Data access control method and system in cloud storage environment
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
A data access control and data access technology, applied in the field of network communication, can solve problems such as illegal use of user data
Active Publication Date: 2015-10-14
黑龙江航天信息有限公司
View PDF7 Cites 35 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
[0004] The disadvantages of the data access method in the cloud storage environment in the above prior art are as follows: there is a possibility that the cloud service provider may illegally use user data; the key transfer process in this scheme must require the applicant and the owner to be online at the same time to complete the key transfer process
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0059] The following first explains the noun symbols that appear in this article:
[0060] DataOwner: data owner
[0061] DataUser: data user
[0062] C_Server: cloud server
[0063] UID: User ID
[0064] FID: file identifier
[0065] HashDataUnit: data hash unit
[0066] DataUnit: data storage unit
[0067] KeyUnit: shared key storage unit
[0068] PKDO: data owner public key
[0069] SKDO: data owner private key
[0070] K: shared key
[0071] CertDU: data user certificate
[0072] PKDU: data user public key
[0073] SKDU: data user private key
[0074] Hash(): hash calculation
[0075] E(M)K: Symmetric encryption of plaintext M using symmetric key K
[0076] E(M)PK: use the public key to encrypt the plaintext M
[0077] D(C)PK: use the private key to decrypt the ciphertext C
[0078] S(v)SK: Use the private key to sign the proof v
[0079]V(s)PK: Use the public key to verify the signature s
[0080] Data: processed data
[0081] isShared: shared type
[0...
Embodiment 2
[0115] This embodiment provides a data access control system in a cloud storage environment, and its specific implementation structure is as follows Figure 5 As shown, it may specifically include: the client of the data owner, the client of the data user, and the cloud server.
[0116] The client of the data owner is used to register the personal information of the data owner with the cloud server. When the data owner determines that the data that needs to be uploaded to the cloud server is shared data, the client uses symmetric Encrypting the data with a key, and sending the encrypted data, the symmetric key, the hash operation result of the data, and the shared attribute of the data to the cloud server;
[0117] When the data owner determines that the data that needs to be uploaded to the cloud server is non-shared data, the client uses its own public key to encrypt the data, and the encrypted data, the hash operation result of the data and The sharing attribute of the dat...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
PUM
Login to view more
Abstract
Embodiments of the invention provide a data access control method and system in a cloud storage environment. The method mainly comprises the steps that a user registers personal information to a cloud server through a client side; when a data owner determines that the data to be transmitted to the cloud server is shared data, the client side of the data owner uses a symmetric key to encrypt the data, and sends the encrypted data, the symmetrical key, a hash operation result of the data and a shared attribute of the data to the cloud server; when the data is not the shared data, the client side of the data owner uses its own public key to encrypt the data, and sends the encrypted data, the hash operation result of the data and the shared attribute of the data to the cloud server. Through adoption of the method and system, confidentiality and integrity of the user data are guaranteed, and confidentiality of the user files is classified, so that authority control under data sharing is better realized, and security improvement of data access control under cloud storage is effectively provided.
Description
technical field [0001] The invention relates to the technical field of network communication, in particular to a data access control method and system in a cloud storage environment. Background technique [0002] With the advent of the big data era, cloud storage has become an inevitable trend in future storage development. Different users upload their files to the cloud, and cloud storage providers provide unified data storage and business access to ensure data security. performance and save storage space. Data owners can authorize other users to download and use their own files, and realize collaborative work among different users through sharing and data synchronization. Although cloud storage can easily realize the synchronization and sharing of user data on different devices, saving costs. However, there are also huge security risks in storing these private user data in public cloud storage. [0003] A data access method in a cloud storage environment in the prior ar...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to view more 
Login to view more