semi-decrypt the ciphertext transmitted from the CSS of the cloud storage server, so that the calculation burden of the user terminal is reduced;
the user verification center: the trusted entity is used for verifying the identity of the data access user and participating in the decryption process;
the electric power data owner: the intelligent power grid data owner is a trusted entity and is responsible for encrypting private data, formulating a data access control strategy and uploading the encrypted data to a cloud storage server;
the power data user: and if the attribute set of the data access user meets the access strategy set by the power data owner, the ciphertext is successfully decrypted to obtain the required data.
An implementation method of a power data privacy protection system specifically comprises the following steps:
1) a system initialization stage: executing an algorithm Setup (λ), this phase being performed by the attribute authority, generating a system public key PK to be sent to the data owner, a system master key MK, and setting a public attribute key PK for each attribute x present in the systemx
2) A user private key generation stage: algorithm KeyGen (MK, S, PK) is performedx) The process is completed by the attribute authority center, and the system master key MK, the user attribute set S and the attribute key PKxParticipating in the generation operation of the private key of the user, and generating the private key SK, the transformation key TK and the user identity key VK for each user in the systemuSending the data to a user verification center;
3) a data encryption stage: executing an algorithm Encrypt (PK, M, (M, rho)), wherein the algorithm Encrypt is executed by a power data owner, inputting a system public key PK, power privacy data M and a data access strategy (M, rho), outputting a ciphertext CT and sending the ciphertext CT to a cloud storage server for storage;
4) a proxy decryption stage: executing algorithm Transform (TK, CT), wherein the step is completed by the proxy decryption server, and generating a semi-decrypted ciphertext TCT by calculating the TK and the ciphertext CT called from the cloud storage server and sending the semi-decrypted ciphertext TCT to a User Authentication Center (UAC);
5) and (3) user identity processing stage: execution of the algorithm UserVerandDec (C', VK)uTCT), this phase being performed by the user authentication center UAC, the key sub-item C' solved by the transformation key TK, the user identity key VKuThe semi-decrypted ciphertext TCT is used as an input,calculating an output CT';
6) and a user decryption stage: and executing an algorithm Decrypt (SK, CT '), wherein the step is executed by the power data user DU, the CT' is decrypted by using a user private key SK, if the decryption calculation is successful, the power private data m is output, and if the decryption process is wrong or fails, a terminator is output.
Further, the attribute authority in step 2) generates a user identity key VK for each user in the systemuAnd mixing VKuAnd the attribute authorization center generates a user private key SK according to the user attribute set S and sends the user private key SK to the data access user, and a part of key sub-items in the user private key SK form a conversion key TK and send the conversion key TK to the proxy decryption server.
Further, the proxy decryption server in the step 4) receives the TK of the power data user to decrypt the ciphertext CT downloaded from the cloud storage server, if decryption is successful, the user attribute set meets an access strategy set by a privacy data owner, and the semi-decrypted ciphertext TCT is sent to the user verification center; and if the decryption fails, returning a failure result to the user.
A method for revoking encryption attribute of power data privacy protection system includes that when a system is in operation, if a user private key SK needs to be revoked, an attribute authorization center modifies a user identity key VKuAnd modifying the VKuAnd sending the encrypted data to a user verification center, wherein the original private key of the user is invalid in the decryption process due to the change of the identity key, so that the user can not pass the identity verification stage in the decryption process, namely the user does not have the decryption capability any more.
The invention has the beneficial effects that: the invention relates to a power data privacy protection system and an implementation method thereof, and an encryption attribute revocation method, wherein an attribute encryption technology is introduced, a private key revocation scheme is given, fine-grained decryption authority of a user is realized in an attribute-based encryption mode, whether the user has the decryption authority is judged according to the user attribute, and the privacy of a power-consuming user is protected. The method is used for protecting the private data of the user and preventing the user from being maliciously accessed.
Drawings
Fig. 1 is a model diagram of a power data privacy protection system according to an embodiment of the present invention.
Fig. 2 is an implementation diagram of an implementation method of the power data privacy protection system according to the embodiment of the present invention.
Detailed Description
The invention is described in detail below with reference to the figures and specific embodiments. The present embodiment is implemented on the premise of the technical solution of the present invention, and a detailed implementation manner and a specific operation process are given, but the scope of the present invention is not limited to the following embodiments.
Fig. 1 shows a model diagram of a power data privacy protection system, which includes six entities: the system comprises an attribute authorization center, an electric power data owner, an electric power data user, a cloud storage server, an agent decryption server and a user verification center, wherein the six entities are communicated through the Internet;
an attribute authorization center AA for generating a system master key MK, a system public key PK and a user identity key VKuUser private key SK and setting version PK for user attributexAnd mixing PK and PKxDisclosed in the system, will VKuSK is separately sent to corresponding user, attribute authorization center is credible entity;
cloud storage server CSS: the system is used for storing the encrypted ciphertext of the data owner and re-encrypting the ciphertext containing the revocation attribute in the access strategy when the system attribute is revoked, and the cloud storage server is a suspicious entity, namely, the privacy data can be snooped;
proxy decryption server PDS: the user entrusts to semi-decrypt the ciphertext transmitted from the CSS of the cloud storage server, the calculation burden of the user terminal is reduced, and the proxy decryption server is a suspicious entity and can snoop privacy data;
user authentication center UAC: the system is used for verifying the identity of a data access user and participating in a decryption process, and is a trusted entity;
electric power data owner DO: the intelligent power grid data access control system is a data owner (an electric power provider, an electric power company and the like) of an intelligent power grid, and is responsible for encrypting private data, formulating a data access control strategy, and uploading the encrypted data to a Cloud Storage Server (CSS) to form a trusted entity;
power data user DU: the user who wants to access (decrypt) the ciphertext data is indicated, if the attribute set of the user meets the access strategy set by the data owner, the ciphertext can be successfully decrypted, the data access user is an untrusted entity, and the malicious data access user can attack the system.
An implementation method of a power data privacy protection system is shown in fig. 2, and the privacy protection method includes the following stages:
the first stage, the system initialization stage: executing an algorithm Setup (λ), which is done by the attribute authority AA, generating a system public key PK, a system master key MK to be sent to the data owner DO and setting a public attribute key PK for each attribute x present in the systemx
The attribute authorization center generates a system main private key MK and a system public key PK according to the security parameter lambda, and sets an attribute parameter V for each attribute x of the attributes existing in the systemxAnd a corresponding public attribute key PKx
Second stage, user private key generation stage: algorithm KeyGen (MK, S, PK) is performedx) The stage is completed by an attribute authorization center AA, and a system master key MK, a user attribute set S and an attribute key PKxParticipating in the private key generation operation, and generating a private key SK, a conversion key TK and a user identity key VK for each user in the systemuSending the data to a User Authentication Center (UAC);
attribute authority AA generates user identity key VK for each user in systemuAnd mixing VKuThe key conversion method comprises the steps that the key conversion key is sent to a User Authentication Center (UAC), an attribute authorization center (AA) generates a user private key SK according to a user attribute set (S) and sends the user private key SK to a data access user (namely a power Data User (DU)), and a part of key subentries in the user private key SK form a conversion key TK and send the conversion key TK to an agent decryption server (PDS);
the third stage, data encryption stage: executing an algorithm Encrypt (PK, M, (M, rho)), wherein the algorithm Encrypt is executed by the electric power data owner DO, inputting a system public key PK, electric power privacy data M and a data access strategy (M, rho), outputting a ciphertext CT and sending the ciphertext CT to a cloud storage server CSS for storage;
the electric power data owner sets an access control strategy (M, rho), encrypts the electric power private data M according to a system public key PK, and sends an encrypted ciphertext CT to a cloud storage server CSS for storage;
the fourth stage, the proxy decryption stage: executing an algorithm Transform (TK, CT), wherein the stage is finished by a proxy decryption server PDS, and a semi-decryption ciphertext TCT is generated by calculating a conversion key TK and a ciphertext CT called from a cloud storage server CSS and is sent to a user authentication center UAC;
the agent decryption server PDS receives a conversion key TK of the power data user DU to decrypt a ciphertext CT downloaded from the cloud storage server CSS, and if decryption is successful (namely the user attribute set meets an access strategy set by a privacy data owner), a decryption result (semi-decrypted ciphertext) TCT is sent to a user authentication center UAC; if the decryption fails, returning a failure result to the user;
the fifth stage, user identity processing stage: execution of the algorithm UserVerandDec (C', VK)uTCT), this phase being performed by the user authentication center UAC, the key sub-item C' solved by the transformation key TK, the user identity key VKuTaking the semi-decrypted ciphertext TCT as an input, and calculating and outputting CT';
user identity version key VK stored by user authentication center UACuAnd carrying out operation processing on the semi-decrypted ciphertext TCT and returning an operation result CT' to the user.
Sixth stage, user decryption stage: and executing an algorithm Decrypt (SK, CT '), wherein the algorithm is executed by the power data user DU, the user private key SK is used for decrypting the CT', if the decryption calculation is successful, the power privacy data m is output, and if the decryption process is wrong or fails, a terminator is output.
And the data access user performs final decryption calculation on the CT ', if the user identity key is correct, the decryption can be successful, otherwise, the privacy information m cannot be obtained according to the CT'.
Wherein, when the system is running, if the private key of a certain user needs to be revoked, the attribute authority AA modifies the identity key VK of the useruAnd modifying the VKuSent to the user authentication center UAC byWhen the identity key is changed, the original private key of the user is invalid in the decryption process, so that the user can not pass the authentication stage in the decryption process, namely the user does not have the decryption capability any more.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (5)

1. A power data privacy protection system, comprising six entities: the system comprises an attribute authorization center, an electric power data owner, an electric power data user, a cloud storage server, an agent decryption server and a user verification center, wherein the six entities are communicated through the Internet;
the attribute authorization center is a trusted entity and is used for generating a system master key MK, a system public key PK and a user identity key VKuUser private key SK and setting version PK for user attributexAnd mixing PK and PKxDisclosed in the system, will VKuSK is separately sent to corresponding data access users;
the cloud storage server: the system is used for storing the encrypted ciphertext of the electric power data owner and re-encrypting the ciphertext containing the revocation attribute in the access strategy when the system attribute is revoked;
the proxy decryption server: the user entrusts to semi-decrypt the ciphertext transmitted from the CSS of the cloud storage server, so that the calculation burden of the user terminal is reduced;
the user verification center: the trusted entity is used for verifying the identity of the data access user and participating in the decryption process;
the electric power data owner: the intelligent power grid data owner is a trusted entity and is responsible for encrypting private data, formulating a data access control strategy and uploading the encrypted data to a cloud storage server;
the power data user: and if the attribute set of the data access user meets the access strategy set by the power data owner, the ciphertext is successfully decrypted to obtain the required data.
2. The implementation method of the power data privacy protection system according to claim 1, specifically comprising the following steps:
1) a system initialization stage: executing an algorithm Setup (λ), this phase being performed by the attribute authority, generating a system public key PK to be sent to the data owner, a system master key MK, and setting a public attribute key PK for each attribute x present in the systemx
2) A user private key generation stage: algorithm KeyGen (MK, S, PK) is performedx) The process is completed by the attribute authority center, and the system master key MK, the user attribute set S and the attribute key PKxParticipating in the generation operation of the private key of the user, and generating the private key SK, the transformation key TK and the user identity key VK for each user in the systemuSending the data to a user verification center;
3) a data encryption stage: executing an algorithm Encrypt (PK, M, (M, rho)), wherein the algorithm Encrypt is executed by a power data owner, inputting a system public key PK, power privacy data M and a data access strategy (M, rho), outputting a ciphertext CT and sending the ciphertext CT to a cloud storage server for storage;
4) a proxy decryption stage: executing algorithm Transform (TK, CT), wherein the step is completed by the proxy decryption server, and generating a semi-decrypted ciphertext TCT by calculating the TK and the ciphertext CT called from the cloud storage server and sending the semi-decrypted ciphertext TCT to a User Authentication Center (UAC);
5) and (3) user identity processing stage: execution of the algorithm UserVerandDec (C', VK)uTCT), this phase being performed by the user authentication center UAC, the key sub-item C' solved by the transformation key TK, the user identity key VKuTaking the semi-decrypted ciphertext TCT as an input, and calculating and outputting CT';
6) and a user decryption stage: and executing an algorithm Decrypt (SK, CT '), wherein the step is executed by the power data user DU, the CT' is decrypted by using a user private key SK, if the decryption calculation is successful, the power private data m is output, and if the decryption process is wrong or fails, a terminator is output.
3. The method for implementing the power data privacy protection system as claimed in claim 2, wherein the attribute authority in step 2) generates a user identity key VK for each user in the systemuAnd mixing VKuAnd the attribute authorization center generates a user private key SK according to the user attribute set S and sends the user private key SK to the data access user, and a part of key sub-items in the user private key SK form a conversion key TK and send the conversion key TK to the proxy decryption server.
4. The implementation method of the power data privacy protection system according to claim 2 or 3, wherein the step 4) the proxy decryption server receives a transformation key TK of a power data user to decrypt a ciphertext CT downloaded from the cloud storage server, and if decryption is successful, that is, the user attribute set meets an access policy set by a privacy data owner, the proxy decryption server sends a semi-decrypted ciphertext TCT to the user verification center; and if the decryption fails, returning a failure result to the user.
5. A method for revoking encryption attribute of power data privacy protection system is characterized in that when the system runs, if a user private key SK needs to be revoked, an attribute authorization center modifies a user identity key VKuAnd modifying the VKuAnd sending the encrypted data to a user verification center, wherein the original private key of the user is invalid in the decryption process due to the change of the identity key, so that the user can not pass the identity verification stage in the decryption process, namely the user does not have the decryption capability any more.
CN202111353818.8A 2021-11-16 2021-11-16 Power data privacy protection system and implementation method thereof, and encryption attribute revocation method Pending CN114244501A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111353818.8A CN114244501A (en) 2021-11-16 2021-11-16 Power data privacy protection system and implementation method thereof, and encryption attribute revocation method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111353818.8A CN114244501A (en) 2021-11-16 2021-11-16 Power data privacy protection system and implementation method thereof, and encryption attribute revocation method

Publications (1)

Publication Number Publication Date
CN114244501A true CN114244501A (en) 2022-03-25

Family

ID=80749612

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111353818.8A Pending CN114244501A (en) 2021-11-16 2021-11-16 Power data privacy protection system and implementation method thereof, and encryption attribute revocation method

Country Status (1)

Country Link
CN (1) CN114244501A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115632760A (en) * 2022-08-24 2023-01-20 北银金融科技有限责任公司 Data encryption authorization method based on electronic prescription transfer platform
CN116033295A (en) * 2022-11-11 2023-04-28 国家电网有限公司 Communication processing system based on electric power mobile operation terminal

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108810004A (en) * 2018-06-22 2018-11-13 西安电子科技大学 More authorization center access control methods, cloud storage system can be revoked based on agency
CN109286491A (en) * 2018-10-18 2019-01-29 上海海事大学 A kind of key policy attribute base encryption method based on proxy revocation
US20200322142A1 (en) * 2019-04-05 2020-10-08 Arizona Board Of Regents On Behalf Of Arizona State University Method and Apparatus for Achieving Fine-Grained Access Control with Discretionary User Revocation Over Cloud Data
CN112564903A (en) * 2020-12-08 2021-03-26 西安电子科技大学 Decentering access control method for data security sharing in smart power grid
CN113645206A (en) * 2021-07-28 2021-11-12 上海纽盾网安科技有限公司 Cloud storage data access control method and system for different user requirements

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108810004A (en) * 2018-06-22 2018-11-13 西安电子科技大学 More authorization center access control methods, cloud storage system can be revoked based on agency
CN109286491A (en) * 2018-10-18 2019-01-29 上海海事大学 A kind of key policy attribute base encryption method based on proxy revocation
US20200322142A1 (en) * 2019-04-05 2020-10-08 Arizona Board Of Regents On Behalf Of Arizona State University Method and Apparatus for Achieving Fine-Grained Access Control with Discretionary User Revocation Over Cloud Data
CN112564903A (en) * 2020-12-08 2021-03-26 西安电子科技大学 Decentering access control method for data security sharing in smart power grid
CN113645206A (en) * 2021-07-28 2021-11-12 上海纽盾网安科技有限公司 Cloud storage data access control method and system for different user requirements

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115632760A (en) * 2022-08-24 2023-01-20 北银金融科技有限责任公司 Data encryption authorization method based on electronic prescription transfer platform
CN116033295A (en) * 2022-11-11 2023-04-28 国家电网有限公司 Communication processing system based on electric power mobile operation terminal
CN116033295B (en) * 2022-11-11 2023-12-29 国家电网有限公司 Communication processing system based on electric power mobile operation terminal

Similar Documents

Publication Publication Date Title
CN110855671B (en) Trusted computing method and system
CN108810895B (en) Wireless Mesh network identity authentication method based on block chain
CN109800584B (en) Identity or attribute encryption calculation method and system based on Intel SGX mechanism
JP2552061B2 (en) Method and apparatus for preventing network security policy violation in public key cryptosystem
Paulson Inductive analysis of the internet protocol TLS
CN106104562B (en) System and method for securely storing and recovering confidential data
CN111464301B (en) Key management method and system
US7688975B2 (en) Method and apparatus for dynamic generation of symmetric encryption keys and exchange of dynamic symmetric key infrastructure
US7877604B2 (en) Proof of execution using random function
CN106487765B (en) Authorized access method and device using the same
WO2013112901A1 (en) System and method for securing private keys issued from distributed private key generator (d-pkg) nodes
JP2023500570A (en) Digital signature generation using cold wallet
JP2000165373A (en) Enciphering device, cryptographic communication system, key restoration system and storage medium
CN108471352A (en) Processing method, system, computer equipment based on distributed private key and storage medium
CN114244501A (en) Power data privacy protection system and implementation method thereof, and encryption attribute revocation method
CN115242553B (en) Data exchange method and system supporting safe multi-party calculation
CN113868684A (en) Signature method, device, server, medium and signature system
CN114500069A (en) Method and system for storing and sharing electronic contract
CN110557367B (en) Secret key updating method and system for quantum computing secure communication resistance based on certificate cryptography
CN114218584A (en) Power data privacy protection model and method for system-level revocable attribute encryption
WO2024139347A1 (en) Method, system and apparatus for securely acquiring sensitive information, and electronic device
CN113468582A (en) Anti-quantum computing encryption communication method
CN116015906B (en) Node authorization method, node communication method and device for privacy calculation
Keleman et al. Secure firmware update in embedded systems
WO2023284691A1 (en) Account opening method, system, and apparatus

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20220325