期刊文献+

云计算中基于可转换代理签密的可证安全的认证协议 被引量:9

Provably secure authentication protocol based on convertible proxy signcryption in cloud computing
原文传递
导出
摘要 云用户与公有云之间的双向认证是云计算中用户访问公有云的重要前提.2011年,Juang等首次提出了云计算环境下采用代理签名的认证协议,其优点是用户只需到私有云中注册,然后在私有云的帮助下通过公有云的认证.但是,该方案存在3个缺陷:1)为保护用户的隐私,每次会话都需更新用户公钥;2)当私有云中的许多用户同时登录不同的公有云时,私有云会遭遇网络拥堵;3)用户的私有云与访问的公有云之间需要预先共享秘密.为弥补上述不足,提出了一种保护用户隐私的可证安全的可转换代理签密方案,基于该方案设计了一种一轮云计算认证协议.新方案的优点在于用户向私有云注册后,就能通过公有云的认证,而不需要私有云的帮助,并且它还能保护用户的隐私性、抗抵赖性.协议不需要在每次会话开始前更新用户公钥,同时私有云与访问的公有云之间不再需要预先共享秘密.在随机谕言机模型下证明了新协议的安全性,并且比较说明新协议在效率方面优于Juang等的协议. Mutual authentication between the user and the public cloud is essential requirement for the user to access the public cloud in cloud computing.In 2011,Juang et al.proposed a first authentication scheme based on proxy signature.The advantage of the scheme is that the user only needs to register on his home service cloud(HSC),and can pass through the authentication of the public cloud with the help of his HSC.However, their scheme has three weaknesses:1)the user’s HSC needs to update the user’s public key in each session to protect the user’s privacy;2)HSC may suffer from network jam when many users in the same HSC need to register on different public clouds simultaneously;and 3)a secret key should be shared between HSC and visiting cloud.To overcome these weaknesses,a provably secure convertible proxy signcryption for privacy preserving is proposed.Based on this scheme,a novel one-round authentication protocol is proposed,which the user only needs to register on his HSC,and can pass through the authentication of the visiting cloud without the help of his HSC.On the other hand,the proposed protocol can provide some nice properties,such as user privacy protection, non-repudiation,without updating the user’s public key,and secret key does not have to be shared between HSC and visiting cloud.In addition,the proposed scheme is provably secure in the random oracle model,and is more efficient than Juang et al.’s scheme.
出处 《中国科学:信息科学》 CSCD 2012年第3期303-313,共11页 Scientia Sinica(Informationis)
基金 国家自然科学基金(批准号:61070153)资助项目
关键词 云计算 认证协议 可转换 代理签名 签密 可证安全 cloud computing authentication protocol convertibility proxy signature signcryption provably secure
  • 相关文献

参考文献2

二级参考文献17

  • 1Sanjay Ghernawat, Howard Gobioff, Shun-Tak Leung. The Google file system E A] .Proc of the 19th ACM Symposium on Operating Systems Principles [C]. New York: ACM Press, 2003.29 - 43.
  • 2Dhruba Borthaku. The Hadoop Distributed File System: Architecture and Design E EB/OL 1. http://hadoop, apache, org/ common/docs/r0.16.0/hdfs_ design, pdf, 2011.
  • 3Hbase Development Team. Hbase: Bigtable-Like Slructured Storage for Hadoop Hdfs [ EB/OL ]. http://wiki, apache. org/hadoop/Hbase, 2011.
  • 4Amazon. Amazon Simple Storage Service[EB/OL]. http:// www. amazon, com/s3,2011.
  • 5Yunhong Gu, Robert L Grossman. Sector and sphere: The design and implementation of a high-performance data cloud ~ J]. Philosophical Transactions of the Royal Society, 2009, 367A: 2429 - 2445.
  • 6Robert L Grossman, Yunhong Gu.Data mining using high per- formance data clouds: Experimental studies using sector and sphere [ A ]. Proc of the 14th ACM SIGKDD [ C ]. Las Vegas: ACM Press, 2008.920 - 927.
  • 7James Bmberg,Rajkumar Buyya,Zahir Taft. Creating a 'cloud storage' mashup for high performance, low cost content delivery [A]. Proc of the 6th International Conference on Service- Oriented Computing [ C ]. ICSOC 2008, Australia, Springer, LNCS 5472,2009. 178- 183.
  • 8James Broberg, Zahir Taft. MetaCDN: Harnessing storage clouds for high performance content delivery [A]. Proc of the 6th International Conference on Service-Oriented Computing [C], ICSOC 2008, Australia, Springer, LNCS 5364,2008.730 - 731.
  • 9Kevin D Bowers, Ari Juels, Alina Oprea. HAIL: A High- Availability and Integrity Layer for Cloud Storage I EB/ OL ]. http: / / eprint, iacr. org/, 2011.
  • 10David Tarrant, Tim Brody, Leslie Cart. From the Desktop to the Cloud: Leveraging Hybrid Storage Architectures in Your Repository [ EB/OL ]. http://eprints, ecs. soton, ac. uk/ 17084/1/or09. pdf, 2011.

共引文献48

同被引文献60

  • 1沈昌祥.做好云计算环境下的涉密信息系统分级保护工作[J].保密科学技术,2012(10):6-10. 被引量:3
  • 2卿斯汉.保障云安全,发展云计算[J].保密科学技术,2011(12):6-10. 被引量:2
  • 3朱勤,于守健,乐嘉锦,骆轶姝.外包数据库系统安全机制研究[J].计算机科学,2007,34(2):152-156. 被引量:17
  • 4张焕国,赵波.可信计算[M].武汉:武汉大学出版社,2011:33-35.
  • 5ARMBRUST M, FOX A, GRIFFITH R, et al. A view of cloud computing [J]. Commune ACM, 2010, 53(4) : 50 - 58.
  • 6韦凯.网格环境下信任模型及其访问控制应用的研究[D].广州:华南理工大学,201i.
  • 7ROGER C. User requirements for cloud computing architecture [C] // International Conference on Cluster, Cloud and Grid Computing. Melbourne.. IEEE, 2010: 625 - 630.
  • 8WANG Wei, ZENG Guo-sun, TANG Da-zhong, et al. Cloud-DLS:dynamic trusted scheduling for Cloud com- puting [J]. Expert System with Applications, 2012, 39 (3) :2321 - 2329.
  • 9MOHEMED A, JOHN G, AMANI S. Collaboration- based Cloud computing security management frame- work [C] //Proceedings of 2011 IEEE International Conference on Cloud Computing. Washington DC: IEEE, 2011: 364- 371.
  • 10CHA M, KWAK H, RODRIGUEZ P, et al. I Tube, You Tube, everybody tubes: analyzing the world's lar- gest user generated content video system [C]// Pro- eeedings of the 7th ACM SIGCOMM Conference on Internet Measurement. San Diego: ACM, 2007:1 - 14.

引证文献9

二级引证文献47

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部