KR101220160B1 - Secure data management method based on proxy re-encryption in mobile cloud environment - Google Patents

Abstract

PURPOSE: A data management method in a mobile cloud environment based on safe proxy encryption is provided to protect data by setting a high threshold value proportional to data having high sensitivity. CONSTITUTION: A data owner generates a public key and a master key by using a security parameter and a system universe(101). The data owner encrypts files to generate a new file before transmitting the files to a CSP(Cloud Service Provider)(102). The data owner allocates an access structure of a user(103). The data owner outputs a redefined proxy reencryption key by updating components of the public key and the master key(104). A right manager decodes a password matched with a private key of the user(105). The CSP deletes data(106). [Reference numerals] (101) System setup; (102) File encryption; (103) New user permission(W,P); (104) User recantation; (105) File accessor; (106) File deletion

Description

Secure Data Management method based on Proxy Re-Encryption in Mobile Cloud Environment}

The present invention relates to a secure proxy re-encryption based data management method in a mobile cloud environment that can provide confidentiality of data stored in a cloud server.

Cloud computing, which provides computing resources as a service over the Internet, is a new computing paradigm that is attracting attention from academia and industry. Such cloud computing services are expected to expand into the mobile business area. Recently, a new service trend called mobile cloud, a cloud computing service based on mobile devices such as smartphones, is emerging due to the improvement of wireless devices and the development of networks.

Research firms report that by 2014, cloud computing will be used primarily for mobile services. Mobile cloud is a combination of cloud computing technology and mobile services. In other words, the mobile cloud service uses the cloud service through all mobile devices (smartphone, notebook, PDA, etc.). An example is the mobile office service provided by Sonr. Sunnal provides a mobile office service that allows you to view, backup, and print office files such as PowerPoint files on your iPhone without a separate office program. When the service user installs the mobile cloud application on the mobile terminal, the result of executing the cloud server through the remote user interface technology can be confirmed.

Currently, the commercialized mobile cloud service provides simple data access, backup, synchronization, etc., but in the future, anytime, anywhere access to the Internet will create a computing environment that can receive anything as service from cloud operators. . Taking the medical environment as an example, doctors can be provided with services that enable them to conduct care for their patients anytime, anywhere, and not just at the hospital, but also outside the workplace. In addition to searching and viewing the specific patient's medical records with his mobile device, the patient's medical records can be provided with an analytical service that detects abnormal signs of a specific disease without installing a separate tool. In addition, mobile cloud services retain the characteristics of cloud computing, such as paying as you go and self-provisioning resources for flexible and rapid allocation of computing resources. It is expected that the sharing and utilization of computing resources as services rather than physically owning them will be provided in various application areas as well as medical environments because they are more efficient in terms of maintenance and maintenance.

However, despite these useful features, there are a number of risks to consider in order to introduce and utilize mobile cloud computing into existing business environments. In particular, it is important to maintain the confidentiality of medical data because medical data deals with sensitive information that may invade a person's privacy.

On the other hand, not only the confidentiality of data, but also the fine-grained access control according to the user's property when the information is viewed, for example, the data access right according to each user's property such as the position of president, manager, manager, etc. Should be. In addition, there should be a function to revoke the authority to view a specific user's data. For example, if a user expires on the service on December 1, 2010, there is a need for a method to efficiently remove a user who is withdrawn from the system.

Examples of such methods are described in S.C. Yu, C. Wang, K.I. Ren and W.J. Published by Proceedings IEEE, pp. 321-334, 2010, entitled "Achieving Secure, Scalable, and Fine-Grained Data Access Control in Cloud Computing," by Lou. In this paper, KP-ABE (Key Policy-Attribute Based Encryption) is used to ensure data confidentiality and flexible access control, and PRE (Proxy Re-Encryption) is used to specify a method of delegating tasks to cloud servers. It solves the problem of calculation overload such as key generation according to user's use. It also suggests ways to withdraw a particular user from the system.

However, the method proposed in the paper enables illegal data access (e.g., access to expired user's data) through collusion between the withdrawn user and the cloud server. In addition, since there is a lack of a privilege management function, which is a procedure for determining and approving an access right for a legitimate user, there is a problem of user rights management for information sharing and utilization.

Accordingly, the present invention was created in view of the above circumstances, and an object of the present invention is to provide a secure proxy re-encryption based data management method in a mobile cloud environment that can provide confidentiality of data stored in a cloud server.

A method for secure proxy re-encryption based data management in a mobile cloud environment according to the present invention for achieving the above object comprises the steps of: a) a data owner generating a public key and a master key using a system universe and security parameters; b) the data owner signing the public key and sending the signed public key to a rights manager; And c) selecting an ID of the data file to be created by the data owner, randomly selecting a symmetric data encryption key in a key space and encrypting the data file using the encryption key to generate the body of the data file to be created. Generate and store the body in a cloud service provider (CSP), define a property set for the data file and encrypt the encryption key in a KP-ABE manner to generate a header of the data file to be generated; Providing a header of a data file to the rights manager.

The method further comprises: d) if a new user wants to join the system, the data owner assigns an access structure of the new user and generates a secret key based on the access structure and the master key; e) encrypting the access structure, secret key, public key and signature with the new user's public key; f) sending the signature encrypted by step e), an access structure excluding the dummy attribute and the signature to the rights manager; g) the rights manager verifies that the encrypted keys, the dummy attribute excludes the access structure and the signature of the data owner upon receipt of the signature, and stores the access structure excludes the dummy attribute in the system user list; Delivering the encrypted keys to the new user; And h) the new user who has received the encrypted keys to the new user decrypts the encrypted keys with his private key, checks that the signature is correct and accepts the access structure, secret key and public key as his own. Is characterized in that it further comprises a step.

The method may include: i) when revoking the right to view a data of a specific user, when the data owner is updated with the components of the master key and the public key, the components of the master key and the public key are redefined as proxy updates. The method may further include generating an encryption key.

delete

The method further includes j) when the user accesses data, the authority manager determines the access authority of the user, and accordingly acquires a cipher text that matches the user's secret key.

delete

The method includes: k) the data owner attaches his signature to the ID of the file to be deleted and sends it to the rights manager group to delete the data file of the CSP, if the signature is verified and proved legitimate; The administrator group may further include deleting the data from the CSP by requesting to delete the data stored in the CSP.

According to the present invention, the confidentiality of data is ensured by separating the header and the body of the file. In the conventional method, if the cloud server has the authority related to decryption such as the ciphertext and the encrypted key (header and body), the present invention manages the key (header) by setting up a trusted authority called a group of authority managers, and the cloud server uses the ciphertext. Distribute privileges by keeping only (body) It also introduces Secret Sharing to provide data access rights management method suitable for mobile cloud computing environment. In particular, secret variance allows the data owner to determine the threshold, which is the number of shares to restore the data, and the higher the sensitivity (the level of information that could compromise privacy), the higher the threshold to protect the data. Can be.

1 is a flowchart illustrating a method for secure proxy re-encryption based data management in a mobile cloud environment of the present invention.
2 is a diagram illustrating the structure of a file generated by a method for secure proxy re-encryption based data management in a mobile cloud environment of the present invention.
3 is a diagram illustrating an example of a medical system to which a secure proxy re-encryption based data management method is applied in a mobile cloud environment of the present invention.

Hereinafter, embodiments and examples of the present invention will be described in detail with reference to the accompanying drawings, so that those skilled in the art can easily carry out the present invention.

It should be understood, however, that the present invention may be embodied in many different forms and is not limited to the embodiments and examples described herein. In the drawings, the same reference numbers are used throughout the specification to refer to the same or like parts.

Throughout this specification, when an element is referred to as "comprising ", it means that it can include other elements as well, without departing from the other elements unless specifically stated otherwise.

을

방식으로 분할하여 각 쉐어

(

) 을 권한 관리자 그룹에게 전송한다. 권한 관리자 그룹은 피위임자가 데이터를 열람하고자 할 때 사용자의 권한이 정당하다면 프록시 재암호화키 쉐어

를

개만큼 모아서

을 재구성하고 정당하지 않다면 연산을 중지한다.In the mobile cloud environment of the present invention, the secure proxy re-encryption-based data management method divides the data file stored in the cloud server into a header and a body and stores the data files distributed to the authority manager group and the cloud operator, respectively. In the header, the secret key used to encrypt the message in the body is encrypted with KP-ABE. If the user is not authorized by the authority manager group, the user cannot obtain the secret key information in the header, and the user cannot actually decrypt the body containing the message that the user wants to obtain. In other words, the data files stored in the cloud server are divided and stored in headers and bodies to ensure confidentiality of the data. In addition, the authority manager group is placed in the cloud to determine the justification for user access. To specify these features, we use secret distribution and type-based proxy re-encryption. The proxy re-encryption key

of

Split each way to share

(

) Is sent to the privilege manager group. The privilege manager group shares the proxy re-encryption key if the user's rights are justified when the delegate wants to view the data.

To

Collect as many as

Reconstruct and stop the operation if it is not justified.

Hereinafter, a secure proxy re-encryption based data management method in the mobile cloud environment of the present invention described above with reference to FIG. 1 will be described in more detail.

In the present exemplary embodiment, four components, a data owner, a privilege manager group, a cloud service provider (CSP), and a user group, will be described as an example. Those skilled in the art will appreciate that components may be added as needed.

Table 1 below shows the description of the symbols used in the present embodiment.

Symbol Explanation

System Public and Master Keys

property

Public key component for

property

Master key component for

User secret key

property

User secret key component

property

Ciphertext components for

Attribute set assigned to the data file

data

Secret key used to encrypt password

User access structure

Set of attributes that make up the leaf node

Dummy attribute

System user list

property

Attribute history list for

Current version of the property

Updated in

Proxy re-encryption key to update the attribute with

Of the owner of the data on the tablet

와 보안 파라메터

를 입력하여

와

(

) 를 출력한다(101). 이를 상세히 설명하면 다음과 같다. First, in step 101, the data owner is a system universe

With security parameters

By typing

Wow

(

) Is output (101). This will be described in detail as follows.

를 가지는 소수 위수

의 쌍선형 그룹(bilinear group)

과 쌍선형 사상

를 정의하고,

(

), 속성

에 대한

,

(

,

) 를 생성하여, 시스템 공개키

와 시스템 마스터키

를 생성하고

에 서명을 덧붙인 (

,

) 를 권한 관리자에게 전송한다.Constructor

Fractional degrees with

Bilinear group of

And bilinear mapping

Define the

(

), property

For

,

(

,

), The system public key

And system master key

Create

With signature on (

,

) Is sent to the privilege manager.

Subsequently, in step 102, the data owner encrypts the file to create a new file as shown in FIG. 2 before transmitting the file to the Cloud Service Provider (CSP).

를 선택하고,

라는 키 공간에서 대칭(symmetric) 데이터 암호 키

를 임의로 선택하고 암호 키

를 이용해서 데이터 파일을 암호화하여 새로운 파일의 바디(

) 를 생성 및 출력한다. 이어, 데이터 파일에 대한 속성 집합

를 정의하고 암호 키

를 KP-ABE 방식으로 암호화하여 새로운 파일의 헤더((

)

)를 생성한다. 이어, 도 2에 도시된 바와 같은 형식으로 상기 헤더는 권한 관리자, 바디는 CSP에 저장에 저장한다.In other words, the data owner is responsible for the data file.

Select the

Data encryption key in a key space called

Randomly select a passkey

To encrypt the data file so that the body of the new file (

Create and print). Then, a set of properties for the data file

Define an encryption key

Is encrypted using KP-ABE, so that the header of the new file ((

)

) Subsequently, in the format as shown in FIG. 2, the header is stored in the authority manager and the body is stored in the CSP.

가 시스템에 참가하길 원할 때, 데이터 소유자가 접근 구조와 사용자

의 접근 구조

를 할당하게 된다(103). 이를 위해, 데이터 소유자는 접근 구조

의 각 노드

에 대한

를 정의하며, 접근구조

의 루트 노드(root node)는

, 잎 노드(leaf node)는

로 정의하고 비밀 키

(

)를 생성한다(

). 상기 접근 구조의 첫 번째 게이트(Gate)는 논리 합 게이트(AND Gate)로 시작하고 더미 속성(Dummy attribute)

를 추가한 후,

를 사용자

의 공개 키로 암호화하고 암호화 결과를

로 표시한다. 이어,

를 권한 관리자에게 전송(

는 접근구조

의 더미 속성을 제외한 접근구조)하고, 이에 따라 권한 관리자는

를 받는 즉시

가 맞는지 확인한 다음 시스템 사용자 리스트

에

를 저장하고 사용자

에게 상기

를 전달한다. 이어, 사용자

는

를 자신의 비밀 키로 복호한 후,

가 맞는지 확인하고

를 자신의 것으로 받아들이게 된다.Then, in step 103, the new user

When the user wants to participate in the system, the data owner must

Access structure

(103). For this purpose, data owners have access structures

Each node in

For

Defines the access structure

The root node of

, Leaf nodes are

Defined as a secret key

(

)

). The first gate of the access structure starts with a AND gate and a dummy attribute.

After adding

User

Encrypt with the public key of

To be displayed. Following,

Send to Authorization Manager (

Access structure

Access structure, except for dummy properties)

Upon receipt of

System user list

on

Save the user

Remind me

To pass. Followed by

The

After decrypting with your secret key,

Is correct

Will be accepted as your own.

의 데이터 열람 권한을 철회하고자 하는 경우, 데이터 소유자는 시스템 마스터 키와 공개 키의 콤포넌트가 업데이트됨에 따라 재정의된 프록시 재암호화 키를 출력한다(104). 즉, 접근 구조의 CNF(Conjunctive Normal Form)을 설계하고 최소한의 속성 집합이 있을 때, CNF 형태의 짧은 절에서 속성 집합

를 선택(

) 한 후, 데이터 소유자는

를 선택하고

와

을

방식으로 분할하여 각 쉐어

(

) 을 계산한다(

). 이어,

과

(

) 을 권한 관리자에게 전송하며, 권한 관리자는 시스템 사용자 리스트

에서 사용자

를 제거한 후,

를 저장하고 속성

의 히스토리 리스트

에

을 추가한다.Meanwhile, the user

If the user wants to revoke the data viewing right, the data owner outputs the redefined proxy re-encryption key as the components of the system master key and public key are updated (104). In other words, when designing the CNF (Conjunctive Normal Form) of the access structure and there is a minimum set of attributes, the attribute set in the short clause of the CNF form

Select (

), Then the data owner

Select

Wow

of

Split each way to share

(

Calculate

). Following,

and

(

) Is sent to the authorization manager, which is a list of system users.

From

After removing

Save the properties

History list

on

Add

가 데이터을 액세스하고 하는 경우, 권한 관리자는 사용자

의 접근권한을 판별한 후, 그 결과에 따라 사용자

의 비밀 키에 맞는 암호문을 습득하고 습득된 암호문을 복호화한다(105). 즉, 사용자

가 데이터에 대한 접근 요구

를 생성하여 권한 관리자에게 전송하면, 권한 관리자는

에서 사용자

를 확인하고

방식으로 분할된 각 쉐어

(

) 를

개 모아서

방식으로

로 재구성한다(

). 이 때,

에 사용자

가 없다면 이하의 모든 연산은 중지하게 된다. 이어, 권한 관리자는

에서 모든 프록시 재암호화키를 검색(

가 최신 버전이라면 연산을 수행하지 않음. 가장 최근의

는

이라고 가정)한 후, 검색된 프록시 재암호화키로

를 계산하여

으로 계산(

).

를 계산하여 CSP에

와

를 전송하면

을 계산한다(

). 이어, 권한관리자와 CSP는

,

를 복호를 위해 사용자

에게 전송하게 되며, 사용자

는

와

를 확인하고

안의

를

로 대체하고 각 잎 노드에 대한

를 계산한다. 이 때, 논리 곱 게이트와 논리 합 게이트의 연산을 통해서

를 계산하며, 헤더의

를

로 계산(

) 한 후, 바디의

을

로 계산하여 데이터 획득하게 된다(

).Then in step 105, the user

If the user is accessing data, the privilege manager

After determining the access right of the user,

The ciphertext that matches the secret key is acquired and the obtained ciphertext is decrypted (105). That is, the user

Requests access to data

If you create a file and send it to the privilege manager, the privilege manager

From

Check

Each share split in a way

(

)

Collect Dog

In a way

Reconfigure

). At this time,

User on

If no, all of the following operations are suspended. Next, the privilege manager

Retrieve all proxy re-encryption keys from

Does not perform operation if is a newer version. Most recent

The

), And then re-encrypt

By calculating

Calculated by

).

Calculate your CSP

Wow

If you send

Calculate

). Next, the authority manager and CSP

,

User to decrypt

Will be sent to

The

Wow

Check

in

To

For each leaf node

. At this time, the operation of the logical product gate and the logical sum gate

In the header,

To

Calculate as

A) after the body

of

The data is obtained by calculating

).

에 자신의 서명을 첨부하여 권한 관리자 그룹에게 전송한다. 그러면 권한 관리자 그룹은 서명을 확인하여 정당성이 입증되면 CSP에 저장된 데이터를 삭제할 것을 요구하고 CSP는 데이터를 삭제하게 된다(106).In addition, if the data owner wants to delete the data file of the CSP, the data owner must

Attach your signature to the authority manager group. The authority manager group then verifies the signature and, if justified, requires that the data stored in the CSP be deleted and the CSP deletes the data (106).

Those skilled in the art will appreciate that the secure proxy re-encryption based data management method in the mobile cloud environment according to the present invention can be variously applied.

For example, FIG. 3 is a diagram illustrating a medical system to which a secure proxy re-encryption based data management method is applied in a mobile cloud environment of the present invention.

3 is described under the following scenario.

A patient with high blood pressure (a delegate) fell overworked and was hospitalized. After hospitalization, the patient sets the type information for the user group (medical staff, insurance company, research institute, etc.) according to the patient's credibility, and the medical records for the patient are encrypted in the medical center (data owner) and stored in the CSP. The delegate wants to read the patient's medical records through the smartphone to prepare for an emergency. In this regard, the authority manager group is composed of scenarios in which the primary care physician's access to data is justified and, if appropriate, the access is approved.

알고리즘을 이용해서 공개키

와 마스터키

를 생성한다.

알고리즘으로 환자의 진료 기록

을

로 암호화한

과

알고리즘으로

를 암호화한

를 각각 CSP(203)와 권한 관리자 그룹(202)에게 전송한다. 그리고 권한 관리자 그룹(202)이 사용자 접근의 정당성을 판별하는 권한을 행사하기 위해서 프록시 재암호화키

을

방식으로 권한 관리자의 수(

명)만큼 분할한 쉐어

를 권한 관리자 그룹(202)에게 전송한다.First, the medical center 201

Public key using algorithm

And master key

.

Patient's medical record with algorithm

of

Encrypted with

and

Algorithmically

Encrypted

Are transmitted to the CSP 203 and the authority manager group 202, respectively. And the proxy re-encryption key in order for the authority manager group 202 to exercise the authority to determine the legitimacy of user access.

of

Number of privilege managers

Share divided by person)

Is transmitted to the authority manager group 202.

를 권한 관리자 그룹(202)에게 전송한다.Subsequently, a mobile application installed on the smartphone of the attending physician (user group: 204) requesting access to the patient's medical record.

Is transmitted to the authority manager group 202.

에서 주치의(204)를 확인하고

알고리즘으로 설정된 임계값

개만큼의 쉐어로 재구성한 프록시 재암호화키

과

를 CSP(203)에 전송한다.Authorization manager group 202

Check with your doctor (204)

The threshold set by the algorithm

Proxy re-encryption key reconstructed with as many shares

and

To the CSP 203.

알고리즘으로 주치의(204)를 위한 비밀키

를 생성하여

에 첨부하여 전송하고, 권한 관리자 그룹(202)은

알고리즘으로 비밀 키

에 대응되는

를 생성하여 전송한다.Thus, the CSP 203

Secret Key for Physician (204) with Algorithm

By creating

And the authority manager group 202

Secret key with algorithm

Corresponding to

Create and send.

와 접근구조

로

알고리즘을 이용하여 비밀 키

를 획득하고,

알고리즘을 이용하여 복호된 비밀 키

로

를 복호하여 환자의 진료 기록

을 획득하게 된다.
한편, 상기

알고리즘은 공개키

와 마스터키

를 생성하고, 상기

알고리즘은 환자의 진료 기록

을

로 암호화 (암호문은

) 한다.
상기

알고리즘은

를 암호화 (암호문은

)하고, 상기

알고리즘은 설정된 임계값

개만큼의 쉐어로 프록시 재암호화키키

과

재구성한다.
상기

알고리즘은 비밀키

(주치의 용)를 생성하고, 상기

알고리즘은 비밀 키

에 대응되는

를 생성한다.
상기

알고리즘은 비밀 키

를 복호하고, 상기

알고리즘은 복호된 비밀 키

로

를 복호화 (환자의 진료 기록

을 획득)함으로써, 모바일 클라우드 환경에서 안전한 프록시 재암호화 기반의 데이터관리 방식을 제공할 수 있게 된다.
Then, the mobile application installed on the smartphone of the attending physician 204 is a secret key.

And access structures

in

Secret key using algorithm

Earned,

Secret key decrypted using algorithm

in

Decrypt the patient's medical record

Will be obtained.
On the other hand,

The algorithm is a public key

And master key

And generate

Algorithm records patient care

of

Encrypted with (password

) do.
remind

The algorithm is

Encrypt (password

), And

Algorithm is set threshold

Re-encrypt proxy with as many shares

and

Reconstruct
remind

The algorithm is a secret key

Create (for the attending physician) and said

Algorithm is the secret key

Corresponding to

.
remind

Algorithm is the secret key

And decode

Algorithm decrypted secret key

in

Decrypt (patient medical records

By acquiring), it is possible to provide a secure proxy re-encryption based data management method in a mobile cloud environment.

While the present invention has been particularly shown and described with reference to specific embodiments thereof, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the following claims It will be apparent to those of ordinary skill in the art.

201: Medical Center
202: Administrators group
203: CSP
204: attending physician

Claims (7)

a) the data owner generating a public key and a master key using the system universe and security parameters;
b) the data owner signing the public key and sending the signed public key to a rights manager; And
c) selecting an ID of a data file to be created by the data owner, randomly selecting a symmetric data encryption key from a key space, encrypting the data file using the encryption key, and identifying the body of the data file to be generated. Generate and store the body in a cloud service provider (CSP), define a property set for the data file, encrypt the encryption key in a KP-ABE manner, generate a header of the data file to be generated, and generate the data Providing a header of a file to the rights manager; and secure proxy re-encryption based data management method in a mobile cloud environment.
The method of claim 1, wherein the method is
d) if a new user wants to join the system, the data owner assigns the access structure of the new user and generates a secret key based on the access structure and the master key;
e) encrypting the access structure, secret key, public key and signature with the new user's public key;
f) sending the signature encrypted by step e), an access structure excluding the dummy attribute and the signature to the rights manager;
g) the rights manager verifies that the encrypted keys, the dummy attribute excludes the access structure and the signature of the data owner upon receipt of the signature, and stores the access structure excludes the dummy attribute in the system user list; Delivering the encrypted keys to the new user; And
h) The new user who has received the encrypted keys to the new user decrypts the encrypted keys with his private key, checks if the signature is correct and accepts the access structure, secret key and public key as his own. Secure proxy re-encryption based data management method in a mobile cloud environment, characterized in that it further comprises a step.
The method of claim 1 or 2, wherein the method
i) When revoking the right to view a data of a specific user, the data owner, when a component of the master key and the public key is updated, the component of the master key and the public key redefined the proxy re-encryption key according to the update. Secure proxy re-encryption based data management method in a mobile cloud environment, characterized in that it further comprises the step of generating.
delete The method of claim 3 wherein the method is
j) when the user accesses the data, the authority manager determines the access authority of the user, and accordingly to obtain a passphrase according to the user's secret key secure in a mobile cloud environment, characterized in that Proxy re-encryption based data management method.
delete The method of claim 3 wherein the method is
k) when the data owner sends his signature to the authority manager group by attaching his signature to the ID of the file to be deleted, in order to delete the data file of the CSP, if the signature is verified and justified, the authority manager group And deleting the data from the CSP by requesting to delete the data stored in the CSP.

Images