云环境下基于标记认证的租户数据安全防护方法  

Tenant data security protection method based on tag authentication in cloud environment

在线阅读下载全文

作  者:李治军 卢新 LI Zhijun;LU Xin(Military Unit 61705,Beijing 100091,China)

机构地区:[1]61705部队,北京100091

出  处:《北京信息科技大学学报(自然科学版)》2024年第6期45-52,共8页Journal of Beijing Information Science and Technology University(Science and Technology Edition)

摘  要:针对云环境下多租户私有数据隔离存储、访问与数据共享的安全问题,基于云平台下的Hadoop存储架构,建立了基于标记认证的租户数据安全防护方法。针对多租户私有数据的隔离存储与访问安全问题,通过引入安全标记参与存储和认证访问,提出了基于动态口令和安全标记双重认证的一致性哈希(Hash)改进算法,实现了租户私有数据安全、高效的隔离存储及访问;针对租户共享数据的安全问题,通过引入共享标记代替共享数据进行代理重加密,提出了基于标记的代理重加密数据共享方案,实现了租户共享数据安全认证下的秘密共享。通过安全性和实例化理论分析证明了该方法在云环境下的可行性和可靠性。In response to the security issues of isolated storage,access,and data sharing of multi-tenant private data in cloud environment,a security protection method of tenant data based on tag authentication was proposed leveraging the Hadoop storage architecture in cloud environment.Regarding the security issues of isolated storage and access of multi-tenant private data,an improved consistent Hash algorithm was proposed based on dynamic passwords and security tag dual authentication by introducing security tags to participate in storage and authentication access,achieving secure and efficient isolated storage and access of the tenant′s private data.Regarding the security of tenant′s shared data,a tag-based proxy re-encryption(Tag-PRE)data sharing scheme was proposed by introducing shared tags to replace the shared data for proxy re-encryption,realizing secret sharing under secure authentication of the tenant′s shared data.The feasibility and reliability of the proposed method were verified through the theoretical analysis of security and instantiation in cloud environment.

关 键 词:云计算安全 一致性Hash算法 动态口令认证 安全标记认证 代理重加密 

分 类 号:TP393[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象