非可信环境下的云端数据加密与授权方案  

Cloud Data Encryption and Authorization Scheme in Untrusted Network Environment

在线阅读下载全文

作  者:刘慧红 黄普善 毛得明 张宇光 LIU Huihong;HUANG Pushan;MAO Deming;ZHANG Yuguang(No.30 Institute of CETC,Chengdu Sichuan 610041,China)

机构地区:[1]中国电子科技集团公司第三十研究所,四川成都610041

出  处:《通信技术》2022年第3期367-374,共8页Communications Technology

基  金:四川省杰出青年科技人才计划(2019JDJQ0058)。

摘  要:将数据存储至云端可以有效降低用户的存储成本、提升数据共享便捷性,但在非可信环境下云端存储的数据面临诸多安全风险。虽然,数据加密能够保证数据的安全性,但却损失了数据共享的便捷性;因此,提出了一种基于格理论的属性基加密与授权方案。该方案中,数据所有者能够根据授权用户的属性设置密文策略,在数据加密的同时保证授权的灵活性。针对量子计算的发展可能带来的安全挑战,基于格构造抗量子的方案可以有效提升安全性。此外,利用区块链技术存储数据信息,以应对非可信云服务的伪造、篡改数据等行为。最后,分析了方案的安全性与各方面性能,结果表明所提方案能够适用于非可信的云存储应用。Storing data in the cloud can effectively reduce the storage cost of users and improve the convenience of data sharing, but the data stored in the cloud faces many security risks in an untrusted environment. Although data encryption can ensure data security, the convenience of data sharing suffers.Therefore, this paper proposes an attribute-based encryption and authorization scheme based on lattice theory. The data owner in this scheme can set the ciphertext strategy according to the attributes of authorized user, which ensures the flexibility of authorization while encrypting the data. At the same time, in view of the security challenges that the development of quantum computing may bring, anti-quantum schemes based on lattice structures can effectively improve security. In addition, this paper uses blockchain technology to store data information to deal with forgery and tampering of data by untrusted cloud services. Finally, it analyzes the security and performance of the scheme, and the results indicate that the proposed scheme can be applied to untrusted cloud storage applications.

关 键 词:非可信 云端数据存储 属性基加密 区块链 数据共享 

分 类 号:TP309.2[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象