Distributed cross-domain authorization and access control method based on attribute password

Abstract

The invention provides a distributed cross-domain authorization and access control method based on an attribute password. The method is mainly used for solving the problems of cross-domain authorization and access control under a large-scale distributed environment. The invention designs a hierarchical attribute-based encryption with controlled key delegation and attribute authorities, supportingdecentralized and controlled security authorization for users of a plurality of domains, preventing abuse of the key delegation, and accordingly achieving non-interactive access control. The method also supports decoding of an external packet, and supports the authorization to the light-weight users for accessing the system.

Description

technical field

[0001] The invention belongs to the field of data security storage and access in the discipline of computer information security, and particularly relates to a distributed cross-domain authorization and access control method in a distributed environment. Background technique

[0002] With the rapid development of computer technology and the Internet, a large amount of data generated every day is stored on computers in digital form. Cloud computing is an emerging technology in which users rent storage and computing resources from a company-provided server (also known as the cloud). Users only need a terminal, smartphone or tablet connected to the Internet. Applications run in the cloud, not on the user's machine. The cloud can store large amounts of data, so mobile users don't have to carry their data with them. Some cloud providers provide application services (eg, Google Apps, Microsoft Online), some provide infrastructure support (eg: Amazon's EC2, Eucal...

Images