高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

多云服务提供者环境下的一种用户密钥撤销方法

李拴保 王雪瑞 傅建明 张焕国

李拴保, 王雪瑞, 傅建明, 张焕国. 多云服务提供者环境下的一种用户密钥撤销方法[J]. 电子与信息学报, 2015, 37(9): 2225-2231. doi: 10.11999/JEIT150205
引用本文: 李拴保, 王雪瑞, 傅建明, 张焕国. 多云服务提供者环境下的一种用户密钥撤销方法[J]. 电子与信息学报, 2015, 37(9): 2225-2231. doi: 10.11999/JEIT150205
Li Shuan-bao, Wang Xue-rui, Fu Jian-ming, Zhang Huan-guo. User Key Revocation Method for Multi-cloud Service Providers[J]. Journal of Electronics & Information Technology, 2015, 37(9): 2225-2231. doi: 10.11999/JEIT150205
Citation: Li Shuan-bao, Wang Xue-rui, Fu Jian-ming, Zhang Huan-guo. User Key Revocation Method for Multi-cloud Service Providers[J]. Journal of Electronics & Information Technology, 2015, 37(9): 2225-2231. doi: 10.11999/JEIT150205

多云服务提供者环境下的一种用户密钥撤销方法

doi: 10.11999/JEIT150205
基金项目: 

国家自然科学基金(61373168, 61202387),教育部高等学校博士学科点专项科研基金(20120141110002)和河南省软科学研究基金(132400410165, 142400410263, 142400410267, 142400411039)

User Key Revocation Method for Multi-cloud Service Providers

  • 摘要: 密钥信息泄露是互联云服务难题之一,为解决该问题,该文提出一种基于属性环签名的用户密钥撤销方案。该方案以互联云的用户密文访问方法为研究对象,论述了无属性泄露的密文矩阵映射机制,多授权者自主扩展属性集生成密钥,从而令云服务提供者(CSP)无法获得用户完整属性,达到消除属性存储负载的目的。另外,该方案以撤销环与单调张成算法为基础设计用户签名验证撤销机制,令CSP、授权者与用户共同组成属性环,接受CSP定义密文访问结构,用户签名只有通过源CSP验证才能访问密文,授权者撤销部分属性失效用户解密密钥,从而达到权限撤销不影响其它用户访问的目的。该方案以密文策略属性基加密(CP-ABE)与单调张成算法为基础设计多用户组合属性共谋抵抗机制,用以保护属性的机密性。最后,给出该方案通信成本和计算效率的性能分析,用以验证该方法的有效性。
  • Buyya R, Ranjan R, and Calheiros N R. InterCloud: utility- oriented federation of cloud computing environments for scaling of application services[C]. Proceedings of Algorithms and Architectures for Parallel Processing, Berlin, 2010: 13-31.
    李拴保, 傅建明, 张焕国. 环境下基于环签密的用户身份属性保护方案[J]. 通信学报,2014, 35(9): 99-111.
    Li Shuan-bao, Fu Jian-ming, and Zhang Huan-guo. Scheme on user identity attribute preserving based on ring signcryption for cloud computing[J]. Journal on Communications, 2014, 35(9): 99-111.
    冯登国, 张敏, 杨妍妍. 云计算安全研究[J]. 软件学报, 2011, 22(1): 71-83.
    Feng Deng-guo, Zhang Min, and Yang Yan-yan. Study on cloud computing security[J]. Journal of Software, 2011, 22(1): 71-83.
    Liu D Y W, Liu J K, and Mu Y. Revocable ring signature[J]. Journal of Computer Science and Technology, 2007, 12(6): 785-794.
    Chuang I-hsun and Li Syuan-hao. An effective privacy protection scheme for cloud computing[C]. Proceedings of Advanced Communication Technology, Gangwon-Do, 2011: 260-265.
    Wang Guo-jun and Liu Qin. Hierarchical attribute-based encryption for fine-grained access control in cloud storage services[C]. Proceedings of Computer and Communications Security, Pairs, 2010: 735-737.
    Sherman S M C and He Yi-jun. Simple privacy-preserving identity-management for cloud environment[C]. Proceedings of Applied Cryptography and Network Necurity, Berlin, 2012: 526-543.
    Mao Shao-wu and Zhang Huan-guo. A resistant quantum key exchange protocol and its corresponding encryption scheme [J]. China Communications, 2014, 11(9): 12-23.
    张倩颖, 冯登国, 赵世军. 基于可信芯片的平台身份证明方案研究[J]. 通信学报,2014, 35(8): 95-106.
    Zhang Qian-ying, Feng Deng-guo, and Zhao Shi-jun. Research of platform identity attestation based on trusted chip[J]. Journal on Communications, 2014, 35(8): 95-106.
    冯登国, 张敏, 李昊. 大数据隐私与安全保护[J]. 计算机学报, 2014, 37(1): 246-258.
    Feng Den-guo, Zhang Min, and Li Hao. Big data privacy and security protection[J]. Journal of Computer, 2014, 37(1): 246-258.
    Yu Shu-cheng and Wang Cong. Achieving secure, scalable, and fine-grained data access control in cloud computing[C]. Proceedings of Computer Communications, Pairs, 2010b: 15-19.
    Yu Shu-cheng and Wang Cong. Attribute based data sharing with attribute revocation[C]. Proceedings of Information, Computer and Communications Security, Pairs, 2010a: 261-270.
    Wang Guo-jun and Liu Qin. Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers[J]. Computers Security, 2011, 30(3): 320-331.
    Wei Li-fei and Zhu Hao-jin. Security and privacy for storage and computation in cloud computing[J]. Information Sciences, 2014, 258: 371-386.
    Adeela W and Asad R. A framework for preservation of cloud users data privacy using dynamic reconstruction of metadata [J]. Journal of Network and Computer Applications, 2013, 36(2): 235-248.
    Dan B and Matt F. Identity-based encryption from the weil pairing[C]. Proceedings of Cryptology, Berlin, 2001: 213-229.
    Zhang Yan, Feng Deng-guo, and Zhang Zheng-feng. On the security of an efficient attribute-based signature[C]. Proceedings of Network and System Security, Berlin, 2013: 381-392.
    Lewko A and Waters B. Decentralizing attribute-based encryption[C]. Proceedings of EUROCRYPT, Paterson, 2011: 568-588.
    Bethencourt J, Sahai A, and Waters B. Ciphertext-policy attribute-based encryption[C]. Proceedings of the IEEE Security and Privacy, Paris, 2007: 321-334.
    Shamir A. How to share secret[J]. Communication of Association for Computing Machinery, 2002, 40(11): 612-613.
  • 加载中
计量
  • 文章访问数:  1285
  • HTML全文浏览量:  108
  • PDF下载量:  486
  • 被引次数: 0
出版历程
  • 收稿日期:  2015-02-03
  • 修回日期:  2015-05-18
  • 刊出日期:  2015-09-19

目录

    /

    返回文章
    返回