Journal of Computer Applications ›› 2020, Vol. 40 ›› Issue (2): 497-502.DOI: 10.11772/j.issn.1001-9081.2019091634

• CCF Bigdata 2019 • Previous Articles     Next Articles

Multi-user sharing ORAM scheme based on attribute encryption

Wei FU1, Chenyang GU1(), Qiang GAO2   

  1. 1.Department of Information Security,Naval University of Engineering,Wuhan Hubei 430033,China
    2.Command and Support Brigade,Naval Staff,Beijing 100841,China
  • Received:2019-08-20 Revised:2019-09-25 Accepted:2019-10-09 Online:2019-11-25 Published:2020-02-10
  • Contact: Chenyang GU
  • About author:FU Wei, born in 1978, Ph. D., associate professor. His research interests include cloud computing, cloud security, distributed computing, information security.
    GAO Qiang, born in 1982, M. S. His research interests include Cloud computing, cloud security, big data storage.
  • Supported by:
    the National Natural Science Foundation of China(61672531);the Sub-project for Major Logistics Technology Project(AWS14R013)

基于属性加密的多用户共享ORAM方案

付伟1, 顾晨阳1(), 高强2   

  1. 1.海军工程大学 信息安全系,武汉 430033
    2.海军联合参谋部 指挥保障大队,北京 100841
  • 通讯作者: 顾晨阳
  • 作者简介:付伟(1978—),男,湖北武汉人,副教授,博士,CCF会员,主要研究方向:云计算、云安全、分布式计算、信息安全
    高强(1982—),男,北京人,硕士,主要研究方向:云计算、云安全、大数据存储。
  • 基金资助:
    国家自然科学基金资助项目(61672531);总装后勤科技重大项目子课题(AWS14R013)

Abstract:

Oblivious Random Access Machine (ORAM) is one of the key technologies to protect the privacy security of the user access behaviors. However, existing ORAM schemes mainly focus on the single-user access requirements and cannot support data sharing between multiple users. Combined with Ring ORAM scheme and Attribute Based Encryption (ABE) technology, a multi-user sharing ORAM scheme was designed and implemented based on attribute encryption, namely ABE-M-ORAM. Attribute encryption was adopted to achieve the fine-grained access control, which can not only protect user access behavior security, but also realize the convenient data sharing between different users. Theoretical analysis and simulation experiments verify the high security, practicability and good access performance of the proposed scheme.

Key words: cloud storage security, Oblivious Random Access Machine (ORAM), multi-user sharing, attribute encryption, access control

摘要:

不经意随机访问机(ORAM)是保护用户访问行为隐私安全的关键技术之一,但现有ORAM方案主要针对单用户访问需求,不支持多用户之间的数据共享。结合Ring ORAM方案和属性加密(ABE)技术,设计并实现了一种基于属性加密的多用户共享ORAM方案ABE-M-ORAM。该方案利用属性加密实现了细粒度的访问控制,既保护了用户访问行为的安全,又实现了用户之间便捷的数据共享。理论分析和仿真实验证明该方案具有较高的安全性、实用性以及较好的访问性能。

关键词: 云存储安全, 不经意随机访问机, 多用户共享, 属性加密, 访问控制

CLC Number: