云環(huán)境下支持屬性撤銷的訪問控制研究
發(fā)布時間:2018-11-07 20:06
【摘要】:隨著云計算的普及,越來越多的用戶將自己的敏感數(shù)據(jù)外包到云服務(wù)器上.云服務(wù)器負(fù)責(zé)管理和維護(hù)所存儲的數(shù)據(jù),并提供用戶所需要的服務(wù).通過外包數(shù)據(jù)到云服務(wù)器上,用戶能夠享受到高質(zhì)量的數(shù)據(jù)存儲服務(wù).另外,,其他用戶也可以申請訪問存儲在云服務(wù)器上的數(shù)據(jù).這樣,不同的用戶間能夠達(dá)到彼此共享數(shù)據(jù)的目的.然而,在云環(huán)境下用戶不能完全信任云服務(wù)器.此外,用戶希望其他的非法用戶無法訪問自己所存儲的數(shù)據(jù).因此,在數(shù)據(jù)共享時,如何建立一種安全的訪問控制機(jī)制成為亟待解決的難題.訪問控制技術(shù)允許合法用戶成功訪問所需要的數(shù)據(jù).并且,鑒于用戶頻繁地變更,需要提出一種支持用戶和屬性撤銷的訪問控制方案.本文的主要工作有以下幾個方面: 1.研究了現(xiàn)有的各種基于屬性的加密方案,總結(jié)了現(xiàn)有方案的不足,我們所關(guān)注的不足之處主要在于屬性撤銷時的效率問題,同時也包括方案其他方面的不足. 2.基于誠實但好奇的服務(wù)器(honest-but-curious)模型,提出一種高效的支持屬性和用戶撤銷的訪問控制方案.該方案不僅在加密時效率高,并且在密鑰更新時也更加高效.通過嚴(yán)格的安全性分析,證明了提出的方案在誠實但好奇的服務(wù)器模型下是安全的并且可以高效地實現(xiàn)屬性和用戶撤銷.對方案進(jìn)行了效率分析,結(jié)果表明我們的方案是高效的. 3.基于上述屬性撤銷方案,我們提到了另外一種服務(wù)器形式的屬性撤銷問題.因此,在所定義的新的服務(wù)器模型下,為了解決服務(wù)器與用戶勾結(jié)的問題,提出了一種方案,這個方案能夠解決共謀攻擊.
[Abstract]:With the popularity of cloud computing, more and more users outsource their sensitive data to cloud servers. The cloud server is responsible for managing and maintaining the stored data and providing the services required by the user. By outsourcing data to cloud servers, users can enjoy high-quality data storage services. In addition, other users can apply for access to the data stored on the cloud server. In this way, different users can achieve the purpose of sharing data with each other. However, in a cloud environment, users cannot fully trust the cloud server. In addition, users want other illegal users to have no access to their stored data. Therefore, in data sharing, how to establish a secure access control mechanism becomes an urgent problem. Access control technology allows legitimate users to access the required data successfully. Moreover, in view of the frequent changes of users, an access control scheme supporting user and attribute revocation is proposed. The main work of this paper is as follows: 1. This paper studies all kinds of existing attribute-based encryption schemes, summarizes the shortcomings of the existing schemes, and focuses on the efficiency of attribute revocation, as well as the shortcomings of other aspects of the scheme. 2. Based on the honest but curious server (honest-but-curious) model, an efficient access control scheme supporting attribute and user revocation is proposed. This scheme is not only efficient in encryption, but also more efficient in key updating. Through strict security analysis, it is proved that the proposed scheme is secure under the honest but curious server model and can efficiently realize attribute and user revocation. The efficiency of the scheme is analyzed and the results show that our scheme is efficient. 3. Based on the above attribute revocation scheme, we refer to another kind of server property revocation problem. Therefore, in order to solve the problem of collusion between server and user under the new server model, a scheme is proposed, which can solve the collusion attack.
【學(xué)位授予單位】:西安電子科技大學(xué)
【學(xué)位級別】:碩士
【學(xué)位授予年份】:2014
【分類號】:TP309.7
本文編號:2317434
[Abstract]:With the popularity of cloud computing, more and more users outsource their sensitive data to cloud servers. The cloud server is responsible for managing and maintaining the stored data and providing the services required by the user. By outsourcing data to cloud servers, users can enjoy high-quality data storage services. In addition, other users can apply for access to the data stored on the cloud server. In this way, different users can achieve the purpose of sharing data with each other. However, in a cloud environment, users cannot fully trust the cloud server. In addition, users want other illegal users to have no access to their stored data. Therefore, in data sharing, how to establish a secure access control mechanism becomes an urgent problem. Access control technology allows legitimate users to access the required data successfully. Moreover, in view of the frequent changes of users, an access control scheme supporting user and attribute revocation is proposed. The main work of this paper is as follows: 1. This paper studies all kinds of existing attribute-based encryption schemes, summarizes the shortcomings of the existing schemes, and focuses on the efficiency of attribute revocation, as well as the shortcomings of other aspects of the scheme. 2. Based on the honest but curious server (honest-but-curious) model, an efficient access control scheme supporting attribute and user revocation is proposed. This scheme is not only efficient in encryption, but also more efficient in key updating. Through strict security analysis, it is proved that the proposed scheme is secure under the honest but curious server model and can efficiently realize attribute and user revocation. The efficiency of the scheme is analyzed and the results show that our scheme is efficient. 3. Based on the above attribute revocation scheme, we refer to another kind of server property revocation problem. Therefore, in order to solve the problem of collusion between server and user under the new server model, a scheme is proposed, which can solve the collusion attack.
【學(xué)位授予單位】:西安電子科技大學(xué)
【學(xué)位級別】:碩士
【學(xué)位授予年份】:2014
【分類號】:TP309.7
【參考文獻(xiàn)】
相關(guān)期刊論文 前2條
1 沈昌祥;張煥國;馮登國;曹珍富;黃繼武;;信息安全綜述[J];中國科學(xué)(E輯:信息科學(xué));2007年02期
2 呂志泉;張敏;馮登國;;云存儲密文訪問控制方案[J];計算機(jī)科學(xué)與探索;2011年09期
本文編號:2317434
本文鏈接:http://sikaile.net/guanlilunwen/ydhl/2317434.html
最近更新
教材專著
