吉林大学学报(信息科学版)2025,Vol.43Issue(5):1101-1110,10.
基于CP-ABE结合非对称加密算法的云计算资源分级访问控制
Hierarchical Access Control of Cloud Computing Resources Based on CP-ABE Combined with Asymmetric Encryption Algorithm
摘要
Abstract
Due to the complexity of multi tenant and multi-level security requirements in cloud computing environments,existing access control strategies are difficult to meet the needs of different users and applications,resulting in lower resource access security and more time consumption during encryption and decryption.To address the above issues,combining CP-ABE(Ciphertext Policy-Attribute Based Encryption)with asymmetric encryption RSA(Rivest Shamir Adleman)research on hierarchical access control of cloud computing resources is conducted.A CP-ABE access control architecture is established and encrypted access policies are developed.The trust values related to hierarchical access of cloud computing resources is used to clarify the trust relationship of access,and the trust degree of access subject and object resources are obtainined.Based on the calculated trust value,users are granted hierarchical authorization to meet the needs of multi tenant and multi-level security.Based on the results of user identity hierarchical authorization,the RSA algorithm is used to replace the complex bilinear mapping of CP-ABE for encryption and decryption,achieving precise control of resource hierarchical access and reducing encryption and decryption time consumption.Through experimental testing,it was found that the proposed method can achieve a concurrent connection count of 400,a maximum over authorization rate of 6.8%for hierarchical access,and an effective control of access control response time of less than 6 seconds,which can effectively meet the multi tenant and multi-level security needs of application scenarios.It has a good effect on hierarchical access control of cloud computing resources.关键词
改进属性基加密/云计算/访问精准控制/信任度/分级授权Key words
improve attribute based encryption/cloud computing/access precise control/trust level/graded authorization分类
计算机与自动化引用本文复制引用
赵琳莹,王超..基于CP-ABE结合非对称加密算法的云计算资源分级访问控制[J].吉林大学学报(信息科学版),2025,43(5):1101-1110,10.基金项目
河南省高等学校重点科研基金资助项目(25B520042) (25B520042)
全国高等职业院校信息技术课程教学改革研究基金资助项目(KT2024104) (KT2024104)
黄河交通学院一流专业基金资助项目(HHJTXY-2023ylzy02) (HHJTXY-2023ylzy02)
黄河交通学院一流课程基金资助项目(HHJTXY-2022ylkc45) (HHJTXY-2022ylkc45)
