| 支持属性撤销的策略隐藏与层次化访问控制 |
| |
| 引用本文: | 张 赛,杨 庚,韩亚梅,屠袁飞.支持属性撤销的策略隐藏与层次化访问控制[J].计算机工程与应用,2017,53(4):51-58. |
| |
| 作者姓名: | 张 赛 杨 庚 韩亚梅 屠袁飞 |
| |
| 作者单位: | 南京邮电大学 计算机学院,南京 210003 |
| |
| 摘 要: | 在属性加密方案中,访问策略中可能包含一些敏感信息,如何在具备丰富的策略表示能力的同时实现访问策略的隐藏已成为云计算环境中亟待解决的问题之一。另外,考虑到在系统中用户的属性会有经常性的变更,属性撤销也成为近年来研究的一个热点。提出一种基于属性策略隐藏的层次化访问控制方案,融合代理重加密技术和CP-ABE方案,解决属性撤销的问题。与之前的方案相比,既保护了策略的隐私,又具有较灵活的访问控制能力,并且引入层次化授权结构,减少了单一授权的负担和风险,提高了安全性。
|
| 关 键 词: | 云计算 CP-ABE 访问控制 隐藏策略 属性撤销 |
Attribute-based hierarchical access control with hidden policy supporting attribute revocation |
| |
| ZHANG Sai,YANG Geng,HAN Yamei,TU Yuanfei.Attribute-based hierarchical access control with hidden policy supporting attribute revocation[J].Computer Engineering and Applications,2017,53(4):51-58. |
| |
| Authors: | ZHANG Sai YANG Geng HAN Yamei TU Yuanfei |
| |
| Affiliation: | College of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing 210003, China |
| |
| Abstract: | In attribute-based encryption schemes, access policy may contain some sensitive information, how to achieve policy hidden and have abundant expressive ability of access policy at the same time is one of the urgent problems in the cloud computing environment. Users’ attributes often change in the system, so attribute revocation has become a hot spot of research in recent years. In this paper, a hierarchical access control scheme with hidden policy is proposed. To solve the problem of attribute revocation, the technique of proxy re-encryption is integrated into CP-ABE scheme. Compared with the previous schemes, the scheme both protect the policy and has flexible access control capability. Furthermore, the hierarchical authorization structure which reduces the burden and risk in the case of one single authority making the scheme secure. |
| |
| Keywords: | cloud computing CP-ABE access control hidden policy attribute revocation |
|
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
|
