Distributed Attribute-Based Encryption Scheme Based on Fog Nodes

doi:10.19678/j.issn.1000-3428.0060063

Computer Engineering ›› 2021, Vol. 47 ›› Issue (6): 38-43. doi: 10.19678/j.issn.1000-3428.0060063

• Hot Topics and Reviews • Previous Articles Next Articles

Distributed Attribute-Based Encryption Scheme Based on Fog Nodes

MA Jiajia¹, ZHANG Zhiqiang¹, CAO Suzhen¹, DOU Fengge¹, DING Xiaohui¹, WANG Caifen²

1. College of Computer Science and Engineering, Northwest Normal University, Lanzhou 730070, China;
2. College of Big Data and Internet, Shenzhen University of Technology, Shenzhen, Guangdong 518118, China

Received:2020-11-20 Revised:2021-01-12 Published:2021-01-22
Contact: 国家自然科学基金（61662069，61662071）。 E-mail:576342353@qq.com

基于雾节点的分布式属性基加密方案

马佳佳¹, 张志强¹, 曹素珍¹, 窦凤鸽¹, 丁晓晖¹, 王彩芬²

1. 西北师范大学计算机科学与工程学院, 兰州 730070;
2. 深圳技术大学大数据与互联网学院, 广东深圳 518118

作者简介:马佳佳(1997-),女,硕士研究生,主研方向为属性基加密;张志强,硕士研究生;曹素珍,副教授、硕士;窦凤鸽、丁晓晖,硕士研究生;王彩芬,教授、博士。

Abstract

Abstract: The existing cloud storage schemes have multiple limitations, including the general division of user rights to access data, fine-grained control access permissions, and single point of failure in single authority.This paper proposes a distributed ciphertext-policy attribute-based encryption scheme based on fog nodes.In the scheme, part of the data decryption operations are outsourced to the fog nodes, reducing the computing overhead of the end users.Different attribute authorities generate attribute keys for users to meet the fine-grained access control requirements, and the attributes of a specific user are bundled together by using the global identity, which effectively prevents collusion attacks among various attribute agencies.At the same time, the introduction of the weight attribute simplifies the access structure and saves system storage space.The scheme is tested with the q-parallel BDHE deterministic problem, and the results have verified the security of the scheme.Compared with the blockchain-based multi-authority access control scheme and the attribute-based access control scheme of mHealth that can track multiple authorities, the proposed scheme reduces the computing overhead of the end users in the decryption phase.

Key words: fog computing, distributed authorization, ciphertext-policy, weight attribute, decryption outsourcing

摘要： 为解决云存储中对用户访问数据权限划分笼统、细粒度化控制访问权限受限以及单授权机构中存在的单点失效问题，提出基于雾节点的分布式密文策略属性基加密方案。将数据的部分解密运算外包给雾节点，减少终端用户的计算开销，并由不同的属性授权机构为用户生成属性密钥，以适用于细粒度的访问控制要求，使用全局身份将属于特定用户的各种属性进行“捆绑”，防止各属性机构间的共谋攻击，同时引入权重属性简化访问结构，节省系统的存储空间。实验结果表明，基于判定性q-parallel BDHE问题证明了该方案的安全性，与基于区块链的多授权机构访问控制方案和mHealth中可追踪多授权机构基于属性的访问控制方案相比，该方案终端用户在解密阶段具有更小的计算开销。

关键词: 雾计算, 分布式授权, 密文策略, 权重属性, 解密外包

CLC Number:

TP391

MA Jiajia, ZHANG Zhiqiang, CAO Suzhen, DOU Fengge, DING Xiaohui, WANG Caifen. Distributed Attribute-Based Encryption Scheme Based on Fog Nodes[J]. Computer Engineering, 2021, 47(6): 38-43.

马佳佳, 张志强, 曹素珍, 窦凤鸽, 丁晓晖, 王彩芬. 基于雾节点的分布式属性基加密方案[J]. 计算机工程, 2021, 47(6): 38-43.

/ Recommend / Download Citations

URL: https://www.ecice06.com/EN/10.19678/j.issn.1000-3428.0060063

https://www.ecice06.com/EN/Y2021/V47/I6/38

Figures/Tables 7

References

[1] BONOMI F,MILITO R,ZHU J,et al.Fog computing and its role in the Internet of Things[C]//Proceedings of MCC'12.New York,USA:ACM Press,2012:13-16.
[2] OKAMOTO T,TAKASHIMA K.Decentralized attribute-based encryption and signatures[J].ICE Transactions on Fundamentals of Electronics Communications and Computer Sciences,2020,103(1):41-73.
[3] MAHESWARI U S,VASANTHANAYAKI C.Secure medical health care content protection system with watermark detection for multi cloud computing environment[J].Multimedia Tools and Applications,2020,79(5):4075-4097.
[4] SAHAI A,WATERS B.Fuzzy identity-based encryption[C]//Proceedings of the 24th Annual International Conference on Theory and Applications of Cryptographic Techniques.Berlin,Germany:Springer,2005:457-473.
[5] POURNAGHI S M,BAYAT M,FARJAMI Y.MedSBA:a novel and secure scheme to share medical data based on blockchain technology and attribute-based encryption[J].Journal of Ambient Intelligence and Humanized Computing,2020,11(11):4613-4641.
[6] GOYAL V,PANDEY O,SAHAI A,et al.Attribute-based encryption for fine-grained access control of encrypted data[C]//Proceedings of the 13th ACM Conference on Computer and Communications Security.New York,USA:ACM Press,2006:89-98.
[7] BETHENCOURT J,SAHAI A,WATERS B.Ciphertext-policy attribute-based encryption[C]//Proceedings of the 28th IEEE Conference on Security and Privacy.Washington D.C.,USA:IEEE Press,2007:321-334.
[8] FAN Chuni,HUANG Siming,RUAN Heming.Arbitrary-state attribute-based encryption with dynamic membership[J].IEEE Transactions on Computers,2014,63(8):1951-1961.
[9] YAN Xincheng,CHEN Yue,BA Yang,et al.Updatable attribute encryption scheme supporting dynamic changes of user permissions[J].Computer Research and Development,2020,57(5):1057-1069.(in Chinese)严新成,陈越,巴阳,等.支持用户权限动态变更的可更新属性加密方案[J].计算机研究与发展,2020,57(5):1057-1069.
[10] HUANG Fengming,TU Shanshan,MENG Yuan.Attribute-based encryption scheme supporting outsourcing and revocation in fog computing[J].Computer Engineering,2020,46(5):34-40.(in Chinese)黄凤鸣,涂山山,孟远.雾计算中支持外包与撤销的属性基加密方案[J].计算机工程,2020,46(5):34-40.
[11] QIN Baodong,ZHENG Dong.Generic approach to outsource the decryption of attribute-based encryption in cloud computing[J].IEEE Access,2019,7:42331-42342.
[12] LI Jin,ZHANG Yinghui,CHEN Xiaofeng,et al.Secure attribute-based data sharing for resource-limited users in cloud computing[J].Computers & Security,2018(72):1-12.
[13] ZHOU Jun,CAO Zhenfu,DONG Xiaolei,et al.Security and privacy for cloud-based IoT:challenges[J].IEEE Communications Magazine,2017,55(1):26-33.
[14] CHASE M.Multi-authority attribute based encryption[M].Berlin,Germany:Springer,2007.
[15] ZHENG Lianghan,HE Heng,TONG Qian,et al.A multi-authorization organization access control scheme in cloud environment[J].Computer Science and Exploration,2020,14(11):1865-1878.(in Chinese)郑良汉,何亨,童潜,等.云环境中的多授权机构访问控制方案[J].计算机科学与探索,2020,14(11):1865-1878.
[16] LI Qi,ZHU Hongbo,XIONG Jinbo,et al.An attribute-based access control scheme for traceable multi-authorization agencies in mHealth[J].Journal on Communications,2018,39(6):1-10.(in Chinese)李琦,朱洪波,熊金波,等.mHealth中可追踪多授权机构基于属性的访问控制方案[J].通信学报,2018,39(6):1-10.
[17] LIU Z,JIANG Z L,WANG X,et al.Practical attribute-based encryption:outsourcing decryption,attribute revocation and policy updating[J].Journal of Network and Computer Applications,2018,108:112-123.
[18] FAN Kai,LIU Tingting,ZHANG Kuan,et al.A secure and efficient outsourced computation on data sharing scheme for privacy computing[J].Journal of Parallel and Distributed Computing,2020,135:169-176.
[19] XU Qian,TAN Chengxiang,FAN Zhijie,et al.Secure data access control for fog computing based on multi-authority attribute-based sign cryption with computation outsourcing and attribute revocation[J].Sensors,2018,18(5):1609-1646.
[20] PENG Hongyan,LING Jiao,QIN Shaohua,et al.Attribute-based encryption scheme for edge computing[J].Computer Engineering,2021,47(1):37-43.(in Chinese)彭红艳,凌娇,覃少华,等.面向边缘计算的属性加密方案[J].计算机工程,2021,47(1):37-43.

Please choose a citation manager

Content to export