Abstract:
Now existing access control scheme has the strong dependence to trusty third party in cloud. With regard to this problem, this paper proposes an access control scheme based on attribute. It designs an access control model in cloud, constructs an access control policy which adopts the way of Attribute-based Encryption(ABE) tree, and presents a method of user revocation and policy updates. Security analysis indicates that the scheme has the features of collusion-resistance, data confidentiality and backward and forward secrecy.
Key words:
Attribute-based Encryption(ABE),
cloud computing,
access control,
access tree,
CP-ABE algorithm,
KP-ABE algorithm
摘要: 云服务中现有访问控制方案对可信第三方具有强烈依赖性。针对该问题,提出一个基于属性的分布式云访问控制方案。建立云访问控制模型,采用ABE的加密树方式构造访问控制策略,并给出用户撤销及策略更新方法。安全性分析表明,该方案能够抵抗共谋攻击,具有数据保密性以及后向前向保密性。
关键词:
基于属性的加密,
云计算,
访问控制,
访问树,
CP-ABE算法,
KP-ABE算法
CLC Number:
ZHANG Zhu-Lin, WANG Cai-Fen. Attribute-based Distributed Access Control Scheme in Cloud[J]. Computer Engineering, 2012, 38(11): 1-4.
张竹林, 王彩芬. 基于属性的分布式云访问控制方案[J]. 计算机工程, 2012, 38(11): 1-4.