作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2018, Vol. 44 ›› Issue (8): 7-13. doi: 10.19678/j.issn.1000-3428.0048415

所属专题: 云计算专题

• 云计算专题 • 上一篇    下一篇

一种支持细粒度属性变更的云访问控制方案

谭跃生,郉晨烁,王静宇   

  1. 内蒙古科技大学 信息工程学院,内蒙古 包头 014010
  • 收稿日期:2017-08-21 出版日期:2018-08-15 发布日期:2018-08-15
  • 作者简介:谭跃生(1959—),男,教授,主研方向为云计算、信息安全;郉晨烁,硕士研究生;王静宇,副教授、博士。
  • 基金资助:

    国家自然科学基金(61462069,61662056);内蒙古自然科学基金(2015MS0622,2016MS0609,2016MS0608)。

A Cloud Access Control Scheme Supporting Fine-grained Attribute Change

TAN Yuesheng,XING Chenshuo,WANG Jingyu   

  1. School of Information Engineering,Inner Mongolia University of Science and Technology,Baotou,Inner Mongolia 014010,China
  • Received:2017-08-21 Online:2018-08-15 Published:2018-08-15

摘要:

云数据访问控制研究多数存在属性变更开销大及不够灵活等问题。为此,在密文策略属性基加密基础上提出一种支持细粒度属性变更的方案。结合具有计算不可逆性质的哈希函数定义逻辑二叉树对密文进行重加密,根据每个属性对应的最大覆盖子树根节点生成的组密钥更新密文与私钥,从而实现属性变更的细粒度化。仿真结果表明,该方案能够有效降低系统整体计算复杂度和用户存储压力,提高属性变更效率。

关键词: 访问控制, 属性变更, 密文策略, 细粒度, 哈希函数, 逻辑二叉树

Abstract:

For cloud data access control research,there are many problems such as large cost of attribute change and inflexibility.On the basis of ciphertext policy Attribute-based Encryption(ABE),this paper proposes a scheme supporting fine-grained attribute change.It combines a Hash function that has irreversible calculation properties and defines a logical binary tree to re-encrypt the ciphertext,and updates the ciphertext and the private key according to the group key generated by the root node of the largest covering subtree corresponding to each attribute,so that each attribute can be fine-grained changed.Simulation experimental results show that this scheme can effectively reduce the whole computation complexity and user storage pressure,and the change efficiency can be improved.

Key words: access control, attribute change, ciphertext policy, fine-grained, Hash function, logical binary tree

中图分类号: