Abstract:
Through the analysis of outsourced database two layer encryption scheme, its security flaw is pointed out , that is, authorized users can easy authorized other non-authorized user to access to resource. An improved scheme that can derive the encryption key by using linear equation in two unknowns is proposed. To adapt to access policy changes avoiding re-encryption for the data owner, this scheme exploits a two layer encryption scheme to prevent non-authorized users to access resource. Analysis shows that this scheme not only can overcome the flaws of the original program but also adapt to dynamic changes. It is a safe and efficient access control scheme.
Key words:
outsourced database,
access control,
data encryption,
key management,
privacy preservation
摘要: 通过对外包数据库双层加密方案的分析,指出存在授权用户可以将资源访问授权给其他非授权用户的安全缺陷,为此,提出一个改进的安全外包数据访问控制方案。该方案利用二元一次函数诱导产生加密密钥。为适应访问控制策略动态变化,防止非授权用户访问资源,通过双重加密实现授权访问动态变化。分析结果表明,改进方案能够克服外包数据库双层加密方案的安全缺陷,可实现策略动态更新,是一个安全高效的访问控制方案。
关键词:
外包数据库,
访问控制,
数据加密,
密钥管理,
隐私保护
CLC Number:
MA Gao, WANG Xiao-Meng. Security Access Control Mechanism of Outsourced Database[J]. Computer Engineering, 2011, 37(9): 173-175.
麻浩, 王晓明. 外包数据库的安全访问控制机制[J]. 计算机工程, 2011, 37(9): 173-175.