结合区块链和属性基的可信数据分发  被引量：6

作　　者：李峰[1] 梁任纲 李雪聪 何倩[2] LI Feng;LIANG Ren-gang;LI Xue-cong;HE Qian(CETC Key Laboratory of Aerospace Information Application,Shijiazhuang 050081,China;Key Laboratory of Cryptography and Information Security,Guilin University of Electronic Technology,Guilin 541004,China)

机构地区：[1]中国电子科技集团公司航天信息应用技术重点实验室,石家庄050081 [2]桂林电子科技大学广西密码学与信息安全重点实验室,广西桂林541004

出　　处：《小型微型计算机系统》2021年第7期1524-1531,共8页Journal of Chinese Computer Systems

基　　金：国家自然科学基金项目(61661015,61967005)资助;广西创新驱动发展重大专项项目(AA17202024)资助;广西密码学与信息安全重点实验室基金项目(GCIS201701)资助;中国电子科技集团航天信息应用技术重点实验(SXX18629X015)资助;南宁市科学研究与技术开发计划项目(20201075)资助。

摘　　要：网络数据与日俱增,传统中心化平台管理模式导致海量数据的存储与数据分发产生高昂的成本;而且收集的数据在分发过程中容易受到恶意窃取,造成私密信息泄露.针对当前数据共享中急需解决的细粒度访问控制和溯源难题提出了一种结合区块链和属性基的可信数据分发机制.通过建立信任模型,基于信任的P2P分发平台提出一种基于属性基加密的细粒度访问控制机制,允许数据拥有者依照各自不同的目的和需求制定更合理的个性化数据访问策略,避免未授权实体不合法的数据访问.最后,针对区块链不适宜存储大量数据的问题,采取链下存储的模式,配合链上的智能合约存储返回的数据索引地址、经属性基加密的对称密钥等关键信息,在降低区块链存储压力的同时实现数据的保护和安全共享.实验结果表明,结合区块链和属性基的可信数据分发机制实现了对数据的细粒度访问控制,为用户提供了更加安全可靠的共享分发服务.Network data is increasing day by day,and the traditional centralized platform management model has resulted in high costs for the storage and data distribution of massive data.Collected data are vulnerable to malicious theft during the data distribution process,which may bring the leakage of private information.Aiming at the current fine-grained access control and security problems that are urgently needed in data sharing a trusted data distribution mechanism based on blockchain and attribute-based is proposed.Establishing a trust model,a trust-based P2 P distribution platform is designed,and then a fine-grained access control mechanism with Attribute Based Encryption(ABE)is proposed.Data owners are allowed to formulate more reasonable personalized data access strategies according to their different purposes and needs,avoiding unintended data access by illegal entities.An off-chain storage mode is adopted for storing large amounts of data.and the returned data index address is stored in the blockchain using the smart contract,and the symmetric key is encrypted by ABE.Through the above technologies,a trusted data distribution mechanism is realized while the storing pressure on the chain is reduced.Experimental results show that the trusted data distribution mechanism achieves fine-grained access control to data and provides users more secure and reliable shared distribution services.

关 键 词：数据分发 区块链 属性基加密 对等系统 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]