Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Cloud storage access control system based on attribute

An access control and access control strategy technology, applied in transmission systems, electrical components, etc., can solve the problems of high data encryption and decryption overhead, inability to provide user privacy data encryption protection, low performance of access control systems, etc., to increase the difficulty, prevent Leakage, the effect of improving safety

Active Publication Date: 2013-09-25
XIDIAN UNIV
View PDF1 Cites 46 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The attribute-based access control system using ciphertext strategy based on the above-mentioned cryptographic system can provide data encryption combined with attribute-based access control strategy, but in practical applications, not all data needs to be encrypted and stored. When the amount of data is large, directly The overhead of encrypting and decrypting data is high, and the performance of the access control system is low. Therefore, the existing attribute-based access control solutions for ciphertext policies cannot provide fine-grained, dynamic, and scalable solutions on the basis of ensuring user data and privacy security. , efficient access control
[0005] XACML (eXtensible Access Control Markup Language) is a language for describing policies and access control proposed by OASIS (Organization for the Advancement of Structured Information Standards). The access control system framework implemented based on XACML is applied to web services to provide fine-grained and dynamic , Scalable and efficient ABAC (Attribute Based Access Control), but cannot provide encryption protection for user privacy data

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cloud storage access control system based on attribute
  • Cloud storage access control system based on attribute
  • Cloud storage access control system based on attribute

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] The present invention will be described in further detail below with reference to accompanying drawing:

[0048] refer to figure 1 , the present invention includes five units: a security token unit 1 , a subject information management unit 2 , an access control unit 3 , an attribute-based encryption and decryption unit 4 and a cloud storage unit 5 . in:

[0049] The security token service 1 is to receive the identity authentication request sent by the user, and return a token response to the user if the identity of the authenticated user is successful, and return an authentication failure response to the user if the authentication is unsuccessful; the second is to receive the token of the access control unit 3 For a verification request, if the token verification is valid, the user identity information corresponding to the token is sent to the access control unit 3, and if the token verification is invalid, a token verification invalid response is sent to the access co...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a cloud storage access control system based on an attribute. The cloud storage access control system based on the attribute comprises a security token unit (1), a main body information management unit (2), an access control unit (3), an attribute base encryption and decryption unit (4) and a cloud storage unit (5), wherein the security token unit (1) is used for achieving the function of identity authentication, the function of token distribution and the function of token verification, the main body information management unit (2) is used for achieving the function of generating a user private key, the function of storing user attribute information and the user private key, and the function of symmetric keys after encryption of an access control policy, the access control unit (3) is used for achieving the function of access control based on the attribute, and the function of user customization of the access control policy, the attribute base encryption and decryption unit (4) is used for achieving the function of encryption and decryption of files, and the function of using the access control policy and the user private key to carry out encryption and decryption on the symmetric keys, and the cloud storage unit (5) is used for achieving the function of storage of plaintext and ciphertext. The cloud storage access control system based on the attribute has the advantages of being fine in grit, real-time, dynamic, extensible, safe and the like, and can be used for achieving access control in the cloud storage environment.

Description

technical field [0001] The invention belongs to the technical field of network and information security, and relates to data access control technology, specifically a cloud storage access control system that introduces attribute-based encryption under the XACML framework, provides access control to data and ensures data confidentiality. Background technique [0002] Cloud storage is an emerging cloud service that has emerged in the past two years. Users can access the Internet anytime, anywhere, and use handheld mobile terminals or PCs to access their personal files at a very fast speed. Therefore, it has received extensive support and support. application. However, while it is convenient to use, cloud storage has also aroused widespread concerns among users about data security and privacy protection security. In 2009, many well-known cloud storage service providers such as Amazon, Google, LinkUp, etc. had user data and privacy leakage security issues, and caused serious co...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/08
Inventor 李辰楠马建峰王蕾马卓牛德华
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com