摘要
相对于传统的群签名技术,属性认证方案可以更好地解决云资源的细粒度准入控制和用户隐私保护问题。然而,在多数的已有方案中,用户需要在认证阶段执行大量的在线运算。而且,已有方案并未考虑云服务提供商对访问控制策略中的属性值进行隐藏的问题。在Yang等方案基础上提出改进的属性认证方案,新方案可以更好地保护诚实用户的隐私,支持对访问控制策略的部分隐藏,而且用户在认证阶段的运算效率更高。
Compared with traditional group signatures,attribute-based authentication schemes can better solve the problems of finegrained access control on cloud resources and the protection of user privacy.However,in most existing schemes,users need to perform a large amount of online computation during the authentication phase.Furthermore,the existing solutions do not address the issue of allowing cloud service providers to hide attribute values in access control policies.Based on Yang et al.’s attribute-based authentication scheme,an improved scheme was proposed.The new scheme provides stronger privacy protection for honest users and supports hidden access structures.In addition,users’computing burden is alleviated during the authentication phase.
作者
崔荣涛
柳欣
宁文龙
韩芳
朱德宝
CUI Rong-tao;LIU Xin;NING Wen-long;HAN Fang;ZHU De-bao(School of Information Engineering,Shandong Youth University of Political Science,Jinan 250013,China;Key Laboratory of Information Security and Intelligent Control in Universities of Shandong(Shandong Youth University of Political Science),Jinan 250013,China)
出处
《电脑知识与技术》
2021年第13期6-8,共3页
Computer Knowledge and Technology
基金
山东省高等学校科学技术计划项目(J17KA081)
山东省高等教育本科教改项目(M2018X245)资助。
关键词
云计算安全
隐私保护
属性认证
访问控制策略
cloud computing security
privacy-preserving
attribute-based authentication
access control policy
