Cryptographic access control scheme for cloud storage based on proxy re-encryption

doi:10.11772/j.issn.1001-9081.2014.03.0724

Journal of Computer Applications ›› 2014, Vol. 34 ›› Issue (3): 724-727.DOI: 10.11772/j.issn.1001-9081.2014.03.0724

Previous Articles Next Articles

Cryptographic access control scheme for cloud storage based on proxy re-encryption

LAN G Xun,WEI Lixian,WANG Xuan,WU Xuguang

Key Laboratory of Network and Information Security of Armed Police Force, Engineering University of Armed Police Force, Xi'an Shaanxi 710086, China

Received:2013-09-05 Revised:2013-11-09 Online:2014-03-01 Published:2014-04-01
Contact: LAN G Xun

基于代理重加密的云存储密文访问控制方案

郎讯,魏立线,王绪安,吴旭光

武警工程大学网络与信息安全武警部队重点实验室，西安710086

通讯作者: 郎讯
作者简介:郎讯(1990-)，男，贵州湄潭人，硕士研究生，主要研究方向：密码学、信息安全；魏立线(1966-)，男，陕西户县人，教授，硕士，主要研究方向：信息安全；王绪安(1981-)，男，湖北公安人，副教授，硕士，主要研究方向：密码学、信息安全；吴旭光(1986-)，男，河南商丘人，硕士，主要研究方向：密码学、信息安全。
基金资助:
国家自然科学基金资助项目

Abstract

Abstract:

Concerning the data's confidentiality when being stored in the untrusted cloud storage, a new encryption algorithm based on the Proxy Re-Encryption (PRE) was proposed, and applied in the access control scheme for the cloud storage. The scheme had partial ciphertexts stored in the cloud storage for sharing, and the others sent to users directly. It was proven that the scheme can ensure the confidentiality of the sensitive data stored in the cloud storage under the third untrusted open environment. By contrast, the experimental results show the transmission of ciphertexts can be controlled by the sender. The scheme used the properties of the proxy re-encryption. The number of ciphertexts' operation and storage did not increase linearly with the increase of the users. It decreased the data computation cost, interactive cost, and the space of the data storage effectively. The scheme achieves sharing securely and efficiently when the sensitive data is stored in the cloud.

Key words: cloud storage security, Public Key Cryptography(PKC), Proxy Re-encryption(PRE), data confidentiality, access control

摘要：

针对在不可信的云存储中,数据的机密性得不到保证的情况，提出一种新的代理重加密(PRE)算法，并将其应用于云存储访问控制方案中，该方案将一部分密文存储云中共享，另一部分密文直接发送给用户。证明了该访问控制方案在第三方的不可信任的开放环境下云存储中敏感数据的机密性。通过分析对比，结果表明：发送方对密文的传递可控，该方案利用代理重加密的性质，在一对多的云存储访问控制方案中，密文运算量和存储不会随着用户的增长而呈线性增长，显著降低了通信过程中数据运算量和交互量，有效减少数据的存储空间。该方案实现了云存储中敏感数据的安全高效共享。

关键词: 云存储安全, 公钥密码, 代理重加密, 数据机密性, 访问控制

CLC Number:

TP309.2

LAN G Xun WEI Lixian WANG Xuan WU Xuguang. Cryptographic access control scheme for cloud storage based on proxy re-encryption[J]. Journal of Computer Applications, 2014, 34(3): 724-727.

郎讯魏立线王绪安吴旭光. 基于代理重加密的云存储密文访问控制方案[J]. 计算机应用, 2014, 34(3): 724-727.

[1]	GE Jihong, SHEN Tao. Energy data access control method based on blockchain [J]. Journal of Computer Applications, 2021, 41(9): 2615-2622.
[2]	GE Lina, HU Yugu, ZHANG Guifen, CHEN Yuanyuan. Reverse hybrid access control scheme based on object attribute matching in cloud computing environment [J]. Journal of Computer Applications, 2021, 41(6): 1604-1610.
[3]	DU Xinyu, WANG Huaqun. Dynamic group based effective identity authentication and key agreement scheme in LTE-A networks [J]. Journal of Computer Applications, 2021, 41(6): 1715-1722.
[4]	BAO Yulong, ZHU Xueyang, ZHANG Wenhui, SUN Pengfei, ZHAO Yingqi. Formal verification of smart contract for access control in IoT applications [J]. Journal of Computer Applications, 2021, 41(4): 930-938.
[5]	Li LI, Hongfei YANG, Xiuze DONG. Hierarchical file access control scheme with identity-based multi-conditional proxy re-encryption [J]. Journal of Computer Applications, 2021, 41(11): 3251-3256.
[6]	WANG Haiyong, PAN Qiqing, GUO Kaixuan. Access control model based on blockchain and user credit [J]. Journal of Computer Applications, 2020, 40(6): 1674-1679.
[7]	SHI Jinshan, LI Ru, SONG Tingting. Blockchain-based access control framework for Internet of things [J]. Journal of Computer Applications, 2020, 40(4): 931-941.
[8]	FU Wei, GU Chenyang, GAO Qiang. Multi-user sharing ORAM scheme based on attribute encryption [J]. Journal of Computer Applications, 2020, 40(2): 497-502.
[9]	WANG Haiyong, PENG Yao, GUO Kaixuan. CP-ABE access control scheme based on proxy re-encryption in cloud storage [J]. Journal of Computer Applications, 2019, 39(9): 2611-2616.
[10]	GAO Shijuan, WANG Xijun, ZHU Qingchao. Design of optimization algorithm for selfish misbehavior in medium access control protocol of mobile Ad Hoc network [J]. Journal of Computer Applications, 2019, 39(6): 1786-1791.
[11]	WANG Yaqiong, SHI Guozhen, XIE Rongna, LI Fenghua, WANG Yazhe. Multi-authority access control scheme with policy hiding of satellite network [J]. Journal of Computer Applications, 2019, 39(2): 470-475.
[12]	LUO Xiaofeng, YANG Xingchun, HU Yong. Improved decision diagram for attribute-based access control policy evaluation and management [J]. Journal of Computer Applications, 2019, 39(12): 3569-3574.
[13]	CAO Zhenhuan, CAI Xiaohai, GU Menghe, GU Xiaozhuo, LI Xiaowei. Android permission management and control scheme based on access control list mechanism [J]. Journal of Computer Applications, 2019, 39(11): 3316-3322.
[14]	GAO Shijuan, TAN Tongde, ZHU Qingchao. Cognitive medium access control protocol optimization design for distributed multi-hop network using single transceiver [J]. Journal of Computer Applications, 2018, 38(9): 2616-2620.
[15]	YANG Hongyu, NING Yuguang. Adaptive weight allocation method of risk assessment index for access control of cloud platform [J]. Journal of Computer Applications, 2018, 38(6): 1614-1619.

Cryptographic access control scheme for cloud storage based on proxy re-encryption

基于代理重加密的云存储密文访问控制方案

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics