移动社交网络中细粒度朋友发现隐私保护机制  被引量：2

作　　者：罗恩韬 王国军[1] 刘琴[3] 孟大程 LUO En-Tao;WANG Guo-Jun;LIU Qin;MENG Da-Cheng(School of Computer Science and Educational Software,Guangzhou University,Guangzhou 510006,China;School of Information Science and Engineering,Central South University,Changsha 410083,China;College of Computer Science and Engineering,Hu＇nan University,Changsha 410082,China)

机构地区：[1]广州大学计算机科学与教育软件学院,广东广州510006 [2]中南大学信息科学与工程学院,湖南长沙410083 [3]湖南大学信息科学与工程学院,湖南长沙410082

出　　处：《软件学报》2018年第10期3223-3238,共16页Journal of Software

基　　金：国家自然科学基金(61632009;61472451;61402543;61272151;61502163);湖南省自然科学基金(2015JJ3046);湖南省教育厅科研项目(2015C0589;110351018002);中南大学中央高校基本科研业务费专项资金(2016zzts060;2016zzts339)~~

摘　　要：在移动社交网络中,用户可以通过匹配彼此的特征属性进行朋友发现,针对单属性管理中心用户属性密钥更容易被攻击者窃取和服务高峰出现的性能瓶颈问题,提出一种由多个属性管理中心、分级管理用户属性子密钥方案.在该方案中,多个属性中心细粒度地管理用户的不同特征属性,并根据用户特征属性生成属性子密钥,交友请求者只有满足交友发起者设置的交友访问策略,才能正确地将各子密钥组合成完整的解密密钥,进而解密存储在交友中心的用户加密数据文件.通过对属性子密钥进行分级分类管理,不仅避免了单属性管理中心容易被攻击而造成的密钥泄漏以及单点故障风险,而且多属性中心协同工作提高了交友匹配计算效率.通过验证方案是否可挑战明文攻击,证明可达到CPA安全,可以有效地保护用户的隐私不被泄露.同时与既有方案进行了充分的对比实验,确保该方案计算开销最小,可以提供良好的用户体验.In mobile social networks, users can look for friends by matching their attributes. In order to solve the problem that the user＇s attribute is easy to be stolen by the attackers in the single authority center and performance bottleneck occurs in the peak of service, this work proposes a scheme where a multi-attribute management center hierarchically manages user attributes＇ sub-keys. The scheme involves several attribute centers which perform fine-grained management on different user attributes. After the friend requester＇s attributes meet the friend access control policy of the friend-making initiator, the friend requester can correctly combine the sub-keys into a complete decryption key and decrypt the user＇s data file to store in the friend-making server. By introducing hierarchical management in terms of attribute sub-keys, the proposed scheme not only effectively prevents key disclosure when the single-authority management center suffers from attacks, but also improves the computation efficiency of friend profile matching through cooperative work of multiple attribute center. Experiments are conducted to check whether the proposed scheme can challenge the chosen plaintext attack, and certify that the scheme can achieve CPA secure level while effectively protecting the user＇s privacy security. Extensive comparisons with existing schemes demonstrate the ability of the proposed scheme to entail the lowest computational overheads and provide excellent user experience.

关 键 词：密文访问控制策略 多授权中心 属性加密 隐私保护 机会计算 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]