摘要
云存储作为一种新兴的数据存储和云计算管理系统,得到了社会越来越多的关注。在云存储应用过程中,已经暴露出许多安全性问题,从而制约了云存储的进一步发展。针对云存储安全问题,文章提出了一种基于密文策略属性加密的安全、高效、细粒度的密文访问控制方案。文章首先对CP-ABE算法原理进行介绍,并在此基础上提出了改进算法,通过减少密钥计算量降低系统开销,提高运算效率。其次,建立密钥管理中心、用户和云存储服务器三方实体,同时对系统初始化、私钥申请、文件上传及文件下载流程进行描述。方案中数据属主利用私钥对文件摘要进行签名实现数据认证,避免了验证PKI公钥证书过程,提升认证效率;采用收敛加密技术实现密文数据冗余检测,提升存储空间利用率。最后,文章针对新方案的安全性进行理论分析,并通过仿真实验测试运行效率。实验证明,与一般方法相比,在用户属性和用户个数增长的条件下,新方案消耗的生成私钥时间最短且占有最小的存储空间。
Cloud storage obtains more and more social concerns as a new data storage management system. Cloud storage exposes many safety problems during using process. This paper puts forward a safety, efficient and fine-grained ciphertext access control scheme based on CP-ABE. Firstly, this paper introduces CP-ABE algorithm theory and improves CP-ABE in order to reduce the amount of key calculation and enhanced operation speed. Then this paper establishes models of key management center, users and cloud servicer, and describes systems initialization, key application, upload and download procedure of the files. Data owner uses key to signature file summary to complete data authentication and avoid authenticate PKI license. This paper uses convergent encryption to complete ciphertext redundancy test and improve storage space utilization ratio. At last, this paper analyses the scheme security and tests operation efficiency by simulated experiment. Compared to general methods, the new scheme consumes less time and storage space in case of user attributes and amount in growth. Experiment result shows the scheme has certain advantages in the case of massive users.
出处
《信息网络安全》
2016年第2期1-6,共6页
Netinfo Security
基金
湖北省自然科学基金[2015CFA066]