• • 上一篇    下一篇

用于PHR云存储的属性密文访问控制方案

王淑娥%林柏钢%杨旸%李应   

  • 基金资助:
    国家自然科学基金[61075022]、福建省科技厅重点资助项目(2012H0025)

Attribute-based Cipher-text Access Control Scheme Used in Cloud Storage of PHR

WANG Shu-e%LIN Bo-gang%YANG Yang%LI Ying   

  • About author:福州大学数学与计算机科学学院,福建福州350108; 网络系统信息安全福建省高校重点实验室,福建福州350108

摘要: 为适应在云环境下外包个人健康记录的安全需求,文章提出一个用于个人健康记录云存储的属性密文访问控制方案。在密文策略属性基加密和对称加密算法(如AES等)的基础上,根据个人健康记录数据服务存在层级用户的特点,结合层级访问控制机制及用户访问目的优化密文策略属性基加密的访问结构,使得访问控制策略和密钥管理过程更加简洁;同时结合代理重加密技术和懒惰重加密由云服务提供商实现权限撤销,以便减轻数据拥有者的计算负荷。

Abstract: This paper proposes a cryptographic access control scheme based on attribute in cloud storage for PHR .The symmetric crypto system(such as AES) is used to encrypt the original data by the Data Owner ,and the cipher-text attribute-based encryption algorithm is used to encrypt the symmetric key. According that the service of PHR Data has hierarchical users, purpose of accessing to PHR and hierarchical access control mechanism are combined to construct simple and efifcient access tree of CP-ABE, while simplifying the procedure of key management. By utilizing proxy re-encryption and lazy re-encryption, privileges are revoked by the cloud service provider, which can largely reduce computation tasks of DO.