作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2021, Vol. 47 ›› Issue (1): 37-43. doi: 10.19678/j.issn.1000-3428.0057449

• 热点与综述 • 上一篇    下一篇

面向边缘计算的属性加密方案

彭红艳, 凌娇, 覃少华, 邓剑锋   

  1. 广西师范大学 计算机科学与信息工程学院, 广西 桂林 541004
  • 收稿日期:2020-02-21 修回日期:2020-03-21 发布日期:2020-03-27
  • 作者简介:彭红艳(1973-),女,副教授、硕士,主研方向为网络安全、数据分析;凌娇,硕士研究生;覃少华(通信作者),副教授、博士;邓剑锋,助理研究员、博士。
  • 基金资助:
    国家自然科学基金(61862008,81860635)。

Attribute-Based Encryption Scheme for Edge Computing

PENG Hongyan, LING Jiao, QIN Shaohua, DENG Jianfeng   

  1. School of Computer Science and Information Engineering, Guangxi Normal University, Guilin, Guangxi 541004, China
  • Received:2020-02-21 Revised:2020-03-21 Published:2020-03-27

摘要: 传统云环境下的属性加密方案在判定用户访问权限时通常仅依据年龄和职业等用户常规属性,而忽视了访问时间和位置的约束问题。为较好满足边缘计算的实时性和移动性需求,提出一种支持时间与位置约束的多授权外包属性加密方案。通过将时间域与位置域信息同时引入属性加密过程,实现更细粒度的访问控制。采用多授权机构共同管理属性信息,解决单授权机构的性能瓶颈问题,满足用户跨域访问需求。针对边缘计算中移动终端资源受限问题,将大部分解密计算外包至边缘节点,减轻移动终端设备负担。分析结果表明,在边缘计算环境下,该方案以较低的计算和存储开销实现了具有时间和位置约束的访问控制,并且可有效保障用户数据安全。

关键词: 属性加密, 时间约束, 位置约束, 边缘计算, 解密外包

Abstract: When existing Attribute-Based Encryption(ABE) schemes for traditional cloud environment determine the access rights of users,they consider only general attributes such as occupation and age,ignoring time and location constraints,which makes them fail to meet the real-time performance and mobility requirements of edge computing.Therefore,this paper proposes a time and location multi-authority outsourcing ABE scheme.The scheme introduces the time domain information and location domain information into attribute encryption,enabling a more fine-grained access control function.Simultaneously the scheme uses multi-authority management of attribute information to solve the performance bottleneck of the single-authority management,meeting the needs of users' cross-domain access.To address the limitation of mobile terminal resources in edge computing,most of the decryption calculations are outsourced to edge nodes to reduce the burden of mobile terminal devices.Analysis results show that the scheme achieves access control with access time and location constraints by reducing computing and storage overhead,and effectively guarantees data security.

Key words: Attribute-Based Encryption(ABE), time constraint, location constraint, edge computing, decryption outsourcing

中图分类号: