基于门限属性加密的安全分布式云存储模型

doi:10.11772/j.issn.1001-9081.2013.07.1880

计算机应用 ›› 2013, Vol. 33 ›› Issue (07): 1880-1884.DOI: 10.11772/j.issn.1001-9081.2013.07.1880

基于门限属性加密的安全分布式云存储模型

吴胜艳,许力,林昌露

福建师范大学网络安全与密码技术福建省高校重点实验室,福州 350007

收稿日期:2013-01-28 修回日期:2013-03-06 出版日期:2013-07-01 发布日期:2013-07-06
通讯作者: 许力
作者简介:吴胜艳(1986-)，男，江西上饶人，硕士研究生，主要研究方向：密码学、云计算；许力(1970 -)，男，福建福州人，教授，博士生导师，CCF高级会员，主要研究方向：网络与信息安全、无线网络、移动通信；林昌露(1978-)，男，福建三明人，博士，主要研究方向：密码学。
基金资助:
国家自然科学基金资助项目(61072080,61103247);福建省自然科学基金资助项目(2011J05147);福建师范大学青年骨干教师资助项目(fjsdjk2012049);福建省2013年战略性新兴产业技术开发项目（闽发改高技[2013]266号）

Secure and distributed cloud storage model from threshold attribute-based encryption

WU Shengyan,XU Li,LIN Changlu

Key Laboratory of Network Security and Cryptology, Fujian Normal University, Fuzhou Fujian 350007, China

Received:2013-01-28 Revised:2013-03-06 Online:2013-07-06 Published:2013-07-01
Contact: XU Li

摘要/Abstract

摘要： 针对云存储存在越来越多的安全问题，设计了一种新的基于门限属性加密的安全分布式云存储模型。该模型由加密、存储、解密三个阶段组成且均具有分布式特点。利用基于属性加密体制不仅提高数据存储的安全性，而且多属性服务器的模式也使得该模型能支持门限解密功能及任意个属性服务器的加入与撤出问题；在存储阶段使用的分布式删除码可充分保障模型的健壮性，且该模型能抵抗共谋攻击。在一些特有云环境中，该模型可向用户提供较好的安全云存储服务。

关键词: 分布式云存储, 云计算, 门限属性加密, 纠删码

Abstract: Since there are more and more security issues in cloud storage, this paper designed a new secure and distributed cloud storage model based on the threshold Attribute-Based Encryption (ABE). Three phases in the model included: the encryption phase, the data storage phase and the decryption phase, and all messages in these phases were distributed through the whole process. It not only enhanced the security of the storage data by using the ABE but also supported the threshold decryption and allowed to add or remove the arbitrary attribute authorities, with the use of the multi-attribute authorities method in the model. In the data storage phase, this paper used the distributed erasure code to improve the robustness of our model and this model could resist against collusion attack. It can be applied in some special cloud situations and provides secure cloud storage service for users.

Key words: distributed cloud storage, cloud computing, threshold Attribute-Based Encryption (ABE), erasure code

中图分类号:

TP393.08

吴胜艳许力林昌露. 基于门限属性加密的安全分布式云存储模型[J]. 计算机应用, 2013, 33(07): 1880-1884.

WU Shengyan XU Li LIN Changlu. Secure and distributed cloud storage model from threshold attribute-based encryption[J]. Journal of Computer Applications, 2013, 33(07): 1880-1884.

参考文献

［1］LIN H Y, TZENG W G. A secure decentralized erasure code for distributed network storage ［J］. IEEE Transactions on Parallel and Distributed Systems, 2010, 21(11): 1586-1594.

［2］LIN H Y, TZENG W G. A secure erasure code-based cloud storage system with secure data forwarding ［J］. IEEE Transactions on Parallel and Distributed Systems, 2012, 23(6): 995-1003.

［3］SAHAI A, WATERS B. Fuzzy identity-based encryption ［C］// EUROCRYPT2005: Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, LNCS 3494, Berlin: Springer-Verlag, 2005: 457-473.

［4］GOYAL V, PANDEY O, SAHAI A, et al. Attribute-based encryption for fine-grained access control of encrypted data ［C］// Proceedings of the 13th ACM Conference on Computer and Communications Security. New York: ACM Press, 2006: 89-98.

［5］BETHENCOURT J, SAHAI A, WATERS B. Ciphertext-policy attribute-based encryption ［C］// Proceedings of 2007 IEEE Symposium on Security and Privacy. Washington, DC :IEEE Computer Society, 2007: 321-334.

［6］GE A J, ZHANG R, CHEN C, et al. Threshold ciphertext policy attribute-based encryption with constant size ciphertexts ［C］// Proceedings of the 17th Australasian Conference on Information Security and Privacy. Berlin: Springer-Verlag, 2012: 336-349.

［7］HERRANZ J, LAGUILLAUMIE F, RAFOLS C. Constant size ciphertexts in threshold attribute-based encryption ［C］// PKC2010: Proceedings of the 13th International Conference on Practice and Theory in Public Key Cryptography, LNCS 6056. Berlin: Springer-Verlag, 2010: 19-34.
［8］GOYAL V, JAIN A, PANDEY O, et al. Bounded ciphertext policy attribute-based encryption ［C］// ICALP2008: Proceedings of the 35th International Colloquium on Automata, Languages and Programming, LNCS 5126. Berlin: Springer-Verlag, 2008: 579-591.

［9］WATERS B. Ciphertext-policy attribute-based encryption: an ex-pressive, efficient, and provably secure realization ［C］// Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography Conference on Public Key Cryptography. Berlin: Springer-Verlag, 2011: 53-70.

［10］CHASE M. Multi-authority attribute based encryption ［C］// TCC2007: Proceedings of the 4th Conference on Theory of Cryptography, LNCS 4392. Berlin: Springer-Verlag, 2007: 515-534.

［11］DIMAKIS A G, PRABHAKARAN V, RAMCHANDRAN K. Decentralized erasure codes for distributed networked storage ［J］. IEEE/ACM Transactions on Networking-Special Issue on Networking and Information Theory, 2006, 14(SI): 2809-2816.

［12］SHAMIR A. How to share a secret ［J］. Communications of the ACM, 1979, 22(11): 612-613.

[1]	陈家豪, 殷新春. 基于云雾计算的可追踪可撤销密文策略属性基加密方案[J]. 计算机应用, 2021, 41(6): 1611-1620.
[2]	葛丽娜, 胡雨谷, 张桂芬, 陈园园. 云计算环境基于客体属性匹配的逆向混合访问控制方案[J]. 计算机应用, 2021, 41(6): 1604-1610.
[3]	杨翎, 姜春茂. 基于三支决策的虚拟机节能迁移策略[J]. 计算机应用, 2021, 41(4): 990-998.
[4]	祝永晋, 尹飞, 豆龙龙, 吴昆, 张志伟, 钱柱中. 基于前向纠错的自适应网络传输机制[J]. 计算机应用, 2021, 41(3): 825-832.
[5]	孙晓玲, 杨光, 沈焱萍, 杨秋格, 陈涛. 基于可拆分倒排索引的可搜索加密方案[J]. 《计算机应用》唯一官方网站, 2021, 41(11): 3288-3294.
[6]	吕佳玉, 竺智荣, 姚志强. 云计算环境下的双通道数据动态加密策略[J]. 计算机应用, 2020, 40(8): 2268-2273.
[7]	陈程军, 毛莺池, 王绎超. 基于激活-熵的分层迭代剪枝策略的CNN模型压缩[J]. 计算机应用, 2020, 40(5): 1260-1265.
[8]	郭曙杰, 李志华, 蔺凯青. 云环境下基于模糊隶属度的虚拟机放置算法[J]. 计算机应用, 2020, 40(5): 1374-1381.
[9]	许英鑫, 孙磊, 赵建成, 郭松辉. 基于蚁群优化算法的虚拟现场可编程门阵列部署策略[J]. 计算机应用, 2020, 40(3): 747-752.
[10]	王庆永, 毛莺池, 王绎超, 王龙宝. 基于多微云协作的计算任务卸载[J]. 计算机应用, 2020, 40(2): 328-334.
[11]	刘福鑫, 李劲巍, 王熠弘, 李琳. 基于Kubernetes的云原生海量数据存储系统设计与实现[J]. 计算机应用, 2020, 40(2): 547-552.
[12]	杨哂哂, 吴慧珍, 庄黎丽, 吕宏武. 基于Markov过程的IaaS系统可用性建模与分析方法[J]. 计算机应用, 2020, 40(10): 3013-3018.
[13]	张航, 刘善政, 唐聃, 蔡红亮. 分布式存储系统中的低修复成本纠删码[J]. 计算机应用, 2020, 40(10): 2942-2950.
[14]	林立, 熊金波, 肖如良, 林铭炜, 陈秀华. Gaming@Edge:基于边缘节点的低延迟云游戏系统[J]. 计算机应用, 2019, 39(7): 2001-2007.
[15]	徐雅斌, 彭宏恩. 基于需求预测的PaaS平台资源分配方法[J]. 计算机应用, 2019, 39(6): 1583-1588.

基于门限属性加密的安全分布式云存储模型

Secure and distributed cloud storage model from threshold attribute-based encryption

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics