CN115484095A - Block chain-based fine-grained access control method in cloud edge collaborative environment - Google Patents
Block chain-based fine-grained access control method in cloud edge collaborative environment Download PDFInfo
- Publication number
- CN115484095A CN115484095A CN202211116020.6A CN202211116020A CN115484095A CN 115484095 A CN115484095 A CN 115484095A CN 202211116020 A CN202211116020 A CN 202211116020A CN 115484095 A CN115484095 A CN 115484095A
- Authority
- CN
- China
- Prior art keywords
- access control
- edge
- cloud
- block chain
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 35
- 239000011159 matrix material Substances 0.000 claims description 21
- 238000011217 control strategy Methods 0.000 claims description 12
- 230000008569 process Effects 0.000 claims description 11
- 238000004364 calculation method Methods 0.000 claims description 7
- 238000005516 engineering process Methods 0.000 abstract description 5
- 230000007246 mechanism Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000013475 authorization Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000013101 initial test Methods 0.000 description 1
- 230000035800 maturation Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000010363 phase shift Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a block chain-based fine-grained access control method in a cloud-edge collaborative environment, which comprises the following steps: a system initialization stage; an encryption stage; a transaction generation phase; a trapdoor generation stage; a searching stage; and (5) a decryption stage. In the invention, under a cloud edge collaborative environment, an authority center generates an initial partial key and a symmetric key, then different partial keys are respectively sent to an edge server and a data user, and the symmetric key is sent to an edge node. The user uses part of the secret keys to generate a search trapdoor and sends the search trapdoor to a corresponding edge server, a threshold secret sharing technology is utilized to recover a secret value in a consensus network, and a final private key is generated under the condition that access control is met, so that multiple authority generation of the private key is realized, and the security of the private key is effectively protected. In addition, under the cloud edge collaborative environment, the edge server is used for carrying out operations of encrypting data, decrypting data and searching and matching, and the computing overhead of a user is obviously reduced.
Description
Technical Field
The invention relates to the field of data encryption, in particular to a block chain-based fine-grained access control method in a cloud edge collaborative environment.
Background
Cloud computing is the development and implementation of several most important technologies in the field of social networking today. Including distributed computing, parallel computing, virtualization, etc. The cloud computing has the characteristics of strong computing capability, good expandability, low price and the like. With the gradual maturation and rapid development of cloud computing technology, a user with limited resources can store data in a cloud end, can enjoy efficient and rapid file storage and query services only with low cost, and greatly reduces local management overhead while enjoying high-quality data services, but the problems of safety and privacy become an important challenge, and how to guarantee high-quality data services and data security become a key problem to be solved urgently in cloud computing.
Edge computing refers to a new service model in which data or tasks can be computed and executed at the edge of the network near the source of the data. Due to the contradiction between the inherent characteristics of cloud computing and everything interconnection, the centralized computing processing mode of cloud computing is not enough for application program operation and mass data processing of the background perceived by the internet of things, and the problems of cloud center load, transmission bandwidth, data privacy protection and the like cannot be effectively solved by a cloud computing model. Therefore, edge computing is carried out at the same time, and the problem of big data processing of a cloud center and a network edge can be effectively solved by combining the edge computing with the existing cloud computing centralized processing model. One advantage of edge computing is that it breaks through the limitations of terminal hardware, allowing portable devices such as mobile terminals to participate in service computing in large quantities, achieving mobile data access, intelligent load balancing, and low management costs.
Searchable encryption is a cryptographic primitive that supports users searching on ciphertext according to keywords. The method mainly aims to solve the problem that a user conducts data query on encrypted cloud data, in a searchable encryption mechanism, firstly, a data owner conducts encryption storage on plaintext data to a cloud server according to an encryption algorithm of the data owner, when the data user wants to acquire the data on the cloud server, a certificate required for retrieval is sent to a cloud service, the cloud server conducts retrieval matching in the cloud server according to the sent certificate, if the matching is successful, a query result is returned to the data user in a ciphertext mode, and the data user receives the returned result and then conducts decryption locally.
The block chain is a specific data structure formed by combining data blocks in a chain mode according to time sequence, and is a tamper-proof and forgery-proof common ledger with a cryptology mode guarantee. The technology of different fields and subjects such as p2p network, cryptography, consensus algorithm and incentive mechanism are combined together. The method has the advantages that the local account book is generated through the cryptographic algorithm, the anonymity of the account is guaranteed, the consensus among different nodes is realized through the distributed consistency algorithm, the tampering of the historical data by malicious users is prevented, the quoting dependence among the blocks is generated through the Hash algorithm, and the history traceability is realized.
Threshold secret sharing is a simple and practical key sharing scheme. The scheme provides a (t, n) threshold secret sharing scheme, the secret value s is divided into n parts, and when any t or more than t of the secret value s are known, the secret value s can be recovered.
Under the cloud edge collaborative environment, most of the existing searchable encryption schemes give users encryption and decryption operations with high overhead, but the computing power of the users in real life is limited, so that the searching efficiency is low. Meanwhile, in most of the existing schemes, a single authorization mechanism is often adopted to generate the private key, the private key is easy to leak, and the efficiency is low, so that compared with a single authorization model, the most important challenge is that a plurality of entities authorize and cooperate to generate the private key, and the traceability and the security of the private key are ensured.
Disclosure of Invention
In order to solve the technical problems, the invention provides a block chain-based fine-grained access control method in a cloud-edge collaborative environment, which is simple in algorithm, safe and efficient.
The technical scheme for solving the technical problems is as follows: a block chain-based fine-grained access control method in a cloud edge collaborative environment comprises the following steps:
step one, an initialization stage;
step two, an encryption stage: and the data owner establishes an access control strategy and uploads the access control strategy and corresponding data to the corresponding edge server. And then the edge server uploads the data encryption to the cloud server, and simultaneously sends the keyword ciphertext and the access control strategy to other edge nodes.
Step three, a transaction generation phase: the edge server sends a request for entrusting transaction, and each node in the consensus network responds to become an entrusting computing node. The edge node then generates a transaction and broadcasts the transaction to other nodes in the blockchain network.
Step four, a trapdoor generation stage: the user generates a search trapdoor according to the keyword which the user wants to search.
Step five, a searching stage: after receiving the trapdoor sent by the user, the edge server firstly checks whether the trapdoor meets the access control matrix, if the attribute set is verified not to meet the access control matrix, the process is stopped, otherwise, the process is continued. And if the access control matrix is met, checking whether the corresponding data is contained, if so, acquiring the corresponding data from the cloud server, and otherwise, returning to 0.
Step six, a decryption stage: and when the submitted trapdoor meets the access control strategy, the secret value is cooperatively calculated by multiple parties of each node in the block chain. And the final private key decryption is obtained, and then the data is returned to the corresponding data user.
In the aforementioned fine-grained access control method based on the block chain in the cloud-edge collaborative environment, in the first step, the specific steps in the system initialization stage are as follows:
the AC selects the attribute set Atts as input. AC selects a bilinear pair e G 0 ×G 0 →G 1 Wherein G is 0 、G 1 Is a group of order q, g 0 、g 1 Is its generator. Selecting a secure hash function H:randomly selecting a, alpha, K, K,Where K is a symmetric key, generating a system public keyPartial private key SK 1 =(K 1 ,K 2 ) Wherein SK (phase Shift keying) transmitter 1 To the DU. Generating partial private Key SK 2 =(K x ,K 3 ) WhereinWhere x ∈ Atts, sends SK 2 To the EU. Generating the global parameter GP = (a, H, g) 0 ,g 1 ,G 0 ,G 1 )。
In the above fine-grained access control method based on the block chain in the cloud-edge collaborative environment, in the second step, the specific steps in the encryption stage are as follows:
the DO formulates an access control policy (M, rho), uploads (M, rho) and data F to the corresponding edge server, wherein rho represents a row-specific attribute, and M is an M x n matrix. EU random selectionRandomly selecting w-1 elements a i Generating a polynomial f (x) = s + a of degree w-1 1 x+…+a w-1 x w-1 . Then calculate sub i =f(x i ). S is divided into n parts, and the threshold value is w. Then randomly selecting a vectorAndcalculating out Then calculateSimultaneously randomly selecting beta,Computing keyword ciphertext WhereinAnd sending the key word ciphertext and the access control strategy to other edge nodes. And uploading the encrypted data generation ciphertext CT = F PK to the cloud server.
In the above fine-grained access control method based on a block chain in a cloud-edge collaborative environment, in the third step, the specific steps in the transaction generation phase are as follows:
EU sends out request for entrusting calculation, and each node of the consensus network responds to become an entrusting calculation node, and then gamma generated is used i Generating a transaction TS = { CNaddr, E (gamma) after encryption by using public keys of all nodes in a block chain j ),τ j Where CNaddr represents the list of addresses of the delegated compute node in the network, τ j Is a variable of definitionEU broadcasts the transaction to other nodes in the block chain network, and the entrusting node acquires gamma from the transaction i Then, the product is stored.
In the above fine-grained access control method based on the block chain in the cloud-edge collaborative environment, in the fourth step, the specific steps in the trapdoor generation stage are as follows:
DU is first randomly selected according to the keyword w' desired to be searchedGeneratingWherein Random selection of R c ∈G 0 Further randomization produces T 2 =SK 1 ·R c Submission of T w =(T 1 ,T 2 )。
In the above fine-grained access control method based on the block chain in the cloud-edge collaborative environment, in the fifth step, the specific steps in the search stage are as follows:
EU receives DU to search trapdoor T w And then, firstly checking whether the access control matrix M is satisfied, if the attribute set Atts is not satisfied with the access matrix M, stopping the process, otherwise, continuing the process. According to the satisfied access control matrix M, then obtaining a symmetric key K, and continuing to perform on the received trapdoor T w Calculating T 1 ×C 1 =C 2 And if so, acquiring corresponding data CT from the cloud server, otherwise, returning to 0.
The correctness is as follows:
if w = w', the equation holds.
In the foregoing fine-grained access control method based on a block chain in a cloud-edge collaborative environment, in the sixth step, the specific steps in the decryption stage are:
when the committed trapdoor satisfies the access control matrix M, the block chain has gamma j Node application calculation when threshold w nodes apply, multi-party collaboratively calculates s.
WhereinAnd then returns s to the corresponding EU. And after the final private key is obtained, decrypting and returning the data F to the corresponding data user.
The decryption process is as follows:
and finally, returning the data F desired by the user to the corresponding data user.
The invention has the beneficial effects that:
1. the invention provides a block chain-based fine-grained access control scheme in a cloud edge collaborative environment. The scheme comprises a data owner, an edge server, a block chain, an authority center, a cloud server and a data user. Further detailed definitions of the correlation algorithms are given according to the system model. In the model, after an authority center generates all initial test parameters and distributes corresponding keys to corresponding entities, a data owner can cooperate with a corresponding credible edge server, then the edge server encrypts data and related keywords, then uploads ciphertext to a cloud server, and the ciphertext keywords are distributed to other edge servers so as to be convenient for data users to inquire. If a legal data user wants to search related data according to corresponding keywords, a trapdoor can be generated according to the keywords and part of keys which want to be searched, the trapdoor is sent to a corresponding edge server, and then the edge server completes searching through the trapdoor and obtains a final key. And finally, matching corresponding data and meeting access control, returning a corresponding ciphertext from the cloud server, and finally decrypting and returning the ciphertext to the data user.
2. In the invention, under the cloud edge collaborative environment, the safe multi-party calculation of the block chain consensus network is realized by utilizing the threshold secret sharing technology, the generation of multiple authorization mechanisms of the private key is realized, and the safety and the privacy of the private key are effectively protected.
3. According to the invention, under the cloud-side collaborative environment, the edge server is used for encryption, decryption and search operation, so that the computing overhead of a user is effectively reduced.
Drawings
In order to more clearly illustrate the present invention, a system model diagram will be attached below.
FIG. 1 is a flow chart of the present invention.
FIG. 2 is a diagram of a system model according to the present invention.
Detailed Description
The invention is further described below with reference to the figures and examples.
As shown in fig. 2, fig. 2 is a system model, a cloud server is defined as a "honest and curious" semi-trusted entity, and an edge server is defined as a trusted entity.
As shown in fig. 1, a block chain-based fine-grained access control method in a cloud-edge collaborative environment mainly includes five stages: the method comprises the following steps of initialization, encryption, transaction generation, trapdoor generation and search; and (5) a decryption stage. The detailed steps are as follows:
the method comprises the following steps: an initialization stage:
the specific steps of the system initialization stage are as follows:
the AC selects the attribute set Atts as input. AC selects a bilinear pair e: G 0 ×G 0 →G 1 Wherein G is 0 、G 1 Is a group of order q, g 0 、g 1 Is its generator. Selecting a secure hash function H:randomly selecting a, alpha, K, K,Where K is a symmetric key, generating a system public keyPartial private key SK 1 =(K 1 ,K 2 ) In which SK transmitter 1 To the DU. Generating a partial private key SK 2 =(K x ,K 3 ) In whichWhere x ∈ Atts, send SK 2 To the EU. Generating the global parameter GP = (a, H, g) 0 ,g 1 ,G 0 ,G 1 )。
Step two: and (3) an encryption stage:
the encryption stage comprises the following specific steps:
the DO formulates an access control policy (M, rho), uploads (M, rho) and data F to the corresponding edge server, wherein rho represents a row-specific attribute, and M is an M x n matrix. EU random selectionRandomly selecting w-1 elements a i Generating a polynomial f (x) = s + a of degree w-1 1 x+…+a w-1 x w-1 . Then calculate sub i =f(x i ). And dividing s into n parts, wherein the threshold value is w. Then randomly selecting a vectorAndcomputing Then calculateSimultaneously randomly selecting beta,Computing keyword ciphertext WhereinAnd sending the key word ciphertext and the access control strategy to other edge nodes. And uploading the encrypted data generation ciphertext CT = F PK to the cloud server.
Step three: a transaction generation phase:
the transaction generation phase comprises the following specific steps:
EU sends out request for requesting computation, each node of the consensus network responds as a request computation node, and then gamma generated is used i Generating a transaction TS = { CNaddr, E (gamma) after encryption by using public keys of all nodes in a block chain j ),τ j Where CNaddr represents the list of addresses of the delegated compute node in the network, τ j Is a variable of definitionEU broadcasts the transaction to other nodes in the block chain network, and the entrusting node acquires gamma from the transaction i Then, the product is stored.
Step four: a trapdoor generation stage:
the specific steps of the generation stage of the trap are as follows:
DU is first randomly selected according to the keyword w' desired to be searchedGeneratingWherein Random selection of R c ∈G 0 Further randomization generates T 2 =SK 1 ·R c Submission of T w =(T 1 ,T 2 )。
Step five: a searching stage:
the specific steps in the search stage are as follows:
EU receives DU to search trap door T w And then, firstly, checking whether the access control matrix M is satisfied, if the attribute set Atts is verified not to satisfy the access matrix M, stopping the process, and if not, continuing the process. According to the satisfied access control matrix M, then obtaining a symmetric key K, and continuing to perform access control on the received trapdoor T w Calculating T 1 ×C 1 =C 2 And if so, acquiring corresponding data CT from the cloud server, otherwise, returning to 0.
The correctness is as follows:
if w = w', the equation holds.
Step six: and a decryption stage:
the specific steps of the decryption stage are as follows:
when the committed trapdoor satisfies the access control matrix M, the block chain has gamma j Node application calculation when threshold w nodes apply, multi-party collaboratively calculates s.
WhereinAnd then returns s to the corresponding EU. And after the final private key is obtained, decrypting and returning the data F to the corresponding data user.
The decryption process is as follows:
and finally, returning the data F wanted by the user to the corresponding data user.
Claims (7)
1. A block chain-based fine-grained access control method in a cloud edge collaborative environment is characterized by comprising the following steps:
step one, an initialization stage;
step two, an encryption stage: the data owner formulates an access control strategy, uploads the access control strategy and corresponding data to a corresponding edge server, then the edge server encrypts and uploads the data to a cloud server, and simultaneously sends a keyword ciphertext and the access control strategy to other edge nodes;
step three, a transaction generation phase: the edge server sends a request for entrusting the transaction, each node in the consensus network responds to become an entrusting computing node, and then the edge node generates a transaction and broadcasts the transaction to other nodes in the block chain network;
step four, a trapdoor generation stage: a user generates a search trapdoor according to a keyword which is required to be searched;
step five, a searching stage: after receiving the trapdoor sent by the user, the edge server firstly checks whether the trapdoor meets the access control matrix, if the attribute set does not meet the access control matrix, the process is stopped, otherwise, the execution is continued; if the access control matrix is met, checking whether corresponding data are contained, if so, acquiring the corresponding data from the cloud server, and otherwise, returning to 0;
step six, a decryption stage: and when the submitted trapdoor meets the access control strategy, the nodes in the block chain cooperate with each other in multiple ways to calculate a secret value, obtain the final private key decryption, and then return the data to the corresponding data user.
2. The method for fine-grained access control based on a block chain in a cloud-edge collaborative environment according to claim 1, wherein in the first step, the specific steps of a system initialization stage are as follows:
AC selects attribute set Atts as input, AC selects a bilinear pair e: G 0 ×G 0 →G 1 Wherein G is 0 、G 1 Is a group of order q, g 0 、g 1 Is the generator, selects the secure hash function H:randomly selecting a, alpha, K, K,Wherein K is a pairCalled a secret key, to generate a system public keyPartial private key SK 1 =(K 1 ,K 2 ) Wherein SK transmitter 1 For DU, a partial private key SK is generated 2 =(K x ,K 3 ) WhereinWhere x ∈ Atts, send SK 2 For EU, global parameter GP = (a, H, g) is generated 0 ,g 1 ,G 0 ,G 1 )。
3. The method for fine-grained access control based on the block chain in the cloud-edge collaborative environment according to claim 2, wherein in the second step, the specific steps in the encryption stage are as follows:
DO establishes an access control strategy (M, rho), uploads (M, rho) and uploads data F to a corresponding edge server, wherein rho represents a row specification attribute, M is an M multiplied by n matrix, and EU randomly selectsRandomly selecting w-1 elements a i Generating a polynomial f (x) = s + a of degree w-1 1 x+…+a w-1 x w-1 Then calculate sub i =f(x i ) Dividing s into n parts with threshold value of w, and randomly selecting a vectorAndcomputing Then calculateSimultaneously randomly selecting beta,Computing keyword ciphertext WhereinAnd sending the key word ciphertext and the access control strategy to other edge nodes, and uploading the encrypted data generation ciphertext CT = F PK to the cloud server.
4. The fine-grained access control method based on a block chain in a cloud-edge collaborative environment according to claim 3, wherein in the third step, the specific steps in the transaction generation phase are:
EU sends out request for requesting computation, each node of the consensus network responds as a request computation node, and then gamma generated is used i Generating a transaction TS = { CNaddr, E (gamma) after encryption by using public keys of all nodes in a block chain j ),τ j Where CNaddr represents the list of addresses of the delegated compute node in the network, τ j Is a variable of definitionEU broadcasts the transaction to other nodes in the blockchain networkPoint, delegate node gets γ from transaction i Then, the product is stored.
5. The fine-grained access control method based on the block chain in the cloud-edge collaborative environment according to claim 4, wherein in the fourth step, the specific steps in the trapdoor generation stage are as follows:
6. The fine-grained access control method based on the block chain in the cloud-edge collaborative environment according to claim 5, wherein in the fifth step, the specific steps in the search phase are:
EU receives DU to search trap door T w Then, firstly checking whether the access control matrix M is met, if the attribute set Atts is verified not to meet the access matrix M, stopping the process, otherwise, continuing the program, acquiring a symmetric key K according to the met access control matrix M, and continuing to perform the operation of the received trapdoor T w Calculating T 1 ×C 1 =C 2 If the data CT is not true, acquiring corresponding data CT from the cloud server, otherwise returning to 0,
the correctness is as follows:
if w = w', the equation holds.
7. The fine-grained access control method based on the block chain in the cloud edge collaborative environment according to claim 6, wherein in the sixth step, the specific steps in the ciphertext decryption stage are as follows:
when the submitted trapdoor meets the access control matrix M, the block chain has gamma j nodes to apply for calculation, when w nodes apply for calculation, the multi-party calculates s cooperatively,
whereinThen returning s to corresponding EU to obtain final private key, decrypting and returning data F to corresponding data user,
the decryption process is as follows:
and finally, returning the data F wanted by the user to the corresponding data user.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211116020.6A CN115484095B (en) | 2022-09-14 | 2022-09-14 | Fine granularity access control method based on blockchain in cloud-edge cooperative environment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211116020.6A CN115484095B (en) | 2022-09-14 | 2022-09-14 | Fine granularity access control method based on blockchain in cloud-edge cooperative environment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115484095A true CN115484095A (en) | 2022-12-16 |
CN115484095B CN115484095B (en) | 2024-05-07 |
Family
ID=84392491
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211116020.6A Active CN115484095B (en) | 2022-09-14 | 2022-09-14 | Fine granularity access control method based on blockchain in cloud-edge cooperative environment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115484095B (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111556495A (en) * | 2020-03-19 | 2020-08-18 | 西安电子科技大学 | Multi-user searchable encryption method and encryption system in Internet of vehicles environment |
CN112543099A (en) * | 2020-11-25 | 2021-03-23 | 南京邮电大学 | Certificateless searchable encryption method based on edge calculation |
US20210096911A1 (en) * | 2020-08-17 | 2021-04-01 | Essence Information Technology Co., Ltd | Fine granularity real-time supervision system based on edge computing |
WO2022007889A1 (en) * | 2020-07-08 | 2022-01-13 | 浙江工商大学 | Searchable encrypted data sharing method and system based on blockchain and homomorphic encryption |
CN114398650A (en) * | 2021-12-16 | 2022-04-26 | 西安电子科技大学 | Searchable encryption system and method supporting multi-keyword subset retrieval |
CN114640458A (en) * | 2022-03-28 | 2022-06-17 | 湖南科技大学 | Fine-grained multi-user secure searchable encryption method in cloud-edge collaborative environment |
-
2022
- 2022-09-14 CN CN202211116020.6A patent/CN115484095B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111556495A (en) * | 2020-03-19 | 2020-08-18 | 西安电子科技大学 | Multi-user searchable encryption method and encryption system in Internet of vehicles environment |
WO2022007889A1 (en) * | 2020-07-08 | 2022-01-13 | 浙江工商大学 | Searchable encrypted data sharing method and system based on blockchain and homomorphic encryption |
US20210096911A1 (en) * | 2020-08-17 | 2021-04-01 | Essence Information Technology Co., Ltd | Fine granularity real-time supervision system based on edge computing |
CN112543099A (en) * | 2020-11-25 | 2021-03-23 | 南京邮电大学 | Certificateless searchable encryption method based on edge calculation |
CN114398650A (en) * | 2021-12-16 | 2022-04-26 | 西安电子科技大学 | Searchable encryption system and method supporting multi-keyword subset retrieval |
CN114640458A (en) * | 2022-03-28 | 2022-06-17 | 湖南科技大学 | Fine-grained multi-user secure searchable encryption method in cloud-edge collaborative environment |
Non-Patent Citations (4)
Title |
---|
BURAK KALECI: "Plane Segmentation of Point Cloud Data Using Split and Merge Based Method", 《2019 3RD INTERNATIONAL SYMPOSIUM ON MULTIDISCIPLINARY STUDIES AND INNOVATIVE TECHNOLOGIES (ISMSIT)》, 16 December 2019 (2019-12-16) * |
张强: "基于多边缘服务器的个性化搜索隐私保护方法", 《通信学报》, 25 February 2019 (2019-02-25) * |
李晓蓉;宋子夜;任婧怡;徐磊;许春根;: "云计算中基于属性的可搜索加密电子病历系统", 计算机科学, no. 2, 15 November 2017 (2017-11-15) * |
王汝言;刘宇哲;张普宁;亢旭源;李学芳;: "面向物联网的边云协同实体搜索方法", 计算机工程, no. 08, 15 August 2020 (2020-08-15) * |
Also Published As
Publication number | Publication date |
---|---|
CN115484095B (en) | 2024-05-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11973889B2 (en) | Searchable encrypted data sharing method and system based on blockchain and homomorphic encryption | |
CN110474893B (en) | Heterogeneous cross-trust domain secret data secure sharing method and system | |
Zhang et al. | Data security and privacy-preserving in edge computing paradigm: Survey and open issues | |
Li et al. | Full verifiability for outsourced decryption in attribute based encryption | |
Zhang et al. | Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing | |
Li et al. | Searchable ciphertext‐policy attribute‐based encryption with revocation in cloud storage | |
Wang et al. | Verifiable and multi-keyword searchable attribute-based encryption scheme for cloud storage | |
Li et al. | Attribute-based keyword search and data access control in cloud | |
Chenam et al. | A designated cloud server-based multi-user certificateless public key authenticated encryption with conjunctive keyword search against IKGA | |
Wang et al. | Secure channel free id-based searchable encryption for peer-to-peer group | |
CN110933033A (en) | Cross-domain access control method for multiple Internet of things domains in smart city environment | |
Qiu et al. | Identity-based private matching over outsourced encrypted datasets | |
Baseri et al. | Privacy preserving fine-grained location-based access control for mobile cloud | |
Liu et al. | EMK-ABSE: Efficient multikeyword attribute-based searchable encryption scheme through cloud-edge coordination | |
Zhang et al. | Time and attribute based dual access control and data integrity verifiable scheme in cloud computing applications | |
Wang et al. | Ks-abeswet: A keyword searchable attribute-based encryption scheme with equality test in the internet of things | |
CN114697042A (en) | Block chain-based Internet of things security data sharing proxy re-encryption method | |
CN115834067A (en) | Ciphertext data sharing method in edge cloud collaborative scene | |
Cui et al. | Towards Multi-User, Secure, and Verifiable $ k $ NN Query in Cloud Database | |
Ren et al. | Decentralized multi-authority attribute-based searchable encryption scheme | |
Yan et al. | Secure and efficient big data deduplication in fog computing | |
CN116545741A (en) | Agent re-encryption reverse firewall method based on blockchain | |
Wu et al. | Efficient access control with traceability and user revocation in IoT | |
Hu et al. | Public-key encryption with keyword search via obfuscation | |
Tian et al. | Hierarchical authority based weighted attribute encryption scheme |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |