User timely revocation method based on attribute-based encryption in cloud environment

An attribute-based encryption, cloud environment technology, applied in user identity/authority verification and key distribution, can solve the problem of slow revocation efficiency of cloud storage users, and achieve the effect of timely revocation, improving efficiency and reducing workload

Active Publication Date: 2014-03-05
NANJING UNIV OF POSTS & TELECOMM
View PDF7 Cites 34 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The popularity and development of cloud storage has made people pay more and more attention to the data security in it. Due to its own characteristics, attrib

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • User timely revocation method based on attribute-based encryption in cloud environment
  • User timely revocation method based on attribute-based encryption in cloud environment
  • User timely revocation method based on attribute-based encryption in cloud environment

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0100] Example 1

[0101] Such as figure 2 As shown, the present invention proposes a real-time user withdrawal method based on attribute-based encryption in a cloud environment, which includes the following steps:

[0102] Step 1: System parameter generation;

[0103] The trusted organization first randomly selects generators, generates bilinear groups and bilinear mappings, and generates two pairs of master keys and public keys. The master key is retained and the public key is disclosed;

[0104] Step 2: Generate private key and proxy rekey;

[0105] The user provides relevant information to the trusted organization and applies for access to the private key; the trusted organization allocates corresponding data attributes according to the information provided by the user to generate the private key SK u And send it to the user; the data owner sends the special attribute set of the file F to the trusted organization, and the trusted organization generates the private key SK for it x ,...

Example Embodiment

[0174] Example 2

[0175] Suppose a data owner O stores the file F in the CBS, and the user U applies to a trusted organization to obtain a partial private key, and then sends an application for access to the file F to the CPSP. The data owner performs two operations on the file: 1. Revoke the user; 2. Delete the file.

[0176] The specific implementation plan is:

[0177] (1) The trusted organization first randomly selects generators, generates bilinear groups and bilinear mappings, and generates two pairs of master keys and public keys. The master key is retained and the public key is disclosed.

[0178] (2) The data owner selects the attribute set for the file F to construct the access control tree T A , Select a special attribute set to construct an access control tree T x , Encrypt the file F to generate a ciphertext CT, and send it to the CPSP.

[0179] (3) CPSP selects a unique ID number for the file, generates a user revocation list of this file, saves the file to CBS, and then...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a user timely revocation method based on attribute-based encryption in a cloud environment. The method comprises the steps that secret keys are divided into two parts, one part is sent to a requiring user, the other part is stored by a proxy server end, a proxy server can carry out recomputation on a part of the secret key stored in the proxy server when the requiring user sends an access request to the proxy server, different recomputation methods are chosen according to a revocation list stored in the proxy server, and decryption can be achieved only through the secret keys obtained by legal users. According to the method, timely revocation can be achieved by the user, secret key updating operation is transferred into the proxy server, pressure on an authorization mechanism is relieved, updating of the secrete keys of other legal users is not needed, workloads for updating the secret keys through the proxy server are lightened, and revocation efficiency is improved.

Description

technical field [0001] The invention relates to the technical field of computer cloud computing security, in particular to a timely user revocation method based on attribute-based encryption in a cloud environment. Background technique [0002] Cloud computing is a computing model that provides dynamically scalable virtualized resources as a service through the Internet. Since its inception, its many advantages have enabled it to be rapidly promoted and developed, and is favored by more and more enterprises and users. Cloud computing uses software to realize virtualized management, scheduling and application of hardware resources, which greatly reduces maintenance costs and improves resource utilization. Its good flexibility saves users expenses to the greatest extent. Users can You can customize corresponding services according to your own needs, and its high reliability and security make more enterprises and users willing to store data in the cloud. [0003] The populari...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/32H04L9/08H04L29/08
Inventor 陈丹伟胡浩然任勋益何利文王志伟
Owner NANJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap