一种基于节点映射关系的云数据安全代理访问机制
发布时间:2018-09-17 16:07
【摘要】:随着移动终端多媒体技术的发展,用户逐渐将本地数据通过各种网络备份到云存储服务器上.云平台在提供廉价便捷的数据存储服务的同时也存在数据安全防护问题,尤其是密文数据访问控制完全依赖于云服务商.为了防止数据被非授权用户和半可信云存储提供商的非法访问,提出一种基于节点映射关系的CP-ABE属性加密算法,即通过属性管理降低权限管理的复杂度.在密文访问控制机制中引入密钥授权中心和安全代理实现存储服务与安全服务异地存储,保证在开放环境下云存储系统中数据的安全性.实验结果表明,这种属性管理机制在少量的系统开销下实现了数据存储与密钥存储的分离,具有较高的应用价值.
[Abstract]:With the development of multimedia technology of mobile terminal, users backup local data to cloud storage server through various networks. The cloud platform not only provides cheap and convenient data storage service, but also has the problem of data security protection, especially the ciphertext data access control completely depends on the cloud service provider. In order to prevent unauthorized access to data by unauthorized users and semi-trusted cloud storage providers, a CP-ABE attribute encryption algorithm based on node mapping relationship is proposed, which reduces the complexity of privilege management through attribute management. In the ciphertext access control mechanism, key authorization center and security agent are introduced to realize storage service and security service storage in different places, so as to ensure the security of data in cloud storage system in open environment. The experimental results show that this property management mechanism can separate the data storage from the key storage under a small system overhead and has high application value.
【作者单位】: 南京邮电大学计算机学院软件学院;江苏省大数据安全与智能处理重点实验室;
【基金】:国家自然科学基金(61502247,11501302,61502243,91646116) 国家博士后科学基金(2016M600434) 江苏省自然科学基金(BK20140895,BK20150862) 江苏省博士后科研资助计划(1601128B)资助
【分类号】:TP309;TP333
,
本文编号:2246437
[Abstract]:With the development of multimedia technology of mobile terminal, users backup local data to cloud storage server through various networks. The cloud platform not only provides cheap and convenient data storage service, but also has the problem of data security protection, especially the ciphertext data access control completely depends on the cloud service provider. In order to prevent unauthorized access to data by unauthorized users and semi-trusted cloud storage providers, a CP-ABE attribute encryption algorithm based on node mapping relationship is proposed, which reduces the complexity of privilege management through attribute management. In the ciphertext access control mechanism, key authorization center and security agent are introduced to realize storage service and security service storage in different places, so as to ensure the security of data in cloud storage system in open environment. The experimental results show that this property management mechanism can separate the data storage from the key storage under a small system overhead and has high application value.
【作者单位】: 南京邮电大学计算机学院软件学院;江苏省大数据安全与智能处理重点实验室;
【基金】:国家自然科学基金(61502247,11501302,61502243,91646116) 国家博士后科学基金(2016M600434) 江苏省自然科学基金(BK20140895,BK20150862) 江苏省博士后科研资助计划(1601128B)资助
【分类号】:TP309;TP333
,
本文编号:2246437
本文链接:https://www.wllwen.com/kejilunwen/jisuanjikexuelunwen/2246437.html
