信息网络安全 ›› 2021, Vol. 21 ›› Issue (3): 7-8.doi: 10.3969/j.issn.1671-1122.2021.03.002

• 技术研究 • 上一篇    下一篇

属性基加密和区块链结合的可信数据访问控制方案

芦效峰(), 付淞兵   

  1. 北京邮电大学网络空间安全学院,北京 100876
  • 收稿日期:2021-01-06 出版日期:2021-03-10 发布日期:2021-03-16
  • 通讯作者: 芦效峰 E-mail:luxf@bupt.edu.cn
  • 作者简介:芦效峰(1976—),男,山西,副教授,博士,主要研究方向为人工智能、物联网安全、区块链|付淞兵(1996—),男,江西,硕士研究生,主要研究方向为区块链、隐私保护
  • 基金资助:
    国家自然科学基金(61472046)

A Trusted Data Access Control Scheme Combining Attribute-based Encryption and Blockchain

LU Xiaofeng(), FU Songbing   

  1. School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China
  • Received:2021-01-06 Online:2021-03-10 Published:2021-03-16
  • Contact: LU Xiaofeng E-mail:luxf@bupt.edu.cn

摘要:

传统的数据存储方式往往采用集中式架构,这种集中式存储架构容易产生信任和安全问题。文章提出一种属性基加密和区块链结合的可信数据访问控制方案,将对称加密算法和属性基加密算法结合,实现了数据所有者对数据的细粒度访问控制,保障了数据所有者的隐私保护权利。同时,文章将区块链技术和分布式存储相结合,区块链上仅存储数据及密文位置的哈希值和访问控制策略等信息,解决了区块链系统的存储瓶颈。实验表明,该方案能有效保护数据所有者的安全和隐私,实现数据的安全共享。

关键词: 数据共享, 区块链, 访问控制, 属性基加密, 分布式存储

Abstract:

The traditional way of data storage often adopts centralized architecture, which is prone to trust and security problems. This paper proposes a data access control scheme combining attribute-based encryption and blockchain, which combines symmetric encryption algorithm and attribute-based encryption algorithm to realize the fine-grained access control of data owners and protect the privacy protection rights of data owners. At the same time, this paper combines the blockchain technology with distributed storage, and only stores the hash value of the data and the hash value of the ciphertext location, access control policy and other information on the blockchain, which solves the storage bottleneck of blockchain system. Experiments show that the scheme can effectively protect the security and privacy of data owners, and realize the secure sharing of data.

Key words: data sharing, blockchain, access control, attribute-based encryption, distributed storage

中图分类号: