Unlock instant, AI-driven research and patent intelligence for your innovation.

Data storage and access control method based on key derivation

A data storage and access control technology, applied in the field of cloud data storage, can solve the problems of lack, consumption of cloud server resources, difficulty in compatibility between CP-ABE schemes, etc., and achieve the effect of avoiding illegal downloads and ensuring security

Active Publication Date: 2017-07-11
UNIV OF SCI & TECH OF CHINA
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, due to the lack of corresponding compatible cloud access control strategies, CP-ABE is still difficult to be directly deployed in the actual public cloud environment
In the current cloud access control scheme, the cloud server is always assumed to be completely trusted, so it is difficult for these schemes to be compatible with the CP-ABE scheme
Due to the lack of corresponding cloud access control, in the access control scheme based on CP-ABE, the cloud server is always exposed to a variety of security threats, one of the most important security threats is denial of service attack (DoS / DDoS), malicious Users can download files shared by other users on the cloud server without restriction, thus consuming various resources on the cloud server and making the cloud server unable to work normally; in addition, due to the lack of cloud access control, malicious users can download A large number of files can carry out attacks related to ciphertext analysis, threatening the confidentiality of user data

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Data storage and access control method based on key derivation
  • Data storage and access control method based on key derivation
  • Data storage and access control method based on key derivation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0018] The technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0019] Embodiments of the present invention will be further described in detail below in conjunction with the accompanying drawings, as figure 1 Shown is a schematic flow chart of a data storage and access control method based on key derivation provided by an embodiment of the present invention, and the method includes:

[0020] Step 1. The data owner generates the attribute set {A required for attribute encryption according to the access permissio...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a data storage and access control method based on key derivation. The method includes: firstly, a data owner generates an attribute set {A1, A2,..., An} required by attribute encryption and an access strategy A according to the access permission demand of a to-be-uploaded file M; a ciphertext CT is uploaded to a cloud server for storage after encryption processing; the cloud server generates N random character strings {S1, S2,..., SN}, and encrypts the N random character strings by regarding K-bar as the symmetric key and employing a symmetric encryption algorithm; when other users need to obtain the file M stored by the cloud server, the cloud server and the user who initiates a request accomplish a challenge-response process; a data ciphertext EK (M) in the ciphertext CT corresponding to the file M requested by the user is sent to the user; and the user decrypts the EK (M) by employing a random session key K to obtain the required file M. By employing the above method, the access permission for specific users can be effectively determined, malicious users are prevented from illegally downloading cloud storage files, the security of the cloud server and the stored data can be effectively guaranteed, and the loss of cloud resources is prevented.

Description

technical field [0001] The invention relates to the technical field of cloud data storage, in particular to a data storage and access control method based on key derivation. Background technique [0002] At present, in the cloud storage environment, users outsource their data to cloud servers for economic and convenience considerations. In order to protect the confidentiality and privacy of user data, access control is an indispensable means of protection. However, because users cannot fully trust cloud server providers, traditional access control methods cannot be well applied to cloud storage environments. In order to solve this problem, Attribute-Based Encryption (ABE) is introduced into cloud storage. ABE enables data owners to directly control access to their own data, and is an effective means of user-side access control. Among them, policy-associated attribute-based encryption (CP-ABE) is considered to be one of the most suitable means for implementing access control...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/32H04L9/06
CPCH04L9/0643H04L9/3271H04L63/0435H04L63/067
Inventor 薛开平石隽陈炜铿李威洪佩琳
Owner UNIV OF SCI & TECH OF CHINA