面向雾计算的隐私保护与访问控制方法

doi:10.3969/j.issn.1671-1122.2019.09.009

信息网络安全 ›› 2019, Vol. 19 ›› Issue (9): 41-45.doi: 10.3969/j.issn.1671-1122.2019.09.009

面向雾计算的隐私保护与访问控制方法

汪金苗^1,², 王国威³, 王梅^1,², 朱瑞瑾⁴

1.北京锐安科技有限公司,北京 100192
2.北京市网络空间数据分析与应用工程技术中心,北京 100192
3.北京市公安局,北京 100055
4.中国信息安全测评中心,北京 100085

收稿日期:2019-07-15 出版日期:2019-09-10 发布日期:2020-05-11
作者简介:
作者简介：汪金苗（1987—）,女,山东,博士,主要研究方向为数据安全与访问控制;王国威（1977—）,女,北京,硕士,主要研究方向为信息安全;王梅（1975—）,女,辽宁,本科,主要研究方向为大数据挖掘;朱瑞瑾（1985—）,男,山东,博士,主要研究方向为二进制安全。
基金资助:
国家自然科学基金[61802439]

Achieving Privacy Preserving and Flexible Access Control in Fog Computing

Jinmiao WANG^1,², Guowei WANG³, Mei WANG^1,², Ruijin ZHU⁴

1. Run Technologies Co., Ltd. Beijing, Beijing 100192, China
2. Beijing Cyberspace Data Analysis and Applied Engineering Technology Research Center, Beijing 100192, China
3. Beijing Municipal Bureau of Public Security, Beijing 100055, China
4. China Information Technology Security Evaluation Center, Beijing 100085, China

Received:2019-07-15 Online:2019-09-10 Published:2020-05-11

摘要/Abstract

摘要：

文章在基于属性加密技术的基础上提出了面向雾计算的隐私保护与访问控制方案,并以车联网为例介绍了该方案的具体实现。采用该方案后,雾节点与终端用户之间的交互信息均以密文传递,只有满足访问策略的终端用户或者雾节点才可以解密信息。该方案可赋予数据保护自身的能力,使得数据在不依赖第三方的情况下保证自身机密性并实现灵活的访问控制,从而实现雾计算中的隐私保护与访问控制。

关键词: 隐私保护, 访问控制, 雾计算, 车联网, 基于属性加密

Abstract:

This paper proposes a privacy preserving and access control scheme for fog computing based on attribute-based encryption, and take the Internet of vehicles as an instance to illustrate the implementation framework of the scheme. By deploying the proposed scheme, the data transmitted between fog node and end user is in ciphertext, and only the authorized users or fog nodes can decrypt successfully. The proposed scheme gives data the ability to ensure its security entirely relying on itself, without depending on other third parties, which achieves privacy preserving and flexible access control in fog computing.

Key words: privacy preserving, access control, fog computing, Internet of vehicles, attribute-based encryption

中图分类号:

TP309

汪金苗, 王国威, 王梅, 朱瑞瑾. 面向雾计算的隐私保护与访问控制方法[J]. 信息网络安全, 2019, 19(9): 41-45.

Jinmiao WANG, Guowei WANG, Mei WANG, Ruijin ZHU. Achieving Privacy Preserving and Flexible Access Control in Fog Computing[J]. Netinfo Security, 2019, 19(9): 41-45.

图/表 1

参考文献 16

[1]	WANG Yifang, UEHARA T, SASAKI R.Fog Computing: Issues and Challenges in Security and Forensics[C]//IEEE. IEEE Computer Software and Applications Conference, July 1-5, 2015, Taiwan, China. New Jersey: IEEE, 2015: 53-59.
[2]	YI Shanhe, QIN Zhengrui, LI Qun.Security and Privacy Issues of Fog Computing: A Survey[C]//Springer. Wireless Algorithms Systems and Applications, August 10-12, 2015, Qufu, China. Heidelberg: Springer, 2015: 685-695.
[3]	ALLIANCE C. Security Guidance for Critical Areas of Focus in Cloud Computing v3.0[EB/OL]. , 2019-1-22.
[4]	SAHAI A, WATERS B.Fuzzy Identity-based Encryption[C]//Springer. Advances in Cryptology-EUROCRYPT 2005, May 22-26, 2005, California, USA. Heidelberg: Springer, 2005: 457-473.
[5]	GOYAL V, PANDEY O, SAHAI A, et al.Attribute-based Encryption for Fine-grained Access Control of Encrypted Data[C]//ACM. ACM Conference on Computer and Communications Security, October 30-November 3, 2006, Alexandria, Virginia, USA. New York: ACM, 2006: 89-98.
[6]	BETHENCOURT J, SAHAI A, WATERS B.Ciphertext-policy Attribute-based Encryption[C]//IEEE. IEEE Symposium on Security and Privacy, May 20-23, 2007, Berkeley, USA. New Jersey: IEEE, 2007: 321-334.
[7]	YI Shanhe, LI Cheng, LI Qun.A Survey of Fog Computing: Concepts, Applications and Issues[C]//ACM. ACM Workshop on Mobile Big Data, June 21, 2015, Hangzhou, China. New York: ACM, 2015: 37-42.
[8]	KANNA T R, NAGARAJU M, BHASKAR C V.Secure Fog Computing: Providing Data Security[J]. International Journal of Research in Computer and Communication Technology, 2015, 4(1): 53-55.
[9]	YU Shucheng, WANG C, REN Kui, et al.Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing[C]//IEEE. 29th Conference on Information Communications, March 14-19, 2010, San Diego, California, USA. New Jersey: IEEE, 2010: 1-9.
[10]	LANG Bo, WANG Jinmiao, LIU Yanxi. AchievingFlexible and Self-Contained Data Protection in Cloud Computing[EB/OL]. , 2017-3-13.
[11]	LANG Bo, XU Runhua, DUAN Yawei.Extending the Ciphertext-policy Attribute Based Encryption Scheme for Supporting Flexible Access Control[C]//IEEE. 10th International Conference on Security and Cryptography, July 29-31, 2013, Reykjavik, Iceland. New Jersey: IEEE, 2013: 147-157.
[12]	YU Zuoxia, AU M H, XU Qiuliang, et al. Towards Leakage-resilient Fine-grained Access Control in Fog Computing[EB/OL]. , 2019-2-11.
[13]	DSOUZA C, AHN G J, TAGUINOD M.Policy-driven Security Management for Fog Computing: Preliminary Framework and a Case Study[C]//IEEE. IEEE International Conference on Information Reuse and Integration, August 13-15, 2014, Redwood City, CA. New Jersey: IEEE, 2014: 16-23.
[14]	LU Rongxing, LIANG Xiaohui, LI Xu, et al.EPPA: An Efficient and Privacy-preserving Aggregation Scheme for Secure Smart Grid Communications[J]. IEEE Transactions On Parallel and Distributed Systems, 2012, 23(9): 1621-1631.
[15]	CAO Zhenhai, LANG Bo, WANG Jinmiao.An Efficient and Fine-grained Access Control Scheme for Multidimensional Data Aggregation in Smart Grid[C]//IEEE. IEEE International Conference on Trust, Security and Privacy in Computing and Communications, August 23-26, 2016, Tianjin, China. New Jersey: IEEE, 2016: 362-369.
[16]	LIU Jianhua, ZHENG Xiaokun, ZHENG Dong, et al.Secure Attribute Based Encryption Enabled Cloud Storage System with Ciphertext Search[J]. Netinfo Security, 2019, 19(7): 50-58.
	刘建华,郑晓坤,郑东,等.基于属性加密且支持密文检索的安全云存储系统[J].信息网络安全,2019,19(7):50-58.

面向雾计算的隐私保护与访问控制方法

Achieving Privacy Preserving and Flexible Access Control in Fog Computing

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 1

参考文献 16

相关文章 15

编辑推荐

Metrics

本文评价

[1]	杜义峰, 郭渊博. 一种基于信任值的雾计算动态访问控制方法[J]. 信息网络安全, 2020, 20(4): 65-72.
[2]	刘鹏, 何倩, 刘汪洋, 程序. 支持撤销属性和外包解密的CP-ABE方案[J]. 信息网络安全, 2020, 20(3): 90-97.
[3]	喻露, 罗森林. RBAC模式下数据库内部入侵检测方法研究[J]. 信息网络安全, 2020, 20(2): 83-90.
[4]	唐春明, 林旭慧. 隐私保护集合交集计算协议[J]. 信息网络安全, 2020, 20(1): 9-15.
[5]	许盛伟, 王飞杰. 多机构授权下可追踪可隐藏的属性基加密方案[J]. 信息网络安全, 2020, 20(1): 33-39.
[6]	王生玉, 汪金苗, 董清风, 朱瑞瑾. 基于属性加密技术研究综述[J]. 信息网络安全, 2019, 19(9): 76-80.
[7]	郝文江, 林云. 互联网企业社会责任现状与启示研究[J]. 信息网络安全, 2019, 19(9): 130-133.
[8]	叶阿勇, 金俊林, 孟玲玉, 赵子文. 面向移动终端隐私保护的访问控制研究[J]. 信息网络安全, 2019, 19(8): 51-60.
[9]	吴志红, 赵建宁, 朱元, 陆科. 国密算法和国际密码算法在车载单片机上应用的对比研究[J]. 信息网络安全, 2019, 19(8): 68-75.
[10]	周权, 许舒美, 杨宁滨. 一种基于ABGS的智能电网隐私保护方案[J]. 信息网络安全, 2019, 19(7): 25-30.
[11]	秦中元, 韩尹, 张群芳, 朱雪金. 一种改进的多私钥生成中心云存储访问控制方案[J]. 信息网络安全, 2019, 19(6): 11-18.
[12]	李怡霖, 闫峥, 谢皓萌. 车载自组织网络的隐私保护综述[J]. 信息网络安全, 2019, 19(4): 63-72.
[13]	傅彦铭, 李振铎. 基于拉普拉斯机制的差分隐私保护k-means++聚类算法研究[J]. 信息网络安全, 2019, 19(2): 43-52.
[14]	赵志岩, 吴剑, 康凯. 一种兼顾业务数据安全的隐私保护世系发布方法[J]. 信息网络安全, 2019, 19(12): 29-37.
[15]	蔡方博, 何泾沙, 朱娜斐, 韩松. 分布式访问控制模型中节点级联失效研究[J]. 信息网络安全, 2019, 19(12): 47-52.