A method for reclaiming user access rights in a cloud storage environment
A technology of access rights recovery and cloud storage, which is applied in the field of computer storage technology and information security, can solve security risks, data re-encryption performance, overhead and other issues, and achieve the effect of avoiding security risks and reducing performance overhead
Active Publication Date: 2017-01-25
HUAZHONG UNIV OF SCI & TECH
View PDF3 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0003] Aiming at the above defects or improvement needs of the prior art, the present invention provides a method for reclaiming user access rights in a cloud storage environment, the purpose of which is to realize immediate reclaiming of user rights through ciphertext-based random processing in the cloud, To solve the security risks caused by the recovery of existing user rights and the technical problems of re-encrypting data that cause huge performance overhead
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0051] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other.
[0052] Below at first explain and illustrate with regard to the technical terms of the present invention:
[0053] Original file: refers to the unencrypted file;
[0054] Identity certificate: a data structure that marks the user's identity characteristics, used for user identity judgment and access control to judge whether the user has access rights;
[0055] Symmetric encryption mechanism: E...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a user access right revoking method in a cloud storage environment. The method solves the problems that in an existing cloud environment, when user right is revoked, potential safety hazards are caused, and performance expenditure is caused by data re-encryption. The method involves a client side process, a cloud storage system process and a safety management center process, wherein a cloud storage system achieves token chain management updating and notifies a safety management center of distribution of secret keys and tokens, and ciphertext is placed in an interference block to be processed, and a user access request is judged and replied; the safety management center achieves user registration and logging, right giving and revoking, secret key management and distribution and user token distribution. According to the user access right revoking method, interference processing on the ciphertext is achieved through a token mechanism, and an immediate revoking mechanism is adopted; when the user right is revoked, the token is updated immediately, the ciphertext is subjected to re-interference processing, and the potential safety hazards caused when the user right is revoked in a non-immediate revoking mechanism are avoided. According to the method, data do not need to be subjected to re-encryption processing, and performance expenditure of a system is greatly reduced.
Description
technical field [0001] The invention belongs to the field of computer storage technology and information security technology, and more specifically relates to a method for reclaiming user access rights in a cloud storage environment. Background technique [0002] While cloud storage systems provide users with data storage and business services, the security of cloud data has always been an important issue that users and business managers are particularly concerned about. In order to protect the privacy of user data, the current cloud storage security framework generally encrypts and stores data, and cloud service providers use corresponding access control policies to determine whether users have legitimate access rights to the data, key management and distribution by a trusted third party. Although this has strengthened the security of cloud data to a certain extent, the form of ciphertext storage will also cause new problems. When it is necessary to change the user's acce...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 李春花周可吴泽邦魏荣磊边泽明杨勇张彦哲
Owner HUAZHONG UNIV OF SCI & TECH