个人健康记录云管理系统中支持用户撤销的细粒度访问控制

发布时间：2018-05-01 16:08

  本文选题：云计算 + 个人健康记录　； 参考：《电子与信息学报》2017年05期

【摘要】：随着云计算的发展,越来越多的用户在使用个人健康记录(PHR)云管理系统,由于PHR包含了患者的隐私信息,因此一般在将PHR上传到云平台之前会先对其进行加密。基于比较的加密(CBE)在基于属性的访问策略中实现了时间比较,然而CBE加密时间与访问策略中的属性数目线性增长,从而导致其开销过大;同时,方案难以实时撤销用户的访问权限。该文提出支持用户撤销的细粒度访问控制(FGUR)方案,通过将属性层次引入到CBE中,同时结合广播密文策略的基于属性加密(BCP-ABE),高效地实现PHR云管理系统中的细粒度访问控制及用户实时撤销。实验结果表明,与CBE相比,FGUR方案在加密开销和动态访问权限方面具有更好的性能。
[Abstract]:With the development of cloud computing, more and more users use personal health records (PHR) cloud management system. Because PHR contains patient's privacy information, it usually encrypts PHR before uploading it to cloud platform. Contrastion-based encryption implements time comparison in attribute-based access policies. However, the CBE encryption time increases linearly with the number of attributes in the access policy, which results in excessive overhead. It is difficult for the scheme to revoke the user's access rights in real time. In this paper, a fine-grained access control scheme supporting user revocation is proposed, which introduces attribute hierarchy into CBE. At the same time, the fine-grained access control and real-time revocation of users in PHR cloud management system are realized efficiently by combining the attribute encryption based BCP-ABE with broadcast ciphertext policy. Experimental results show that the proposed scheme has better performance in terms of encryption overhead and dynamic access rights than CBE.
【作者单位】： 湖南大学信息科学与工程学院;中南大学信息科学与工程学院;湖南科技大学计算机科学与工程学院;
【基金】：国家自然科学基金(61632009,61402161) 湖南省科技厅项目(2015JJ3046) 赛尔网络下一代互联网技术创新项目(NGII 20150408)~~
【分类号】：TP393.08
，

本文编号：1830097