A timely user revocation method based on attribute-based encryption in cloud environment

An attribute-based encryption and cloud environment technology, which is applied in user identity/authority verification and key distribution, can solve the problems of slow revocation efficiency of cloud storage users, and achieve the effects of timely revocation, pressure reduction and workload reduction

Active Publication Date: 2016-11-30
NANJING UNIV OF POSTS & TELECOMM
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The popularity and development of cloud storage has made people pay more and more attention to the data security in it. Due to its own characteristics, attribute-based encryption is very suitable for access control of large-scale users such as cloud storage. The problem that storage user revocation efficiency is very slow

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A timely user revocation method based on attribute-based encryption in cloud environment
  • A timely user revocation method based on attribute-based encryption in cloud environment
  • A timely user revocation method based on attribute-based encryption in cloud environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0101] Such as figure 2 As shown, the present invention proposes a timely user revocation method based on attribute-based encryption under a cloud environment, which includes the following steps:

[0102] Step 1: System parameter generation;

[0103] The trusted organization first randomly selects generators, generates bilinear groups and bilinear maps, and generates two pairs of master keys and public keys. The master key is reserved and the public key is made public;

[0104] Step 2: Generate private key and proxy key;

[0105] The user provides relevant information to the trusted organization and applies for access to the private key; the trusted organization assigns the corresponding data attributes according to the information provided by the user and generates the private key SK u And send it to the user; the data owner sends the special attribute set of the file F to the trusted organization, and the trusted organization generates the private key SK for it x , and g...

Embodiment 2

[0175] Assuming that a data owner O stores file F in CBS, user U applies to a trusted institution for partial private keys, and then sends an access request to CPSP for file F. The data owner performs two operations on the file: 1. Revoke the user; 2. Delete the file.

[0176] Its specific implementation plan is:

[0177] (1) The trusted organization first randomly selects generators, generates bilinear groups and bilinear maps, and generates two pairs of master keys and public keys. The master key is reserved and the public key is made public.

[0178] (2) The data owner selects the attribute set for the file F to construct the access control tree T A , select a special attribute set to construct an access control tree T x , encrypt file F to generate ciphertext CT, and send it to CPSP.

[0179] (3) CPSP selects a unique ID number for the file, generates a user revocation list for the file, saves the file to CBS, and then returns the ID number to the data owner.

[0180] ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a timely user revocation method based on attribute-based encryption in a cloud environment. The method divides the key into two parts, one is sent to the requesting user, and the other is saved by the proxy server. When the requesting user sends When the proxy server sends out an access request, the proxy server will recalculate some of its stored keys, and select different recalculation methods according to its stored revocation list, so that only the keys obtained by legitimate users can be decrypted; the present invention can not only Realize the user's timely revocation, transfer the key update work to the proxy server, reduce the pressure on the authority, and do not need to update the keys of other legitimate users, reduce the workload of the proxy server to update the key, and improve the revocation s efficiency.

Description

technical field [0001] The invention relates to the technical field of computer cloud computing security, in particular to a timely user revocation method based on attribute-based encryption in a cloud environment. Background technique [0002] Cloud computing is a computing model that provides dynamically scalable virtualized resources as a service through the Internet. Since its inception, its many advantages have enabled it to be rapidly promoted and developed, and is favored by more and more enterprises and users. Cloud computing uses software to realize virtualized management, scheduling and application of hardware resources, which greatly reduces maintenance costs and improves resource utilization. Its good flexibility saves users expenses to the greatest extent. Users can You can customize corresponding services according to your own needs, and its high reliability and security make more enterprises and users willing to store data in the cloud. [0003] The populari...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32H04L9/08H04L29/08
Inventor 陈丹伟胡浩然任勋益何利文王志伟
Owner NANJING UNIV OF POSTS & TELECOMM
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap