Encryption system supporting fine-grained access control

An access control and encryption system technology, applied in the field of information security, can solve problems such as high overhead, poor security, and complex cloud storage server management, and achieve the effect of reducing ciphertext storage space, fine-grained access control, and improving overall performance.

Inactive Publication Date: 2016-11-09
杨炳
View PDF4 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In this case, a malicious key generation center can decrypt all ciphertexts of any user, what's more, the key generation center may maliciously distribute the user's private key
At the same time, on the cloud computing platform, users cannot trust the cloud service provider to faithfully implement the user-defined access control scheme, and the security is poor.
In addition, the attribute-based encryption scheme also has problems such as high encryption and decryption calculation overhead for data owners and ordinary users in the cloud storage environment, does not support fine-grained access control, and the cloud storage server management is complicated due to the flexibility of access control.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Encryption system supporting fine-grained access control
  • Encryption system supporting fine-grained access control
  • Encryption system supporting fine-grained access control

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] see figure 1 , figure 2 , the implementation of this embodiment supports fine-grained access control encryption system, including cloud storage server 1, plaintext preprocessor 2, management terminal 3 operated by authorization center, client 4 operated by data owner and shared user:

[0047] (1) cloud storage server 1, used to provide data storage services for access users, and control external users to access the cloud storage server;

[0048] (2) The management terminal 2 operated by the authorization center is used to generate the initial public parameters and master key of the system. When receiving the request from the access user, it is distributed to the client 4 operated by the data owner and shared user The system publicizes the parameters, and generates a corresponding private key for each access user, and participates in the connection between the cloud storage server 1 and the access users accessed by the client 4 run by the data owner and shared user at ...

Embodiment 2

[0079] see figure 1 , figure 2 , the implementation of this embodiment supports fine-grained access control encryption system, including cloud storage server 1, plaintext preprocessor 2, management terminal 3 operated by authorization center, client 4 operated by data owner and shared user:

[0080] (1) cloud storage server 1, used to provide data storage services for access users, and control external users to access the cloud storage server;

[0081] (2) The management terminal 2 operated by the authorization center is used to generate the initial public parameters and master key of the system. When receiving the request from the access user, it is distributed to the client 4 operated by the data owner and shared user The system publicizes the parameters, and generates a corresponding private key for each access user, and participates in the connection between the cloud storage server 1 and the access users accessed by the client 4 run by the data owner and shared user at ...

Embodiment 3

[0112] see figure 1 , figure 2 , the implementation of this embodiment supports fine-grained access control encryption system, including cloud storage server 1, plaintext preprocessor 2, management terminal 3 operated by authorization center, client 4 operated by data owner and shared user:

[0113] (1) cloud storage server 1, used to provide data storage services for access users, and control external users to access the cloud storage server;

[0114] (2) The management terminal 2 operated by the authorization center is used to generate the initial public parameters and master key of the system. When receiving the request from the access user, it is distributed to the client 4 operated by the data owner and shared user The system publicizes the parameters, and generates a corresponding private key for each access user, and participates in the connection between the cloud storage server 1 and the access users accessed by the client 4 run by the data owner and shared user at ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an encryption system supporting fine-grained access control. The encryption system comprises a cloud storage server, a plaintext preprocessor, a management end run by an authentication center and a client run by a data owner and a shared user. According to the encryption system, the computation cost for encryption and decryption of the data owner and the user can be effectively reduced, and the fine-grained access control is realized; the plaintext information after encoding is divided into different access levels according to an access structure tree, so that the efficiency for access control is improved, and furthermore, the plaintext information is encoded by utilizing a code division multiplexing technology, so that the ciphertext storage space is reduced and the overall performance of the system is improved.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to an encryption system that supports fine-grained access control. Background technique [0002] Existing cloud computing platforms can adopt traditional attribute-based encryption schemes. Attribute-based encryption schemes can be used as the generalization and extension of identity-based cryptosystems. More specifically, attribute-based encryption schemes can be obtained by adding the concept of access structure to identity-based cryptosystems. But the attribute-based encryption scheme inherits the key escrow problem from the identity-based cryptosystem, that is, all users' private keys are generated and distributed through a fully trusted key generation center. In this case, a malicious key generation center can decrypt all ciphertexts of any user, what's more, the key generation center may maliciously distribute the user's private key. At the same time, on the clo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/10H04L63/0428H04L67/1097
Inventor 不公告发明人
Owner 杨炳
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap