Access control system and method supporting cross-domain data sharing and wireless communication system

Abstract

The invention belongs to the technical field of wireless communication networks, and discloses an access control system and method supporting cross-domain data sharing, and a wireless communication system. Users needing to share data in a domain A select elliptic curve parameters to generate ECC key pairs; a global authentication center CA of the domain B generates a global public parameter; the proxy node in the domain B encrypts the system public key and the attribute set by using the ECC public key of the domain A user; the domain A user decrypts the data from the domain B by using the ECCprivate key of the domain A user and uploads the data to the public cloud; the legal user sends a file access request to the public cloud; and when user revocation occurs, the proxy server searches acorresponding attribute private key list according to the global identifier of the user and deletes the attribute private key list. The method is high in safety under the condition of the same secretkey length. The method gives full play to the characteristic of strong computing power of agent nodes, completes the preprocessing of some data, helps a user to carry out partial decryption, and improves the decryption efficiency of the user.

Description

technical field [0001] The invention belongs to the technical field of wireless communication networks, and in particular relates to an access control system and method supporting cross-domain data sharing, and a wireless communication system. Background technique [0002] For the security and unified management of network resources, computer networks are always divided into many independent autonomous management domains. In different domains, users and resources are managed using different policies. For example, all governments, banks, and social networks have their own management and service systems, which are called a management domain. With the rapid development of information technology, users' demand for data sharing is gradually increasing. Data sharing in a single domain can no longer meet the needs of users, and the data needed by a certain user may be in another management domain. For example, a WeChat user wants to share data with QQ users, and at the same time...

AI Technical Summary

Problems solved by technology

[0005] However, the existing solutions still have not completely solved how to use attribute-based encryption to realize cross-domain data sharing and access control; (1) different management strategies are used between different domains, that is, the same identity is identified differently between different domains, How to complete identity authentication between different domains is a technical problem

(2) On the premise of realizing cross-domain data sharing, how to realize one-to-many data sharing and how to share data to a specific group is a technical problem

(3) In attribute-based encryption, different users may share attribute private keys and decrypt ciphertexts in the form of collusion. How to resist collusion attacks is a technical problem

(4) Using attribute-based encryption, due to the use of bilinear pairings, the user's decryption efficiency is low. How to improve the user's decryption efficiency is a difficult problem

[0007] (1) The existing solution uses different management strategies between different domains, that is, the same identity is marked differently between different domains, resulting in difficulties in cross-domain authentication

[0008] (2) On the premise of achieving cross-domain data sharing, the existing solutions cannot realize one-to-many and data sharing for specific groups

[0009] (3) In the existing scheme of attribute-based encryption, different users may share the attribute private key, so that unauthorized users can also decrypt the ciphertext by means of collusion

[0010] (4) The existing scheme uses attribute-based encryption, and due to the use of bilinear pairing, the user's decryption efficiency is low

[0011] Difficulty in solving the above technical problems: (1) The technical bottleneck of cross-domain data sharing mainly lies in the identity authentication between different domains, which is an important reason for the difficulty in implementing cross-domain sharing technology

(2) How to perform one-to-many sharing of cross-domain data and how to control data access are also important reasons why cross-domain sharing cannot be used flexibly

(3) Due to the use of bilinear pairing, attribute-based encryption leads to extremely low user decryption efficiency, which is an important reason for its difficulty in practical application

Images