Cloud storage access control method based on attribute-based encryption

An attribute-based encryption and access control technology, applied in the field of cloud storage, can solve the problems of centralized decision-making being vulnerable to attacks, affecting system operation efficiency, and increasing the complexity of the policy parsing process. The effect of privacy security and fine-grained control

Inactive Publication Date: 2018-03-27
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF3 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

There are many problems in the existing technology: First, the existing cloud storage access control completely relies on the central decision-making body in the access control framework, and the credibility of the central decision-making body is not high, and the way of centralized decision-making is easier Under attack, user data security cannot be guaranteed
Second, when the number of...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cloud storage access control method based on attribute-based encryption

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] The present invention will be described in detail below in conjunction with specific examples.

[0028] The present invention is a cloud storage access control method based on attribute set encryption, specifically:

[0029] ●Formulation of standardized access control policies and mutual conversion with CP-ABE policies:

[0030] Develop an access control policy. The access control of user files is defined by the file owner by formulating the access policy of the file. The existing common method is to use a markup language to express the access policy, and analyze the access policy of the file when using it. Access control decisions. The attribute-based access control method uses standardized access control policy rules to define user policies. This example adopts the policy definition rules in the OASIS XACML standard. The definition rules identify the subject (Subject), accessed resources (Resource) and executed Action (Action) and attribute value (AttributeValue) o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a cloud storage access control method based on attribute-based encryption. The specific process is as follows: firstly, defining an access control policy of a file, and storingthe access policy information of the file in the access control policy; secondly, performing primary encryption on the file by using a symmetric encryption algorithm; thirdly, extracting attributes ina standard policy, converting the attributes into the form of character strings necessary for CP-ABE according to the semantics, and receiving, by the CP-ABE, the character strings to serve as an attribute set; finally, performing secondary encryption on a symmetric key used in symmetrical encryption through the attribute set by adopting an attribute-based encryption algorithm, and storing the cipher corresponding to the key; and when the user needs to access the file stored in the encryption manner, firstly, decrypting the cipher of the symmetric key used for encrypting the file according tothe attribute information of the user to obtain the symmetric key, and then performing decryption access on the encrypted file by using the symmetric key. The method provides a dynamically scalable and efficient access control mechanism for user data.

Description

technical field [0001] The invention belongs to the technical field of cloud storage, and in particular relates to a cloud storage access control method based on attribute-based encryption. Background technique [0002] With the development of cloud storage technology, researchers have conducted research on access control, cryptography and other aspects according to the characteristics of cloud storage. At present, research on cloud storage access control is mainly divided into three aspects: research on access control models, research on cryptography, and research on secure cloud storage. [0003] Access control model: [0004] Access control refers to the restriction of the authority or ability of the access subject to access the target object according to its own needs, so as to ensure the effective management and use of data resources within the legal scope. According to different application scenarios, various access control models have been proposed. Role-based acce...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/0435H04L63/0478H04L63/06H04L63/10H04L63/205H04L67/1097
Inventor 王勇薛静锋杨亚峰张继刘振岩孙青煜向柯宇
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap