CN108200066A - A kind of logistics big data access control system and method based on encryption attribute - Google Patents

A kind of logistics big data access control system and method based on encryption attribute Download PDF

Info

Publication number
CN108200066A
CN108200066A CN201810008764.3A CN201810008764A CN108200066A CN 108200066 A CN108200066 A CN 108200066A CN 201810008764 A CN201810008764 A CN 201810008764A CN 108200066 A CN108200066 A CN 108200066A
Authority
CN
China
Prior art keywords
key
data
logistics
encryption
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810008764.3A
Other languages
Chinese (zh)
Inventor
王海勇
彭垚
丁越
郭凯璇
潘启青
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Post and Telecommunication University
Nanjing University of Posts and Telecommunications
Original Assignee
Nanjing Post and Telecommunication University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Post and Telecommunication University filed Critical Nanjing Post and Telecommunication University
Priority to CN201810008764.3A priority Critical patent/CN108200066A/en
Publication of CN108200066A publication Critical patent/CN108200066A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/51Discovery or management thereof, e.g. service location protocol [SLP] or web services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a kind of logistics big data access control system and method based on encryption attribute, wherein, four entities are included in the system:Trusted authority center, logistics data owner, logistics data visitor, Cloud Server;Access control method includes the following steps:Common parameter initialization, the generation of user's decrypted private key, data encryption and data deciphering.The invention has the beneficial effects that:In the method, logistics data owner oneself oneself will think that logistics information to be sharing is uploaded to Cloud Server, solve the problems, such as how to realize that logistics data is shared between different loglstics enterprises;The method introduces the access control scheme of the encryption attribute based on Ciphertext policy, and the access control to user is also achieved while ensure that data confidentiality.Present invention primarily contemplates the computing cost problems for reducing data owner and data visitor, realize the fine-granularity access control and safety certification of user.

Description

A kind of logistics big data access control system and method based on encryption attribute
Technical field
The invention belongs to the field of information security technology in big data environment, specially a kind of logistics based on encryption attribute Big data access control system and method.
Background technology
In recent years, the extensive concern of all circles is received as the big data technology of the important component of information technology, and It has been widely applied to all directions such as logistics, power grid, electric business, traffic.China Logistics industry achieves winged in recent years The development of speed, nowadays, using information technology come to promote the fast development of logistic industry be also one of current hot spot direction.Logistics Big data generally refers mainly to the various information number that article is collected into the process of circulation by internet, Internet of Things and RFID etc. According to.Logistics information can be shared between different loglstics enterprises to realize that utilizing for data maximizes, is by carrying out data analysis User provides more reasonable and preferably service.
Cloud computing is a kind of new technique pattern that can provide various data services to the user, by will largely count Calculate money storage resource, the resources such as software effectively link together calculating, storage and the application service that provides to the user and can determine.But Logistics information generally comprises the private datas such as customer, enterprise, therefore under cloud computing environment, and the secret protection of logistics data is will The matter of utmost importance of solution.Encryption system based on attribute is relatively suitably applied the secure access of shared data under cloud computing environment Control program, many schemes are in terms of access control flexibility, safety and operational efficiency, all in the presence of the ground that can be improved and develop Side.
Invention content
The purpose of the present invention is to provide a kind of logistics big data access control system and method based on encryption attribute, with Solve the problems mentioned above in the background art.
To achieve the above object, the present invention provides a kind of logistics big data access control system and side based on encryption attribute Method, which is characterized in that including four entities:Trusted authorization center, logistics data owner, logistics data visitor, cloud service Device.
Trusted authorization center (TrustedAuthorization Center, TAC):It is mainly used for the public affairs of generation system Parameter PK and master key MK altogether, and participate in the negotiation of session key between Cloud Server and user.
Logistics data owner (Logistics Data Owner, LDO):Representative, which possesses, thinks logistics information to be sharing in plain text User.In this access control method, logistics data owner is not directly to carry out attribute to plaintext using Ciphertext policy to add It is close, but selected symmetric key carries out symmetric cryptography to data, the access strategy cryptographic symmetrical for then reusing oneself definition is close Key.
Logistics data visitor (Logistics Data Visitors, LDV):Logistics data visitor can read cloud Encryption data in storage server, it is then close so as to obtain decrypted symmetric key to TAC by submitting the attribute set of oneself The private key of text, if the user property of logistics data visitor meets the access strategy that logistics data owner defines, will pass through The private key decryption of TAC distributions obtains symmetric cryptographic key, it is hereby achieved that in plain text, otherwise will be unable to obtain clear-text message.
Cloud Server (Cloud Storage Provider, CSP):Cloud Server provides logistics data storage and logistics number According to two class services of management, it is believed that Cloud Server is suspicious but honest, it will honestly perform every appoint according to the rules Business.
For the system entity of foregoing description, the program comprises the steps of:
A. Setup (1 is initializedk):This part is completed by TAC, the multiplicative cyclic group G that selected order is p and generation member is g0, Construct Bilinear map e:G0×G 0→G T, generate common parameter PK and master key MK.
B. key generation KeyGen (MK, A, u):This algorithm is completed by TAC, generates the decrypted private key of logistics data visitor And the session key that CSP communicates with user securityWherein MK is system master key, and A represents user property set, u tables Show system ordinary user.
C. data encryption Encrypt (PK, Km,T,M):This algorithm is performed by data sharing person, and user defines access strategy T, with common parameter PK, plaintext M, symmetric cryptographic key KmAnd the access strategy T that user formulates is input, LDO uses symmetrical Encrypted mode carries out symmetric cryptography to the logistics data for wanting to upload, and selects a symmetric cryptographic key K firstmTo data into Row encryption generates the ciphertext C of plaintext M symmetric cryptographym, by CmAs the object of encryption attribute, after the encryption of ciphertext access strategy Symmetric key ciphertext Ck, ultimately generate ciphertext C.
D. data re-encryption ReEncrypt (Cm,Ck,G):This algorithm is performed by CSP, and CSP is each set of properties GiWith Machine selects a re-encrypted private keyAnd re-encryption ciphertext is established for each group of attribute, CSP utilizes the meeting negotiated Words key pair re-encrypted private key is encrypted, and generates a message header corresponding with the ciphertext
Wherein G represents the attribute of user group.
E. data deciphering Decypt (Ck,A,SK,Km):LDV obtains ciphertext and its corresponding message header Head, LDV profit from CSP Re-encrypted private key is obtained with session key decryption ciphertextCounterweight encrypted cipher text is decrypted to obtain C firstm, then using pair Claim key KmDecrypt ciphertext CmObtain plaintext M
Description of the drawings
Fig. 1 is present system frame diagram;
Fig. 2 is the access control flow chart of the present invention;
Fig. 3 is the access-control protocol flow chart of the present invention.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present invention, the technical solution in the embodiment of the present invention is carried out clear, complete Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, instead of all the embodiments.Based on this Embodiment in invention, the every other reality that those of ordinary skill in the art are obtained without making creative work Example is applied, shall fall within the protection scope of the present invention.
Referring to Fig. 1, the present invention provides a kind of logistics big data access control system and method based on encryption attribute, it is System includes following four entities:
A. trusted authorization center (Trusted Authorization Center, TAC):It is mainly used for generation system Common parameter PK and master key MK, and participate in the negotiation of session key between Cloud Server and user.
B. logistics data owner (Logistics Data Owner, LDO):Representative, which possesses, thinks that logistics information to be sharing is bright The user of text.In this access control method, logistics data owner is not directly to carry out attribute to plaintext using Ciphertext policy Encryption, but selected symmetric key carries out symmetric cryptography to data, then reuses the access strategy cryptographic symmetrical of oneself definition Key.
C:Logistics data visitor (Logistics Data Visitors, LDV):Logistics data visitor can read Encryption data on cloud storage service device, then by submitting the attribute set of oneself to TAC so as to obtain decrypted symmetric key The private key of ciphertext, will be logical if the user property of logistics data visitor meets the access strategy that logistics data owner defines The private key decryption for crossing TAC distributions obtains symmetric cryptographic key, it is hereby achieved that in plain text, otherwise will be unable to obtain clear-text message.
D:Cloud Server (Cloud Storage Provider, CSP):Cloud Server provides logistics data storage and logistics Two class service of data management, it is believed that Cloud Server is suspicious but honest, it will honestly perform items according to the rules Task.
Referring to Fig. 2, the present invention provides a kind of logistics big data access control method and system based on encryption attribute, visit Ask that control method comprises the following steps:
A. Setup (1 is initializedk):This part is completed by TAC, generates common parameter PK and master key MK.
Specifically, step A further comprises:
A-a:Select multiplicative cyclic group G of the order for element p numbers0, wherein G0A generation member for g, define open mapping H: {0,1}*→G0
A-b:Construct Bilinear map e:G0×G0→GT
A-c:Select random number α, β ∈ Zp, computing system common parameter PK and system master key MK, wherein ZpRepresent mould p's Integer, specific configuration are as follows:
PK={ G0, g, h=gβ,e(g,g)α, MK={ β, gα}
B. key generation KeyGen (MK, A, u):This algorithm is completed by TAC, generates the decrypted private key of logistics data visitor And the session key that CSP communicates with user security, wherein MK are system master key, A represents user property set, and u represents system Unite ordinary user.
Specifically, step B further comprises:
B-a:The generation of user's decrypted private key SK.TAC performs algorithm KeyGen (MK, A, u) and generates logistics data visitor Decrypted private key SK, trusted authorization center selection r ∈ Zp, and select random number r for attribute i ∈ A each in attribute seti∈ Zp, SK is exported as input parameter, it is specific as follows:
B-b:The generation of session key.In order to ensure user uiSecure communication between CSP, using public encryption system A session key is negotiated with key agreement protocol
Specifically, step B-b further comprises:
B-b1:CSP by the identity of oneself and access ciphertext user uiIdentity issue TAC, it is specific as follows:
B-b2:TAC sends a public key certificate to CSP, specific as follows:
B-b3:CSP sends a session key to userAnd with the private key SK of oneselfCSPAnd the public key of userIt is encrypted, and ciphertext is issued to user u together with public key certificatei, it is specific as follows:
C. data encryption Encrypt (PK, Km,T,M):This algorithm is performed by data sharing person, with common parameter PK, plaintext M, symmetric cryptographic key KmAnd the access strategy that user formulates is input, can generate the ciphertext C of plaintext M symmetric cryptography in the processm And utilize the encrypted symmetric key ciphertext C of ciphertext access strategyk, ultimately generate ciphertext C.
Specifically, step C further comprises:
C-a:User defines the tree-like access structure T of Ciphertext policy, and algorithm needs each node definition to access tree One multinomial qx, since root node root, the multinomial of each node is generated at random using top-down mode, if The threshold value for accessing tree construction interior joint x is kx, then the degree d of the nodexIt is set as kx-1。
C-b:Data owner setsRandomly choose drootA node completes multinomial qroot's Definition for the node x other than root node, sets qx(0)=qparent(x)(index (x)), multinomial others dxEach node according to It is old that random manner is taken to select.
C-c:LDO carries out symmetric cryptography using the mode of symmetric cryptography to the logistics data for wanting to upload, and first selects one Symmetric cryptographic key KmData are encrypted, it is specific as follows:
C-d:By KmAs the object of encryption attribute, C is calculatedk, it is specific as follows:
Wherein i represents property element corresponding with leafy node y.
C-e:By CkAnd CmIt is uploaded to Cloud Server.
D. data re-encryption ReEncrypt (Cm,Ck,G):This algorithm is performed by CSP, when the attribute of logistics data owner When set changes, CSP is needed to CkRe-encryption operation is carried out, wherein G represents the attribute of user group.
Specifically.Step D further comprises:
D-a:CSP is each set of properties GiRandomly choose a re-encrypted private keyAnd it is each group of category Property establishes re-encryption ciphertext, specific as follows:
D-b:CSP is encrypted re-encrypted private key using the session key of negotiation, and generation one is corresponding with the ciphertext Message header Head:
E. data deciphering Decypt (Ck,A,SK,Km):Logistics data visitor first obtains ciphertext from cloud server end, then Perform this operation.
Specifically, step E further comprises:
E-a:LDV obtains ciphertext from CSP and its corresponding message header Head, LDV are weighed using session key decryption ciphertext Encryption key, i.e.,:
E-b:Define recursive decipherment algorithm DecryptNode (Ck, SK, x), for the leafy node in access strategy, I=att (x) is defined, for non-leaf nodes x, defines i=index (z), S'x={ index (z):z∈Sx,Specific decryption is as follows:
Wherein z represents the child node of node x.
E-c:Counterweight encrypted cipher text first is decrypted, and then utilizes the symmetric key K obtained in step E-bmDecryption obtains It obtains in plain text, it is specific as follows:

Claims (7)

1. a kind of logistics big data access control system based on encryption attribute, which is characterized in that including four entities:Trusted Authorization center, logistics data owner, logistics data visitor, Cloud Server are attached by internet between four entities, Specially:
A. trusted authorization center Trusted Authorization Center, TAC:For generating the common parameter PK of system With master key MK, and the negotiation of session key between Cloud Server and user is participated in;
B. logistics data owner Logistics Data Owner, LDO:Represent the use for possessing and thinking logistics information plaintext to be sharing Family;In this access control method, logistics data owner is not directly to carry out encryption attribute to plaintext using Ciphertext policy, and It is that selected symmetric key carries out symmetric cryptography to data, then reuses the access strategy encrypted symmetric key of oneself definition;
C:Logistics data visitor Logistics Data Visitors, LDV:Logistics data visitor can read cloud storage Encryption data on server, then by submitting the attribute set of oneself to TAC so as to obtain decrypted symmetric key ciphertext Private key if the user property of logistics data visitor meets the access strategy that logistics data owner defines, will pass through TAC points The private key decryption of hair obtains symmetric cryptographic key, it is hereby achieved that in plain text, otherwise will be unable to obtain clear-text message;
D:Cloud Server Cloud Storage Provider, CSP:Cloud Server provides logistics data storage and logistics data pipe Manage two class services, it is believed that Cloud Server is suspicious but honest, it will honestly perform each task according to the rules.
2. the method for system according to claim 1, which is characterized in that comprise the steps of:
A. it initializes:Perform Setup (1k), this part is completed by TAC, generates common parameter PK and master key MK;
B. key generates:KeyGen (MK, A, u) is performed, this algorithm is completed by TAC, and the decryption for generating logistics data visitor is private The session key that key and CSP communicate with user security, wherein MK are system master key, and A represents user property set, and u is represented System ordinary user;
C. data encryption:Perform Encrypt (PK, Km, T, M), this algorithm is performed by data sharing person, with common parameter PK, plaintext M, symmetric cryptographic key KmAnd the access strategy that user formulates is input, can generate the ciphertext C of plaintext M symmetric cryptography in the processm And utilize the encrypted symmetric key ciphertext C of ciphertext access strategyk, ultimately generate ciphertext C;
D. data re-encryption:Perform Re Encrypt (Cm, Ck, G), this algorithm is performed by CSP, when the category of logistics data owner When property set changes, CSP is needed to CkRe-encryption operation is carried out, wherein G represents the attribute of user group;
E. data deciphering:Perform Decypt (Ck, A, SK, Km), logistics data visitor will hold after obtaining ciphertext from cloud server end This operation of row.
3. according to the method described in claim 2, it is characterized in that, the step A is further included:
A-a:Select multiplicative cyclic group G of the order for element p numbers0, wherein G0A generation member for g, define open mapping H:{ 0,1 }* →G0
A-b:Construct Bilinear map e:G0×G0→GT
A-c:Select random number α, β ∈ Zp, computing system common parameter PK and system master key MK, wherein ZpRepresent that mould p's is whole Number, specific configuration are as follows:
PK={ G0, g, h=gβ, e (g, g)α, MK={ β, gα}。
4. according to the method described in claim 2, it is characterized in that, the step B is further included:
B-a:The generation of user's decrypted private key SK;TAC performs the solution that algorithm KeyGen (MK, A, u) generates logistics data visitor Close private key SK, trusted authorization center selection r ∈ Zp, and select random number r for attribute i ∈ A each in attribute seti∈Zp, with This exports SK for input parameter, specific as follows:
B-b:The generation of session key.In order to ensure user uiSecure communication between CSP, using public encryption system and close Key agreement protocol negotiates a session key
5. according to the method described in claim 2, it is characterized in that, the step C is further included:
C-a:User defines the tree-like access structure T of Ciphertext policy, and algorithm needs each node definition one to access tree Multinomial qx, since root node root, the multinomial of each node is generated at random using top-down mode, if accessed The threshold value of tree construction interior joint x is kx, then the degree d of the nodexIt is set as kx-1;
C-b:Data owner setsRandomly choose drootA node completes multinomial qrootDefinition, For the node x other than root node, q is setx(0)=qparent(x)(index (x)), multinomial others dxEach node is still adopted Random manner is taken to select;
C-c:LDO carries out symmetric cryptography using the mode of symmetric cryptography to the logistics data for wanting to upload, and first selection one is symmetrical Encryption key KmData are encrypted, it is specific as follows:
C-d:By KmAs the object of encryption attribute, C is calculatedk, it is specific as follows:
Wherein calculating formula att (y) represents property element corresponding with leafy node y;
C-e:By CkAnd CmIt is uploaded to Cloud Server.
6. according to the method described in claim 2, it is characterized in that, the step D is further included:
D-a:CSP is each set of properties GiRandomly choose a re-encrypted private keyAnd it is built for each group of attribute Vertical re-encryption ciphertext, it is specific as follows:
D-b:CSP is encrypted re-encrypted private key using the session key of negotiation, and generates one and corresponding with the ciphertext disappear Cease head Head:
7. according to the method described in claim 2, it is characterized in that, the step E is further included:
E-a:LDV obtains ciphertext from CSP and its corresponding message header Head, LDV obtain re-encryption using session key decryption ciphertext Key, i.e.,:
E-b:Define recursive decipherment algorithm DecryptNode (Ck, SK, x), for the leafy node in access strategy, define i=att (x), for non-leaf nodes x, i=index (z), S ' are definedx={ index (z):z∈Sx,Tool Body decryption is as follows:
Wherein z represents the child node of node x;
E-c:Counterweight encrypted cipher text first is decrypted, and then utilizes the symmetric key K obtained in step E-bmDecryption obtains bright Text, it is specific as follows:
CN201810008764.3A 2018-01-04 2018-01-04 A kind of logistics big data access control system and method based on encryption attribute Pending CN108200066A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810008764.3A CN108200066A (en) 2018-01-04 2018-01-04 A kind of logistics big data access control system and method based on encryption attribute

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810008764.3A CN108200066A (en) 2018-01-04 2018-01-04 A kind of logistics big data access control system and method based on encryption attribute

Publications (1)

Publication Number Publication Date
CN108200066A true CN108200066A (en) 2018-06-22

Family

ID=62588363

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810008764.3A Pending CN108200066A (en) 2018-01-04 2018-01-04 A kind of logistics big data access control system and method based on encryption attribute

Country Status (1)

Country Link
CN (1) CN108200066A (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108200074A (en) * 2018-01-14 2018-06-22 南京邮电大学 A kind of logistics big data access control system and method based on encryption attribute
CN109492427A (en) * 2018-10-17 2019-03-19 航天信息股份有限公司 Online shopping method and device
CN109756499A (en) * 2019-01-07 2019-05-14 陈庆梅 Big data secure access control system
CN109831444A (en) * 2019-02-28 2019-05-31 南京邮电大学 A kind of encryption attribute cloud storage access control method based on agency
CN110012312A (en) * 2019-03-28 2019-07-12 南京信息工程大学 The access control method based on key management suitable for pay television system
CN110113300A (en) * 2019-03-20 2019-08-09 云南财经大学 A kind of big data secure access control system
CN110311779A (en) * 2019-07-31 2019-10-08 杭州项帮科技有限公司 A kind of encryption attribute method of fraction key mechanism
CN110400642A (en) * 2019-06-12 2019-11-01 梁胤豪 A kind of medical data shared system and design method based on block chain technology
CN112906030A (en) * 2021-03-09 2021-06-04 浙江万里学院 Data sharing method and system based on multi-party fully homomorphic encryption
CN113676453A (en) * 2021-07-17 2021-11-19 中国人民解放军战略支援部队信息工程大学 Data encryption system and method for data resource safety access

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103701833A (en) * 2014-01-20 2014-04-02 深圳大学 Ciphertext access control method and system based on cloud computing platform
CN104113408A (en) * 2014-07-11 2014-10-22 西安电子科技大学 Method for realizing timely user attribute cancel based on ciphertext-policy attribute-based encryption
CN105071937A (en) * 2015-07-14 2015-11-18 河海大学 Ciphertext poly attribute base encryption method having efficient attribute revocation capability
CN106209357A (en) * 2016-07-06 2016-12-07 杨炳 A kind of ciphertext based on cloud computing platform accesses control system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103701833A (en) * 2014-01-20 2014-04-02 深圳大学 Ciphertext access control method and system based on cloud computing platform
CN104113408A (en) * 2014-07-11 2014-10-22 西安电子科技大学 Method for realizing timely user attribute cancel based on ciphertext-policy attribute-based encryption
CN105071937A (en) * 2015-07-14 2015-11-18 河海大学 Ciphertext poly attribute base encryption method having efficient attribute revocation capability
CN106209357A (en) * 2016-07-06 2016-12-07 杨炳 A kind of ciphertext based on cloud computing platform accesses control system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
熊安萍: "云存储环境下基于属性的密文策略访问控制机制研究", 《中国博士学位论文全文数据库 信息科技辑》 *

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108200074A (en) * 2018-01-14 2018-06-22 南京邮电大学 A kind of logistics big data access control system and method based on encryption attribute
CN109492427A (en) * 2018-10-17 2019-03-19 航天信息股份有限公司 Online shopping method and device
CN109756499A (en) * 2019-01-07 2019-05-14 陈庆梅 Big data secure access control system
CN109756499B (en) * 2019-01-07 2020-02-21 武汉东湖大数据交易中心股份有限公司 Big data security access control system
CN109831444A (en) * 2019-02-28 2019-05-31 南京邮电大学 A kind of encryption attribute cloud storage access control method based on agency
CN110113300A (en) * 2019-03-20 2019-08-09 云南财经大学 A kind of big data secure access control system
CN110012312B (en) * 2019-03-28 2021-09-28 南京信息工程大学 Key management based access control method suitable for pay television system
CN110012312A (en) * 2019-03-28 2019-07-12 南京信息工程大学 The access control method based on key management suitable for pay television system
CN110400642A (en) * 2019-06-12 2019-11-01 梁胤豪 A kind of medical data shared system and design method based on block chain technology
CN110311779A (en) * 2019-07-31 2019-10-08 杭州项帮科技有限公司 A kind of encryption attribute method of fraction key mechanism
CN110311779B (en) * 2019-07-31 2022-03-04 北京车讯互联网股份有限公司 Attribute encryption method of authority-sharing key mechanism
CN112906030A (en) * 2021-03-09 2021-06-04 浙江万里学院 Data sharing method and system based on multi-party fully homomorphic encryption
CN113676453A (en) * 2021-07-17 2021-11-19 中国人民解放军战略支援部队信息工程大学 Data encryption system and method for data resource safety access
CN113676453B (en) * 2021-07-17 2023-10-20 中国人民解放军战略支援部队信息工程大学 Data encryption system and method for secure access of data resources

Similar Documents

Publication Publication Date Title
CN108200066A (en) A kind of logistics big data access control system and method based on encryption attribute
US11720891B2 (en) Method and system for zero-knowledge and identity based key management for decentralized applications
CN104486307B (en) A kind of fraction key management method based on homomorphic cryptography
CN104079574B (en) User privacy protection method based on attribute and homomorphism mixed encryption under cloud environment
CN103618728B (en) A kind of encryption attribute method at more mechanism centers
CN103959735B (en) For providing the system and method communicated in safe multicasting cluster
CN103401839B (en) A kind of many authorization center encryption method based on attribute protection
CN107483198A (en) A kind of block catenary system supervised and method
CN107864139A (en) A kind of cryptography attribute base access control method and system based on dynamic rules
CN105991278A (en) Ciphertext access control method based on CP-ABE (Ciphertext-Policy Attribute-Based Encryption)
CN107196926A (en) A kind of cloud outsourcing privacy set comparative approach and device
Huang et al. Blockchain-assisted transparent cross-domain authorization and authentication for smart city
CN106209357A (en) A kind of ciphertext based on cloud computing platform accesses control system
Zhang et al. Feacs: A flexible and efficient access control scheme for cloud computing
CN107864040A (en) A kind of intelligent grid big data information management system based on safe cloud computing
CN108400862A (en) A kind of intelligent power trusted end-user data fusion encryption method
CN108600174A (en) A kind of access control mechanisms and its implementation of big merger network
Zhang et al. A secure revocable fine-grained access control and data sharing scheme for SCADA in IIoT systems
CN105790929B (en) Access control method in a kind of encryption environment that rule-based redundancy is eliminated
CN108200074A (en) A kind of logistics big data access control system and method based on encryption attribute
CN114697042A (en) Block chain-based Internet of things security data sharing proxy re-encryption method
Aluvalu et al. A novel and secure approach for quantum key distribution in a cloud computing environment
Manjusha et al. Comparative study of attribute based encryption techniques in cloud computing
CN110492997A (en) A kind of encryption system based on super account book, method, apparatus and storage medium
Moon et al. An AAA scheme using ID-based ticket with anonymity in future mobile communication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20180622