A Cloud Access Control Scheme Supporting Fine-grained Attribute Change

doi:10.19678/j.issn.1000-3428.0048415

Abstract

Abstract:

For cloud data access control research,there are many problems such as large cost of attribute change and inflexibility.On the basis of ciphertext policy Attribute-based Encryption(ABE),this paper proposes a scheme supporting fine-grained attribute change.It combines a Hash function that has irreversible calculation properties and defines a logical binary tree to re-encrypt the ciphertext,and updates the ciphertext and the private key according to the group key generated by the root node of the largest covering subtree corresponding to each attribute,so that each attribute can be fine-grained changed.Simulation experimental results show that this scheme can effectively reduce the whole computation complexity and user storage pressure,and the change efficiency can be improved.

Key words: access control, attribute change, ciphertext policy, fine-grained, Hash function, logical binary tree

摘要：

云数据访问控制研究多数存在属性变更开销大及不够灵活等问题。为此,在密文策略属性基加密基础上提出一种支持细粒度属性变更的方案。结合具有计算不可逆性质的哈希函数定义逻辑二叉树对密文进行重加密,根据每个属性对应的最大覆盖子树根节点生成的组密钥更新密文与私钥,从而实现属性变更的细粒度化。仿真结果表明,该方案能够有效降低系统整体计算复杂度和用户存储压力,提高属性变更效率。

关键词: 访问控制, 属性变更, 密文策略, 细粒度, 哈希函数, 逻辑二叉树

CLC Number:

TP391

TAN Yuesheng,XING Chenshuo,WANG Jingyu. A Cloud Access Control Scheme Supporting Fine-grained Attribute Change[J]. Computer Engineering, 2018, 44(8): 7-13.

谭跃生,郉晨烁,王静宇. 一种支持细粒度属性变更的云访问控制方案[J]. 计算机工程, 2018, 44(8): 7-13.

/ / Recommend / Download Citations

URL: http://www.ecice06.com/EN/10.19678/j.issn.1000-3428.0048415

http://www.ecice06.com/EN/Y2018/V44/I8/7

References

［1］SAHAI A,WATERS B.Fuzzy identity-based encryption［J］.Lecture Notes in Computer Science,2005,3494:457-473.br/ ［2］ATTRAPADUNG N,IMAI H.Attribute-based encryption supporting direct/indirect revocation modes［C］//Proceedings of IMA International Conference on Cryptography and Coding.Berlin,Germany:Springer,2009:278-300.br/ ［3］ATTRAPADUNG N,IMAI H.Conjunctive broadcast and attribute-based encryption［C］//Proceedings of the 3rd International Conference on Pairing-based Cryptography-pairing.Palo Alto,USA:IEEE Press,2009:248-265.br/ ［4］王鹏翩,冯登国,张立武.一种支持完全细粒度属性撤销的CP-ABE方案［J］.软件学报,2012,23(10):2805-2816.br/ ［5］PIRRETTI M,TRAYNOR P,MCDANIEL P,et al.Secure attribute-based systems［J］.Journal of Computer Security,2010,18(5):799-837.br/ ［6］BETHENCOUIT J,SAHAI A,WATERS B.Ciphertext-policy attribute-based encryption［C］//Proceedings of IEEE Symposium on Security and Privacy.Washington D.C.,USA:IEEE Computer Society,2007:321-334.br/ ［7］LUAN I,PETKOVIC M,NIKOVA S,et al.Mediated ciphertext-policy attribute-based encryption and its appli-cation［C］//Proceedings of International Workshop on Information Security Applications.Busan,South Korea:［s.n.］,2009:309-323.br/ ［8］HUR J,NOH D K.Attribute-based access control with efficient revocation in data outsourcing systems［J］.IEEE Transactions on Parallel & Distributed Systems,2011,22(7):1214-1221.br/ ［9］杨小东,王彩芬.基于属性群的云存储密文访问控制方案［J］.计算机工程,2012,38(11):20-22,26.br/ ［10］DI P R,MANCIANI L V,JAJODIA S.Efficient and secure keys management forwireless mobile commiinications［C］//Proceedings of the 2nd ACM International Workshop on Principles of Mobile Computing.Toulouse,France:［s.n.］,2002:66-73.br/ ［11］IBRAIMI L,TANG Q,HARTEL P,et al.Efficient and provable secure ciphertext-policy attribute-based encryption schemes［C］//Proceedings of International Conference on Information Security Practice and Experience.Xi’an,China:［s.n.］,2009:1-12.br/ ［12］闫玺玺,汤永利.数据外包环境下一种支持撤销的属性基加密方案［J］.通信学报,2015,36(10):92-100.br/ ［13］闫玺玺,孟慧.支持直接撤销的密文策略属性基加密方案［J］.通信学报,2016,37(5):44-50.br/ ［14］韩司.基于云存储的数据安全共享关键技术研究［D］.北京:北京邮电大学,2015.br/ ［15］BANIHASHEMIAN S,BAFGHI A G.Centralized key management scheme in wireless sensor networks［J］.Wireless Personal Communications,2011,60(3):463-474.br/ ［16］LIU Y N,JIAN W,HE D,et al.Intra-cluster key sharing in hierarchical sensor networks［J］.IET Wireless Sensor Systems,2013,3(3):172-182.br/ ［17］JOLLY G,et al.A low-energy key management protocol for wireless sensor networks［C］//Proceedings of the 8th IEEE International Symposium on Computers and Communication.Hong Kong,China:IEEE Computer Society,2003:335-340.br/ ［18］BETHENCOURT J,SAHAI A.Advanced crypto software collection:the cpabe toolkit［EB/OL］.［2017-04-01］.http://acsc.cs.utexas.edu/cpabe/.br/

[1]	Baohua HUANG, Huiying ZHENG, Xi QU, Ningjiang CHEN. Efficient Storage Access Control Scheme for Alliance Chain [J]. Computer Engineering, 2023, 49(8): 37-45.
[2]	SHI Jin, XU Yang, CAO Bin. Fine-Grained Image Categorization Based on Adaptive Trilinear Pooling Network [J]. Computer Engineering, 2023, 49(5): 239-246,254.
[3]	TIAN Xiuxia, YANG Mingyi. Smart Contract-Based Access Control Mechanism in Home IoT [J]. Computer Engineering, 2023, 49(3): 18-28.
[4]	FU Pengcheng, YANG Guan, LIU Xiaoming, LIU Yang, ZHANG Ziming, CHENG Xi. Visual Question Answering Model Based on Spatial Relation and Frequency Feature [J]. Computer Engineering, 2022, 48(9): 96-104.
[5]	WEI Chengjing, LI Guodong. Encryption Algorithm of Video Images Combining Hyper-Chaotic System and Logistic Mapping [J]. Computer Engineering, 2022, 48(5): 263-271.
[6]	ZHANG Yang, YAO Dengfeng, JIANG Minghu, LI Fanshu. Fine-Grained Smoking Behavior Recognition Based on EfficientDet Network [J]. Computer Engineering, 2022, 48(3): 302-309,314.
[7]	LIU Jing, ZHU Bingxu, LIANG Jiahang, REN Nüer, JI Haipeng. Blockchain Access Control Strategy Based on Mainchain and Sidechain Cooperation [J]. Computer Engineering, 2022, 48(3): 10-16,22.
[8]	TAN Run, YE Wujian, LIU Yijun. Fine-Grained Image Classification Combining Dual Semantic Data Augmentation and Target Location [J]. Computer Engineering, 2022, 48(2): 237-242,249.
[9]	LI Pei, CHEN Qiaosong, CHEN Pengchang, DENG Xin, WANG Jin, PIAO Changhao. Multi-Modal Fine-Grained Retrieval Based on Modal Specific and Modal Shared Feature Information [J]. Computer Engineering, 2022, 48(11): 62-68,76.
[10]	ZHOU Zhifei, WU Jinlong, LI Yiyi, JIA Libang, SHEN Yujie, ZHANG Gang, CUI Bin. Firearm Image Recognition System Based on Multi-Task Cascaded Residual Network [J]. Computer Engineering, 2022, 48(1): 214-219.
[11]	WANG Jingyu, ZHOU Xuejuan. An Attribute-based Encryption Scheme for Ciphertext Policy that Supports Attribute Revocation [J]. Computer Engineering, 2021, 47(7): 95-100.
[12]	ZHANG Benhong, WU Haohao, YU Lei. Contention-based Time Division Multiple Access MAC Protocol in Vehicular Ad Hoc Networks [J]. Computer Engineering, 2021, 47(5): 154-159.
[13]	ZHANG Jianguo, HU Xiaohui. Research on Improved Access Control Mechanism of Internet of Things Devices Based on Ethereum [J]. Computer Engineering, 2021, 47(4): 32-39,47.
[14]	ZHANG Jianghui, CUI Bo, LI Ru, SHI Jinshan. Access Control System of Internet of Things Based on Smart Contract [J]. Computer Engineering, 2021, 47(4): 21-31.
[15]	ZHAN Changjian, LEI Lei, SHEN Gaoqing, LI Zhilin. Multi-Link Transmission MAC Protocol Suitable for Underwater Acoustic Sensor Network [J]. Computer Engineering, 2021, 47(2): 194-200.

Please choose a citation manager

Content to export