张艺帆, 庄富, 林果园. 基于联盟链的云访问控制技术研究[J]. 微电子学与计算机, 2021, 38(7): 79-84.
引用本文: 张艺帆, 庄富, 林果园. 基于联盟链的云访问控制技术研究[J]. 微电子学与计算机, 2021, 38(7): 79-84.
ZHANG Yifan, ZHUANG Fu, LIN Guoyuan. Research on cloud access control technology based on consortium blockchains[J]. Microelectronics & Computer, 2021, 38(7): 79-84.
Citation: ZHANG Yifan, ZHUANG Fu, LIN Guoyuan. Research on cloud access control technology based on consortium blockchains[J]. Microelectronics & Computer, 2021, 38(7): 79-84.

基于联盟链的云访问控制技术研究

Research on cloud access control technology based on consortium blockchains

  • 摘要: 针对云存储环境中单授权中心的安全性问题,提出一种以CP-ABE模型为基础,同时基于联盟区块链的可撤销多授权机构访问控制模型(Revocable Multi-Authority Access Control Based on Consortium Blockchain, RMACB).该模型以树形结构描述属性授权中心(Attribute Authority, AA),同时利用可信证书链(Trusted Certificate Chain, TCC)和成员服务提供商(Membership Service Provider, MSP)对联盟链上的节点进行身份管理和权限控制.将用户密钥嵌入到密文中去,实现可撤销的云访问控制技术,由云服务提供商来执行重加密过程,减轻了数据所有者的加密负担.实验验证了提出方案具有更低的计算成本和较高的安全性.

     

    Abstract: Aiming at the security problem of single authorization center in cloud storage environment, a revocable multi-authority access control based on CP-ABE model and federated block chain is proposed. Attribute Authority (AA) is described in a tree structure.At the same time, the Trusted Certificate Chain (TCC) and Membership Service Provider (MSP) are used to manage the identity and control the permissions of the nodes in the Chain. By embedding the user key into the ciphertext, the retractable cloud access control technology is realized, and the re-encryption process is performed by the cloud service provider, which reduces the encryption burden of the data owner. Experimental verification and analysis show that the proposed scheme has lower computational cost and higher security.

     

/

返回文章
返回