基于雾节点的分布式属性基加密方案

doi:10.19678/j.issn.1000-3428.0060063

计算机工程 ›› 2021, Vol. 47 ›› Issue (6): 38-43. doi: 10.19678/j.issn.1000-3428.0060063

基于雾节点的分布式属性基加密方案

马佳佳¹, 张志强¹, 曹素珍¹, 窦凤鸽¹, 丁晓晖¹, 王彩芬²

1. 西北师范大学计算机科学与工程学院, 兰州 730070;
2. 深圳技术大学大数据与互联网学院, 广东深圳 518118

收稿日期:2020-11-20 修回日期:2021-01-12 发布日期:2021-01-22
作者简介:马佳佳(1997-),女,硕士研究生,主研方向为属性基加密;张志强,硕士研究生;曹素珍,副教授、硕士;窦凤鸽、丁晓晖,硕士研究生;王彩芬,教授、博士。

Distributed Attribute-Based Encryption Scheme Based on Fog Nodes

MA Jiajia¹, ZHANG Zhiqiang¹, CAO Suzhen¹, DOU Fengge¹, DING Xiaohui¹, WANG Caifen²

1. College of Computer Science and Engineering, Northwest Normal University, Lanzhou 730070, China;
2. College of Big Data and Internet, Shenzhen University of Technology, Shenzhen, Guangdong 518118, China

Received:2020-11-20 Revised:2021-01-12 Published:2021-01-22
Contact: 国家自然科学基金（61662069，61662071）。 E-mail:576342353@qq.com

摘要/Abstract

摘要： 为解决云存储中对用户访问数据权限划分笼统、细粒度化控制访问权限受限以及单授权机构中存在的单点失效问题，提出基于雾节点的分布式密文策略属性基加密方案。将数据的部分解密运算外包给雾节点，减少终端用户的计算开销，并由不同的属性授权机构为用户生成属性密钥，以适用于细粒度的访问控制要求，使用全局身份将属于特定用户的各种属性进行“捆绑”，防止各属性机构间的共谋攻击，同时引入权重属性简化访问结构，节省系统的存储空间。实验结果表明，基于判定性q-parallel BDHE问题证明了该方案的安全性，与基于区块链的多授权机构访问控制方案和mHealth中可追踪多授权机构基于属性的访问控制方案相比，该方案终端用户在解密阶段具有更小的计算开销。

关键词: 雾计算, 分布式授权, 密文策略, 权重属性, 解密外包

Abstract: The existing cloud storage schemes have multiple limitations, including the general division of user rights to access data, fine-grained control access permissions, and single point of failure in single authority.This paper proposes a distributed ciphertext-policy attribute-based encryption scheme based on fog nodes.In the scheme, part of the data decryption operations are outsourced to the fog nodes, reducing the computing overhead of the end users.Different attribute authorities generate attribute keys for users to meet the fine-grained access control requirements, and the attributes of a specific user are bundled together by using the global identity, which effectively prevents collusion attacks among various attribute agencies.At the same time, the introduction of the weight attribute simplifies the access structure and saves system storage space.The scheme is tested with the q-parallel BDHE deterministic problem, and the results have verified the security of the scheme.Compared with the blockchain-based multi-authority access control scheme and the attribute-based access control scheme of mHealth that can track multiple authorities, the proposed scheme reduces the computing overhead of the end users in the decryption phase.

Key words: fog computing, distributed authorization, ciphertext-policy, weight attribute, decryption outsourcing

中图分类号:

TP391

马佳佳, 张志强, 曹素珍, 窦凤鸽, 丁晓晖, 王彩芬. 基于雾节点的分布式属性基加密方案[J]. 计算机工程, 2021, 47(6): 38-43.

MA Jiajia, ZHANG Zhiqiang, CAO Suzhen, DOU Fengge, DING Xiaohui, WANG Caifen. Distributed Attribute-Based Encryption Scheme Based on Fog Nodes[J]. Computer Engineering, 2021, 47(6): 38-43.

https://www.ecice06.com/CN/Y2021/V47/I6/38

图/表 7

20210618111307

20210618111310

20210618111314

20210618111319

20210618111322

20210618111326

20210618111329

参考文献

[1] BONOMI F,MILITO R,ZHU J,et al.Fog computing and its role in the Internet of Things[C]//Proceedings of MCC'12.New York,USA:ACM Press,2012:13-16.
[2] OKAMOTO T,TAKASHIMA K.Decentralized attribute-based encryption and signatures[J].ICE Transactions on Fundamentals of Electronics Communications and Computer Sciences,2020,103(1):41-73.
[3] MAHESWARI U S,VASANTHANAYAKI C.Secure medical health care content protection system with watermark detection for multi cloud computing environment[J].Multimedia Tools and Applications,2020,79(5):4075-4097.
[4] SAHAI A,WATERS B.Fuzzy identity-based encryption[C]//Proceedings of the 24th Annual International Conference on Theory and Applications of Cryptographic Techniques.Berlin,Germany:Springer,2005:457-473.
[5] POURNAGHI S M,BAYAT M,FARJAMI Y.MedSBA:a novel and secure scheme to share medical data based on blockchain technology and attribute-based encryption[J].Journal of Ambient Intelligence and Humanized Computing,2020,11(11):4613-4641.
[6] GOYAL V,PANDEY O,SAHAI A,et al.Attribute-based encryption for fine-grained access control of encrypted data[C]//Proceedings of the 13th ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2006:89-98.
[7] BETHENCOURT J,SAHAI A,WATERS B.Ciphertext-policy attribute-based encryption[C]//Proceedings of the 28th IEEE Conference on Security and Privacy.Washington D.C.,USA:IEEE Press,2007:321-334.
[8] FAN Chuni,HUANG Siming,RUAN Heming.Arbitrary-state attribute-based encryption with dynamic membership[J].IEEE Transactions on Computers,2014,63(8):1951-1961.
[9] YAN Xincheng,CHEN Yue,BA Yang,et al.Updatable attribute encryption scheme supporting dynamic changes of user permissions[J].Computer Research and Development,2020,57(5):1057-1069.(in Chinese)严新成,陈越,巴阳,等.支持用户权限动态变更的可更新属性加密方案[J].计算机研究与发展,2020,57(5):1057-1069.
[10] HUANG Fengming,TU Shanshan,MENG Yuan.Attribute-based encryption scheme supporting outsourcing and revocation in fog computing[J].Computer Engineering,2020,46(5):34-40.(in Chinese)黄凤鸣,涂山山,孟远.雾计算中支持外包与撤销的属性基加密方案[J].计算机工程,2020,46(5):34-40.
[11] QIN Baodong,ZHENG Dong.Generic approach to outsource the decryption of attribute-based encryption in cloud computing[J].IEEE Access,2019,7:42331-42342.
[12] LI Jin,ZHANG Yinghui,CHEN Xiaofeng,et al.Secure attribute-based data sharing for resource-limited users in cloud computing[J].Computers & Security,2018(72):1-12.
[13] ZHOU Jun,CAO Zhenfu,DONG Xiaolei,et al.Security and privacy for cloud-based IoT:challenges[J].IEEE Communications Magazine,2017,55(1):26-33.
[14] CHASE M.Multi-authority attribute based encryption[M].Berlin,Germany:Springer,2007.
[15] ZHENG Lianghan,HE Heng,TONG Qian,et al.A multi-authorization organization access control scheme in cloud environment[J].Computer Science and Exploration,2020,14(11):1865-1878.(in Chinese)郑良汉,何亨,童潜,等.云环境中的多授权机构访问控制方案[J].计算机科学与探索,2020,14(11):1865-1878.
[16] LI Qi,ZHU Hongbo,XIONG Jinbo,et al.An attribute-based access control scheme for traceable multi-authorization agencies in mHealth[J].Journal on Communications,2018,39(6):1-10.(in Chinese)李琦,朱洪波,熊金波,等.mHealth中可追踪多授权机构基于属性的访问控制方案[J].通信学报,2018,39(6):1-10.
[17] LIU Z,JIANG Z L,WANG X,et al.Practical attribute-based encryption:outsourcing decryption,attribute revocation and policy updating[J].Journal of Network and Computer Applications,2018,108:112-123.
[18] FAN Kai,LIU Tingting,ZHANG Kuan,et al.A secure and efficient outsourced computation on data sharing scheme for privacy computing[J].Journal of Parallel and Distributed Computing,2020,135:169-176.
[19] XU Qian,TAN Chengxiang,FAN Zhijie,et al.Secure data access control for fog computing based on multi-authority attribute-based sign cryption with computation outsourcing and attribute revocation[J].Sensors,2018,18(5):1609-1646.
[20] PENG Hongyan,LING Jiao,QIN Shaohua,et al.Attribute-based encryption scheme for edge computing[J].Computer Engineering,2021,47(1):37-43.(in Chinese)彭红艳,凌娇,覃少华,等.面向边缘计算的属性加密方案[J].计算机工程,2021,47(1):37-43.

选择文件类型/文献管理软件名称

选择包含的内容

基于雾节点的分布式属性基加密方案

Distributed Attribute-Based Encryption Scheme Based on Fog Nodes

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 7

参考文献

相关文章 14

编辑推荐

Metrics

本文评价

[1]	张凌云, 陈玉玲. 基于格上密文策略属性基加密的联盟链数据共享方案[J]. 计算机工程, 2023, 49(11): 30-39.
[2]	李晋国, 焦旭斌. 雾计算环境下入侵检测模型研究[J]. 计算机工程, 2022, 48(5): 43-52.
[3]	王静宇, 周雪娟. 一种支持属性撤销的密文策略属性基加密方案[J]. 计算机工程, 2021, 47(7): 95-100.
[4]	彭红艳, 凌娇, 覃少华, 邓剑锋. 面向边缘计算的属性加密方案[J]. 计算机工程, 2021, 47(1): 37-43.
[5]	韩舒艳, 努尔买买提·黑力力. 选择性隐藏树型访问结构的CP-ABE方案[J]. 计算机工程, 2020, 46(7): 150-158.
[6]	朱兰婷, 孙丽珺, 闫杨. 车辆雾计算中基于反向拍卖的停车辅助方案[J]. 计算机工程, 2020, 46(7): 14-20,29.
[7]	黄凤鸣, 涂山山, 孟远. 雾计算中支持外包与撤销的属性基加密方案[J]. 计算机工程, 2020, 46(5): 34-40.
[8]	迪力夏提·吾普尔, 陈成, 努尔买买提·黑力力. 隐藏策略的可验证外包解密OO-CP-ABE访问控制方案[J]. 计算机工程, 2019, 45(10): 166-170.
[9]	谭跃生,鲁黎明,王静宇. 基于安全三方计算的密文策略加密方案[J]. 计算机工程, 2019, 45(1): 115-120,128.
[10]	张玉磊,刘文静,马彦丽,王彩芬. 多属性授权机构环境下属性可撤销的CP-ABE方案[J]. 计算机工程, 2018, 44(8): 19-23,29.
[11]	谭跃生,郉晨烁,王静宇. 一种支持细粒度属性变更的云访问控制方案[J]. 计算机工程, 2018, 44(8): 7-13.
[12]	彭开锋,张席. 适应性安全且支持属性撤销的CP-ABE 方案[J]. 计算机工程, 2015, 41(4): 151-155.
[13]	邓宇乔. 基于动态属性的加密方案[J]. 计算机工程, 2014, 40(4): 136-140.
[14]	马丹丹, 陈勤, 党正芹, 张金漫. 基于多属性机构的密文策略加密机制[J]. 计算机工程, 2012, 38(10): 114-116.

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

基于雾节点的分布式属性基加密方案

Distributed Attribute-Based Encryption Scheme Based on Fog Nodes

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 7

参考文献

相关文章 14

编辑推荐

Metrics

本文评价