Multifunctional fine-grained access control method for cloud storage

An access control and fine-grained technology, applied in the field of information security, to achieve good scalability and comprehensive functionality

Active Publication Date: 2019-01-18
陕西链诚致远科技有限公司
View PDF4 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The purpose of the present invention is to address the shortcomings of the above-mentioned existing solutions, based on prime number order groups and large attribute domains...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multifunctional fine-grained access control method for cloud storage
  • Multifunctional fine-grained access control method for cloud storage
  • Multifunctional fine-grained access control method for cloud storage

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0039] In recent years, cloud storage technology has been widely used in business, education, medical and other fields due to its convenience and low cost. With the in-depth application of cloud storage technology, data access control has become more and more important in the cloud environment. Based on Ciphertext attribute encryption technology is very suitable for data access control. Since the first CP-ABE scheme was proposed by Bethencourt et al. in 2007, according to different functional extensions, the CP-ABE scheme has been used in hidden access structures, computing outsourcing, searchable encryption, attribute revocation, traitor tracking, multi-attribute institutions, etc. There has been a lot of research on this aspect, but the latest multi-institutional CP-ABE schemes have different functional focuses, such as privacy protection and verifiability schemes. Based on this, the present invention proposes a multifunctional fine-grained access control method suitable for...

Embodiment 2

[0065] The multifunctional fine-grained access control method applicable to cloud storage is the same as that in Embodiment 1, refer to figure 2 , in the key generation described in step (2), the public-private key of the user and the private key of the cloud server are generated, including the following steps:

[0066] (2a) The user GID is in the multiplicative cyclic group Randomly choose an integer x from GID , and set the public key of the user GID according to the integer as Among them, g is the generator of the group G, is from the multiplicative cyclic group Map to the hash function of group G to complete the setting of the user's public key.

[0067] (2b) For each attribute j in the user attribute set S, if j is managed by attribute organization i, then the attribute organization is in the multiplicative cyclic group Select a private key random number t from j , use the random number to calculate and obtain the private key component of the cloud server. Th...

Embodiment 3

[0072] The multifunctional fine-grained access control method applicable to cloud storage is the same as that in Embodiment 1-2, refer to image 3 , the offline encryption stage described in step (3a) encrypts the data of the data owner locally, which reduces the computing overhead of the client, including the following steps:

[0073] (3a1) For any attribute j ∈ [1, U], U represents the attribute space, and the data owner selects the ciphertext random number Precomputing intermediate ciphertext components Among them, α δ(j) 、y δ(j) Indicates the property authority private key that manages property j.

[0074] (3a2) output intermediate ciphertext IC={λ' j ,w' j ,C 1,j ,C 2,j ,C 3,j ,C 4,j} j∈[1,U] , to complete offline data encryption.

[0075] The offline encryption mechanism used in the present invention solves the problem of encryption efficiency, and divides the encryption process into an offline encryption stage and an online encryption stage. The data is en...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a multifunctional fine-grained access control method for cloud storage, and solves the problem of fine-grained access control of data in cloud storage. The implementation stepsof the method are as follows: performing global initialization and attribute organization initialization; generating the public and private keys of a user and a private key of a cloud server; enabling a system to perform offline/online encryption, wherein the system is provided with a strategy hiding mechanism; uploading a final ciphertext to the cloud server; enabling the cloud server and a userterminal to decrypt and verify the correctness of the keys; enabling the cloud server to delete the corresponding entry from a key list for user revocation. The invention proposes a multi-system CP-ABE scheme with multiple characteristics, and the offline/online encryption mechanism is constructed in detail, which greatly reduces the computational cost of the user. The method has the functions ofattribute revocation, keyless collocation problem, the offline/online encryption mechanism, the strategy hiding and verifiability, and can be applied to fine-grained access control of data in cloud environments such as education, business and medical fields.

Description

technical field [0001] The invention belongs to the technical field of information security, and in particular relates to a fine-grained access control scheme under cloud storage, specifically a multifunctional fine-grained access control method suitable for cloud storage, which can be used for fine-grained access control of data in a cloud environment. Background technique [0002] Cloud storage is an extension of the concept of cloud computing and a new type of network storage technology. Due to the characteristics of security, high reliability and low cost of cloud storage, in recent years, more and more users choose to store data in the cloud. Through cloud storage, users can efficiently and conveniently store and share data in the cloud, and sensitive data including personal privacy and other information will also be stored in the cloud. Data owners often want to have access control over their own data. For example, in personal health records, patients usually hope th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/0428H04L63/0435H04L63/10H04L67/06H04L67/1097
Inventor 刘景伟武明利唐会芳孙蓉裴庆祺
Owner 陕西链诚致远科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap