基于属性加密的用户隐私保护云存储方案

曹来成, 刘宇飞, 董晓晔, 郭显

清华大学学报(自然科学版) ›› 2018, Vol. 58 ›› Issue (2) : 150-156.

PDF(1351 KB)
横山亮次奖  |  百年刊庆  |  中文  |  English
PDF(1351 KB)
清华大学学报(自然科学版) ›› 2018, Vol. 58 ›› Issue (2) : 150-156. DOI: 10.16511/j.cnki.qhdxxb.2018.26.006
计算机科学与技术

基于属性加密的用户隐私保护云存储方案

  • 曹来成1, 刘宇飞1, 董晓晔2, 郭显1
作者信息 +

User privacy-preserving cloud storage scheme on CP-ABE

  • CAO Laicheng1, LIU Yufei1, DONG Xiaoye2, GUO Xian1
Author information +
文章历史 +

摘要

为了保护云存储环境下用户数据的隐私,该文提出一种基于属性加密(ciphertext-policy attribute based encryption,CP-ABE)的用户隐私保护云存储(user privacy-preserving cloud storage,UPCS)方案。首先,数据所有者为不同的文件设置不同的访问权限属性;其次,可信第三方使用CP-ABE方案将访问属性嵌入到密文中,只有当用户的属性满足密文的访问属性,才能解密相应密文;最后,为减少数据所有者和用户的计算时间开销,在索引生成和文件解密阶段,将部分操作授权给分布式代理服务器。结果表明:该方案可以有效地保证用户数据和关键词的隐私以及减少数据所有者和用户的计算时间开销。

Abstract

A ciphertext-policy attribute based encryption (CP-ABE) user privacy-preserving cloud storage (UPCS) scheme was developed to protect user privacy in cloud storage environments. The data owner sets different access right attributes on different data files. The CP-ABE scheme has the trusted third-party embed the access right attributes into a ciphertext wich can be decrypted only when the user's attributes satisfy the access attributes of the ciphertext. The computational times of the data owner and users are reduced by authorizing some data owner and user operations to a distributed proxy server. Tests show that this scheme can effectively guarantee the user data and keyword privacy and reduce the data owner and user computational times.

关键词

可搜索加密 / 分布式代理服务器 / 属性基加密 / 隐私保护 / 云存储

Key words

searchable encryption / distributed proxy server / attribute based encryption / privacy-preserving / cloud storage

引用本文

EndNote

Ris (Procite)

Bibtex

导出引用
曹来成, 刘宇飞, 董晓晔, 郭显. 基于属性加密的用户隐私保护云存储方案[J]. 清华大学学报(自然科学版). 2018, 58(2): 150-156 https://doi.org/10.16511/j.cnki.qhdxxb.2018.26.006
CAO Laicheng, LIU Yufei, DONG Xiaoye, GUO Xian. User privacy-preserving cloud storage scheme on CP-ABE[J]. Journal of Tsinghua University(Science and Technology). 2018, 58(2): 150-156 https://doi.org/10.16511/j.cnki.qhdxxb.2018.26.006
中图分类号: TP309.2   

参考文献

[1] FU Z J, REN K, SHU J G, et al. Enabling personalized search over encrypted outsourced data with efficiency improvement[J]. IEEE Transactions on Parallel and Distributed Systems, 2017, 27(9):2546-2559.[2] HUANG J Y. Patent portfolio analysis of the cloud computing industry[J]. Journal of Engineering and Technology Management, 2016, 39:45-64.[3] 崔勇, 宋健, 缪葱葱, 等. 移动云计算研究进展与趋势[J]. 计算机学报, 2017, 40(2):273-295. CUI Y, SONG J, MIAO C C, et al. Mobile cloud computing research progress and trends[J]. Chinese Journal of Computers, 2017, 40(2):273-295. (in Chinese)[4] CHANG V, RAMACHANDRAN M. Towards achieving data security with the cloud computing adoption framework[J]. IEEE Transactions on Services Computing, 2016, 9(1):138-151.[5] 杨旸, 杨书略, 柯闽. 加密云数据下基于Simhash的模糊排序搜索方案[J]. 计算机学报, 2017, 40(2):431-444. YANG Y, YANG S L, KE M. Ranked fuzzy keyword search based on Simhash over encrypted cloud data[J]. Chinese Journal of Computers, 2017, 40(2):431-444. (in Chinese)[6] CAO L C, HE W W, GUO X, et al. A scheme for verification on data integrity in mobile multicloud computing environment[J]. Mathematical Problems in Engineering, 2016, 2016:9267608.[7] PITCHAI R, JAYASHRI S, RAJA J. Searchable encrypted data file sharing method using public cloud service for secure storage in cloud computing[J]. Wireless Personal Communications, 2016, 90(2):947-960.[8] CHEN R M, MU Y, YANG G M, et al. Server-aided public key encryption with keyword search[J]. IEEE Transactions on Information Forensics and Security, 2016, 11(12):2833-2842.[9] CURTMOLA R, GARAY J, KAMARA S, et al. Searchable symmetric encryption:Improved definitions and efficient constructions[C]//Proceedings of the 13th ACM Conference on Computer and Communications Security. New York, USA:Association for Computing Machinery, 2006:79-88.[10] BAO F, DENG R H, DING X H, et al. Private query on encrypted data in multi-user settings[C]//Proceedings of the 4th International Conference on Information Security Practice and Experience. Sydney, Australia:Springer Verlag, 2008:71-85.[11] LIU Q, TAN C C, WU J, et al. Cooperative private searching in clouds[J]. Journal of Parallel and Distributed Computing, 2012, 72(8):1019-1031.[12] SOOKHAK M, YU F R, KHAN M K, et al. Attribute-based data access control in mobile cloud computing:Taxonomy and open issues[J]. Future Generation Computer Systems, 2017, 72:273-287.[13] RIAL A. Blind attribute-based encryption and oblivious transfer with fine-grained access control[J]. Designs, Codes and Cryptography, 2016, 81(2):179-223.[14] 王光波, 王建华. 基于属性加密的云存储方案研究[J]. 电子与信息学报, 2016, 38(11):2931-2939. WANG G B, WANG J H. Research on cloud storage scheme with attribute-based encryption[J]. Journal of Electronics & Information Technology, 2016, 38(11):2931-2939. (in Chinese)[15] SUN W H, YU S C, LOU W J, et al. Protecting your right:Verifiable attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud[J]. IEEE Transactions on Parallel and Distributed Systems, 2016, 27(4):1187-1198.[16] WANG S P, ZHANG X X, ZHANG Y L. Efficiently multi-user searchable encryption scheme with attribute revocation and grant for cloud storage[J]. PLoS One, 2016, 11(11):e0167157.[17] CHENG M. The pairing-based cryptography library[CP/OL].[2017-08-10]. https://crypto.stanford.edu/pbc/download.html.

PDF(1351 KB)

Accesses

Citation

Detail
段落导航
相关文章
扫码关注,本刊微信公众号
地址:清华大学东门外学研大厦B座605A室 
邮编:100084
电话:010-62788108/62771385/62792976/62792994 
E-mail:xuebaost@tsinghua.edu.cn
访问统计
    总访问量
    今日访问
    在线人数
 
版权所有 © 《清华大学学报(自然科学版)》编辑部

/