属性基加密和区块链结合的可信数据访问控制方案

doi:10.3969/j.issn.1671-1122.2021.03.002

摘要/Abstract

摘要：

传统的数据存储方式往往采用集中式架构,这种集中式存储架构容易产生信任和安全问题。文章提出一种属性基加密和区块链结合的可信数据访问控制方案,将对称加密算法和属性基加密算法结合,实现了数据所有者对数据的细粒度访问控制,保障了数据所有者的隐私保护权利。同时,文章将区块链技术和分布式存储相结合,区块链上仅存储数据及密文位置的哈希值和访问控制策略等信息,解决了区块链系统的存储瓶颈。实验表明,该方案能有效保护数据所有者的安全和隐私,实现数据的安全共享。

关键词: 数据共享, 区块链, 访问控制, 属性基加密, 分布式存储

Abstract:

The traditional way of data storage often adopts centralized architecture, which is prone to trust and security problems. This paper proposes a data access control scheme combining attribute-based encryption and blockchain, which combines symmetric encryption algorithm and attribute-based encryption algorithm to realize the fine-grained access control of data owners and protect the privacy protection rights of data owners. At the same time, this paper combines the blockchain technology with distributed storage, and only stores the hash value of the data and the hash value of the ciphertext location, access control policy and other information on the blockchain, which solves the storage bottleneck of blockchain system. Experiments show that the scheme can effectively protect the security and privacy of data owners, and realize the secure sharing of data.

Key words: data sharing, blockchain, access control, attribute-based encryption, distributed storage

中图分类号:

TP309

芦效峰, 付淞兵. 属性基加密和区块链结合的可信数据访问控制方案[J]. 信息网络安全, 2021, 21(3): 7-8.

LU Xiaofeng, FU Songbing. A Trusted Data Access Control Scheme Combining Attribute-based Encryption and Blockchain[J]. Netinfo Security, 2021, 21(3): 7-8.

图/表 12

图1

图2

图3

图4

表1

表2

图5

图6

表3

表4

图7

表5

参考文献 15

[1]	WANG Zuan, TIAN Youliang, ZHU Jianming. Data Sharing and Tracing Scheme Based on Blockchain [C]//IEEE. 2018 8th International Conference on Logistics, Informatics and Service Sciences (LISS), August 3-6, 2018, Toronto, ON, Canada. New York: IEEE, 2018: 1-6.
[2]	LIU Fangfei, GE Qian, YAROM Y, et al. Catalyst: Defeating Last-level Cache Side Channel Attacks in Cloud Computing [C]//IEEE. IEEE International Symposium on High Performance Computer Architecture (HPCA), April 4, 2016, Barcelona spain. New York: IEEE, 2016: 406-418.
[3]	SHAO Qifeng, JIN Cheqing, ZHANG Zhao, et al. Blockchain Technology: Architecture and Progress[J]. Journal of Computing, 2018,41(5):969-988.
	邵奇峰, 金澈清, 张召, 等. 区块链技术:架构及进展[J]. 计算机学报, 2018,41(5):969-988.
[4]	GE Chunpeng, LIU Zhe, FANG Liming. A Blockchain Based Decentralized Data Security Mechanism for the Internet of Things[J]. Journal of Parallel and Distributed Computing, 2020,141(5):1-9.
[5]	ZHANG Guochao, WANG Ruijin. Blockchain Sharding Storage Model Based on Threshold Secret Sharing[J]. Computer Applications, 2019,39(9):2617-2622.
	张国潮, 王瑞锦. 基于门限秘密共享的区块链分片存储模型[J]. 计算机应用, 2019,39(9):2617-2622.
[6]	SAHAI A, WATERS B. Fuzzy Identity-based Encryption [C]//Springer-Verlag. Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques, May 22-26, 2005, Aarhus, Denmark. Berlin: Springer-Verlag, 2005: 457-473.
[7]	LI Hongyu, ZHU Liehuang, Shen Meng, et al. Blockchain-based Data Preservation System for Medical Data[EB/OL]. https://www.onacademic.com/detail/journal_1000040406193710_05ee.html, 2020-10-08.
[8]	NOVO O. Blockchain Meets IoT: An Architecture for Scalable Access Management in IoT[J]. IEEE Internet of Things Journal, 2018,5(2):1184-1195.
[9]	LI Dongxi, PENG Wei, DENG Wenping, et al. A Blockchain-based Authentication and Security Mechanism for IoT [C]//IEEE. 2018 27th International Conference on Computer Communication and Networks (ICCCN), July 30-August 2, 2018, Hangzhou, China. New York: IEEE, 2018: 1-6.
[10]	DING Sheng, CAO Jin, LI Chen, et al. A Novel Attribute-Based Access Control Scheme Using Blockchain for IoT[EB/OL]. https://xueshu.baidu.com/usercenter/paper/show?paperid=141f04x0se6y00u0tu2u0ph03p650563&site=xueshu_se, 2020-10-18.
[11]	JEMEL M, SERHROUCHNI A. Decentralized Access Control Mechanism with Temporal Dimension Based on Blockchain [C]//IEEE. Proceedings of the IEEE 14th International Conference on E-business Engineering, November 4-6, 2017, Shanghai, China. New York: IEEE, 2017: 177-182.
[12]	DAI Mingjun, ZHANG Shengli, WANG Hui, et al.A Low Storage Room Requirement Framework for Distributed Ledger in Blockchain[EB/OL].https://xueshu.baidu.com/usercenter/paper/show?paperid=6c168128a081cd96512b5eff4b30a3a5&site=xueshu_se, 2020-10-22.
[13]	CHENG Guanjie, HUANG Zhengjie, DENG Shuiguang. Internet of Things Data Management Based on Block Chain and Edge Computing[J]. Journal of Internet of Things, 2020,4(2):1-9.
	程冠杰, 黄诤杰, 邓水光. 基于区块链与边缘计算的物联网数据管理[J]. 物联网学报, 2020,4(2):1-9.
[14]	CONFAIS B, LEBRE A, PARREIN B. An Object Store Service for a Fog/Edge Computing Infrastructure Based on IPFS and A Scale-out NAS [C]//IEEE. 2017 IEEE 1st International Conference on Fog and Edge Computing (ICFEC), May 14-15, 2017, Madrid. New York: IEEE, 2017: 41-50.
[15]	BETHENCOURT J, SAHAI A, WATERS B. Ciphertext-policy Attribute-based Encryption [C]//IEEE. 2007 IEEE Symposium on Security and Privacy, May 20, 2007, Berkeley, USA. New York: IEEE, 2007: 321-334.

编辑推荐 0

Metrics

阅读次数

全文

664

HTML			PDF

最新录用	在线预览	正式出版	最新录用	在线预览	正式出版
0	0	58	0	0	606

来源	本网站	其他网站

次数	596	68
比例	90%	10%

摘要

1015

最新录用	在线预览	正式出版

0	0	1015

	来源	本网站

	次数	1015
	比例	100%

文件大小/KB	500	1000	2000	3000	5000	10000
CP-ABE加密/ms	207	208	203	214	208	213
CP-ABE和SM4结合加密/ms	144	158	186	237	258	385
CP-ABE和AES结合加密/ms	134	145	151	165	191	258

文件大小/KB	500	1000	2000	3000	5000	10000
CP-ABE解密/ms	47	48	50	49	51	53
CP-ABE和SM4结合解密/ms	45	52	69	97	117	193
CP-ABE和AES结合解密/ms	44	51	62	70	90	123

文件大小/KB	500	1000	2000	3000	5000	10000
云服务器存储方案/ms	55	100	193	335	465	942
IPFS存储方案/ms	6	8	14	18	34	90

文件大小/KB	500	1000	2000	3000	5000	10000
云服务器存储方案/ms	54	96	182	264	438	876
IPFS存储方案/ms	11	19	33	47	70	152

方案	时间	机密性和完整性	可扩展性	细粒度的访问控制
文献[11]	2017年	强	弱	强
文献[12]	2018年	强	强	弱
文献[13]	2020年	强	强	弱
本文方案	2021年	强	强	强