一种基于无证书签密的云数据安全访问与共享方法  被引量：1

作　　者：魏爽[1] 龙草芳[1] 江荣旺[1] WEI Shuang;LONG Cao-fang;JIANG Rong-wang(University of Sanya,Sanya 572000,Hainan)

机构地区：[1]三亚学院信息与智能工程学院,海南三亚572000

出　　处：《电脑与电信》2023年第10期5-10,共6页Computer & Telecommunication

基　　金：海南省自然科学基金青年基金项目,项目编号:621QN0901,海南省自然科学基金青年基金项目,项目编号:620QN287;海南省高等学校科学研究项目,项目编号:Hnky2023-39;海南省高等学校科学研究项目,项目编号:Hnky2023ZD-14;三亚学院校级项目,项目编号:USYYB22-07。

摘　　要：在云计算中,用户数量极其庞大,而且用户的连接和离开都是随机的,因此系统需要保护数据访问。尽管许多算法被设计并已得到验证,但云计算中数据安全共享和授权用户的访问策略仍极具挑战。为提高云计算中多层数据访问的安全级别,提出一种基于无证书签密的数据访问与共享方法,其核心思想为:首先,用户向云服务器注册自己的详细信息,以获取各种服务。然后,云服务器为每个注册用户生成私钥和公钥。密钥生成后,用户向云服务器发送获取数据的请求。云服务器根据策略属性验证请求的用户是否获得授权。然后,云服务器将用户请求的数据以密文形式提供给云用户,并生成签名。最后,在用户端验证签名以解密数据。如果签名有效,则授权用户可获得原始数据,从而提高了数据访问的安全性。In cloud computing,the number of users is extremely large,and their connections and departures are random,so the sys-tem needs to protect data access.Although many algorithms have been designed and validated,there are still many challenges in da-ta secure sharing and access policies for authorized users in cloud computing.To improve the security level of multi-layer data ac-cess in cloud computing,a data access and sharing method based on certificateless signcryption is proposed.The core idea is as fol-lowing.First,users register their detailed information with cloud servers to obtain various services.Then,the cloud server generates private and public keys for each registered user.After that the user sends a request to the cloud server to obtain data.The cloud serv-er verifies whether the requested user is authorized based on policy attributes.Then,the cloud server provides the data requested by the user in ciphertext form to the cloud user and generates a signature.Finally,the signature is verified on the user end to decrypt the data.If the signature is valid,authorized users can obtain the original data,thereby improving the security of data access.

关 键 词：云计算 数据共享 访问控制 无证书签密 

分 类 号：TN918.4[电子电信—通信与信息系统]