计算机科学与探索2011,Vol.5Issue(9):835-844,10.DOI:10.3778/j.issn.1673-9418.2011.09.007
云存储密文访问控制方案
Cryptographic Access Control Scheme for Cloud Storage
摘要
Abstract
This paper presents an efficient, fine-grained and flexible access control scheme for the cloud storage at a scenario of the ciphertext-policy attribute-based encryption (CP-ABE). This scheme combines the techniques of segmentation of secret key and proxy re-encryption, and cloud service provider (CSP) will do most of re-encryption computing when the permission is revoked, which greatly reduces the computational cost of data owner (DO). Compared with existing schemes, this new scheme not only supports a variety of threshold gates access control pol icy, but also supports two different revoking units including attributes set and different user having the same attrib utes set when the permission is revoked. Finally the paper analyzes the security and runtime efficiency of the scheme. Experimental results show that the proposed scheme is superior to general schemes, especially considering cloud storage and the more users, the new scheme shows the more obvious advantages.关键词
云存储/密文访问控制/基于密文策略的属性加密/代理重加密/密钥分割Key words
cloud storage/ cryptographic access control/ ciphertext-policy attribute-based encryption (CP-ABE)/ proxy re-encryption/ segmentation of secret key分类
信息技术与安全科学引用本文复制引用
吕志泉,张敏,冯登国..云存储密文访问控制方案[J].计算机科学与探索,2011,5(9):835-844,10.基金项目
The National Science and Technology Major Special Projects of China under Grant No.2010ZX01042-001-001-05(国家科技重大专项“核高基”项目) (国家科技重大专项“核高基”项目)
the Knowledge Innovation Program of Chinese Academy of Sciences under Grant No.YYYJ-1013(中科院知识创新工程领域前沿项目). (中科院知识创新工程领域前沿项目)
