北京邮电大学学报

  • EI核心期刊

北京邮电大学学报 ›› 2023, Vol. 46 ›› Issue (3): 56-61.

• 论文 • 上一篇    下一篇

云链协同的工业互联网数据共享访问控制方法

康海燕1, 张沙沙2   

  1. 1.北京信息科技大学 信息管理学院 2.北京信息科技大学 计算机学院
  • 收稿日期:2022-01-22 修回日期:2022-04-20 出版日期:2023-06-28 发布日期:2023-06-05
  • 通讯作者: 康海燕 E-mail:kanghaiyan@126.com
  • 基金资助:

    国家社会科学基金项目(21BTQ079)

Cloud Storage and Blockchain Collaborative Access Control Method for Industrial Internet Data Sharing

KANG Haiyan1, ZHANG Shasha2   

  • Received:2022-01-22 Revised:2022-04-20 Online:2023-06-28 Published:2023-06-05

摘要: 针对海量数据安全存储与可信共享的问题,提出了云链协同的数据共享访问控制方法。首先,构建基于区块链和云存储的数据共享访问控制方法的系统模型,改进了基于密文策略的属性加密算法,创建了用户-属性的多对多关联策略,实现对数据密文的访问控制,解决云服务器诚实且好奇的问题;然后,提出一种既支持细粒度访问控制又支持对加密数据进行多关键字搜索的有效公钥加密方法,可以实现加密数据的多关键字查询,并且在生成关键字索引时不需要提前定义字典库,可以降低一部分存储开销;最后,在判定性Diffie-Hellman和随机Oracle模型的假设下证明了所提方法是安全的。实验结果表明,所提方法在索引生成和关键字匹配阶段效率较高。

关键词: font-family:宋体, ">云服务器;区块链;可搜索加密;属性加密;访问控制

Abstract:

For the problem of secure storage and credible sharing of massive data, a data sharing access control method of cloud-chain collaboration is proposed. Firstly, the system model based on blockchain and cloud storage is constructed. The attribute encryption algorithm based on ciphertext policy is improved, and the user-attribute many-to-many association policy is established to realize the access control of data ciphertext and solve the problem of honest and curious cloud servers. Then, an effective public key that supports both fine-grained access control and multi-keyword search of encrypted data is proposed. The proposed method is proved to be secure under the assumptions of deterministic Diffie-Hellman and stochastic Oracle models, and the experimental results show that the proposed method is more efficient in the index generation and keyword matching stages.

Key words: Cloud server, block chain, searchable encryption, properties of encryption, access control

中图分类号: