检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
出 处:《计算机应用》2017年第6期1587-1592,1615,共7页journal of Computer Applications
基 金:国家242信息安全计划项目(2015A051;2012A138);国家十一五科技支撑计划项目(2007BAK34B06);国家十五科技攻关计划项目(2004BA811B04)~~
摘 要:针对属性基加密机制(ABE)在移动互联网环境中计算开销较大且不够灵活的问题,提出了一种基于动态信用等级的密文策略属性基加密(CP-ABE)方案。首先,该方案引入"信用等级"属性用来标识用户的"信用"并以此划分用户等级,高"信用等级"用户仅需常数级的计算开销即可解密;同时,中央授权中心(CA)在设定的时间阈值评估用户的访问行为并动态更新用户的"信用等级",更新算法避免私钥的完全重新生成。理论分析和实验结果表明,随着高"信用等级"用户占比升高,所提方案系统总时间开销不断减少,最终达到稳定并优于传统方案。该方案在保证安全性的前提下,总体上提高了移动互联网环境中访问控制的效率。Concerning the problems of Attribute-Based Encryption (ABE) such as high computational consumption and lack of flexibility in mobile Internet, a dynamic trust level based Ciphertext-Policy ABE (CP-ABE) scheme was proposed. Firstly, the "trust level" attribute was defined to indicate user's trusted level and divide users into different classes. User with high "trust level" was be able to decrypt the message in a constant computational overhead. Meanwhile, Central Authority (CA) was allowed to evaluate user's access behavior within the certain time threshold. Only the user's "trust level" was updated dynamically by the updating algorithm instead of complete re-generating of secret key. Theoretical analysis and experimental results show that, with the growing proportion of high "trust level" user, the total time consumption of the proposed scheme was decreased until being stable and finally was superior to the traditional scheme. The proposed scheme can improve the access control efficiency in mobile Internet on the premise of keeping the security standard.
关 键 词:访问控制 属性基加密 信用等级 行为评估 属性更新
分 类 号:TP309.7[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.249
