CN108418784B - Distributed cross-domain authorization and access control method based on attribute password - Google Patents
Distributed cross-domain authorization and access control method based on attribute password Download PDFInfo
- Publication number
- CN108418784B CN108418784B CN201711260376.6A CN201711260376A CN108418784B CN 108418784 B CN108418784 B CN 108418784B CN 201711260376 A CN201711260376 A CN 201711260376A CN 108418784 B CN108418784 B CN 108418784B
- Authority
- CN
- China
- Prior art keywords
- user
- attribute
- key
- gid
- service node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 30
- 238000013475 authorization Methods 0.000 title claims abstract description 16
- 239000011159 matrix material Substances 0.000 claims description 13
- 239000013598 vector Substances 0.000 claims description 12
- 238000011084 recovery Methods 0.000 claims description 6
- 238000004364 calculation method Methods 0.000 claims description 5
- 238000013507 mapping Methods 0.000 claims description 3
- 238000012946 outsourcing Methods 0.000 abstract description 3
- 230000002452 interceptive effect Effects 0.000 abstract description 2
- 238000005516 engineering process Methods 0.000 description 8
- 238000010586 diagram Methods 0.000 description 6
- 238000007726 management method Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000000926 separation method Methods 0.000 description 2
- 244000166124 Eucalyptus globulus Species 0.000 description 1
- 229940126655 NDI-034858 Drugs 0.000 description 1
- 241000290929 Nimbus Species 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000002354 daily effect Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 238000005065 mining Methods 0.000 description 1
- 239000003595 mist Substances 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0847—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving identity based encryption [IBE] schemes
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a distributed cross-domain authorization and access control method based on an attribute password, which is mainly used for solving the cross-domain authorization and access control problems in a large-scale distributed environment. The invention designs a multi-authority (AAs) and a Hierarchical Attribute Encryption mechanism (MA-HABE-CKD) with controlled key delegation, supports non-centralized and controlled security authorization for users in multiple domains, prevents key delegation abuse, and realizes non-interactive access control on the basis of the non-centralized and controlled security authorization. The method also supports outsourcing of decryption, and supports a lightweight user to obtain authorization to access the system.
Description
Technical Field
The invention belongs to the field of data security storage access in the computer information security discipline, and particularly relates to a distributed cross-domain authorization and access control method in a distributed environment.
Background
With the rapid development of computer technology and the internet, a large amount of data generated every day is stored on a computer in a digitized form. Cloud computing is an emerging technology in which users can lease the storage and computing resources of a server (also called a cloud) provided by a company. The user only needs to connect to an internet terminal, a smart phone or a tablet computer. The application runs in the cloud, not the user's machine. The cloud can store large amounts of data so mobile users do not have to carry their data. Some cloud providers offer application services (e.g., Google Apps, Microsoft online), and some provide infrastructure support (e.g., Amazon's EC2, Eucalyptus, Nimbus). This distributed data access process is becoming a trend; the cloud computing technology provides an effective solution for storage and processing of mass data, and provides a large number of different types of services; the fog calculation is taken as a hot spot discussed by the public at present, and the advantages of low delay, location perception and widely distributed location nodes are utilized. In the real life environment, the related fog computing equipment can not only improve the computing efficiency of data, but also feed back the data to the user in time. By utilizing the characteristics of the geographical location where the mist devices are widely distributed, the user can effectively and quickly access the data. In technologies such as distributed processing, storage and virtualization relying on fog computing, fog computing is really an effective solution for solving management, analysis and mining of data. In a fog computing environment, a user can store data in a fog device, but the data storage mode can cause the user to lose safety management control over the data, so that great potential safety hazards are brought to the data on the fog device. For example, various sensitive data and the like stored in smart bracelets, smart homes and smart office systems can have a great negative effect on people's daily life and work once the private information is revealed.
However, the protection requirement of the user on the data privacy information can be realized through the data encryption technology and the access control method. The traditional access control method needs a completely trusted server and a trusted administrator to execute, the number of users in the system and the size of stored data become a bottleneck of the system efficiency, and if the server is attacked by an attacker, the user privacy data stored on the server will be leaked, so that the traditional access control method is not suitable for the existing fog computing environment. The traditional public key cryptography or symmetric encryption mechanism needs to generate different keys for different users, so that the same file is encrypted by using different keys for an encryptor and stored on a server. In the fog computing environment, a data owner does not need to know in advance which users need to access the data, and only needs to encrypt the data needing to be shared according to an encryption strategy, and in the environment, an encryption scheme constructed under a traditional access control mechanism cannot provide fine-grained access, so that the traditional encryption technology and the access control method cannot be effectively applied to the fog computing environment.
Based on the existing problems, Attribute-Based Encryption (ABE) is considered to be one of the technologies most suitable for solving the security protection of private data in a fog computing environment and realizing fine-grained data access at present, and the method can realize a one-to-many Encryption access control mechanism and has the characteristics of expandability and distribution. The ABE has two extended structures, one is an ABE based on a ciphertext policy (CP-ABE) and an ABE based on a key policy (KP-ABE), in the CP-ABE, a key of each user is related to a group of attribute sets, and the ciphertext is related to an access structure; in KP-ABE, instead, the ciphertext is associated with a set of attributes, and the user's key is associated with the access structure. When the ABE is applied to a fog computing environment, the CP-ABE is more suitable for data access control when the data owner can effectively manage and control the private data stored on the fog device, and the data owner can freely define which users with which attributes can access the private data stored on the fog device.
In a fog environment, however, there is a need for: the user needs to entrust the own key to other users in a specific environment, and the method not only can lead the user to fully utilize the own key, but also can reduce the calculation expense and the efficiency problem that the user needs to submit a registration request to the system each time to a certain extent. In the existing attribute encryption research, an author Wang and the like in a document of 'Hierarchical attribute-based encryption for defined access control in closed storage services', proposes an effective key delegation mechanism in a Hierarchical attribute encryption scheme, and can realize key delegation among users; an efficient key distribution method is proposed in CN105915333A, but only a single attribute authority distributes keys, which greatly increases the burden of authority in the actual implementation process. In chinese patent document CN2015101068880.5, a patent entitled "a distributed access control method based on attribute encryption" proposes an encryption method capable of protecting the privacy and security of data, and realizing efficient distributed and scalable fine-grained access control, which shares the workload of a single authority by using multiple authorities, and can realize efficient outsourcing decryption and user revocation, but does not perform hierarchical management on attributes, and is inefficient. CN106059763A proposes a hierarchical ciphertext encryption strategy based on multiple authorities, but does not support key delegation. In addition, the author Luan I and the like in the document "media signed Ciphertext-Policy Attribute-based encryption and Its Application" proposes an Attribute encryption mechanism with arbitration, proposes key separation, and realizes instant user revocation.
Disclosure of Invention
In view of this, the technical problem to be solved by the present invention is to provide a distributed cross-domain authorization and access control method Based on Attribute cryptography, and the present invention designs a multi-authority (AAs) and a Hierarchical Attribute Encryption mechanism (MA-HABE-CKD) with controlled key delegation, which supports non-centralized and controlled security authorization for users in multiple domains, prevents key delegation abuse, and realizes non-interactive access control Based on this. The method also supports decryption outsourcing and supports a lightweight user to obtain authorization to access the system, namely, the method not only can meet the requirement of high-efficiency multi-authority attribute encryption in a distributed environment, but also can realize an access control mechanism of key delegation.
In order to achieve the purpose, the invention provides the following technical scheme:
the system model of the present invention is shown in fig. 1, and the model is composed of five entities, namely trusted identity federation providers (FIPs), Service Providers (SPs), data owners, Service Nodes (SNs), and users. The FIP is responsible for authentication and registration of users and distributes Global Identity (GID), certificates and user global private keys to legal users; each SP operates independently and is responsible for managing attributes in its own domain, and at the same time, they are responsible for distributing attribute keys to registered legal subscribers and for distributing the subscriber's attribute key UASKGID,1And UASKGID,2Respectively sending the data to service equipment and a user; the data owner encrypts data based on the defined access structure and stores the encrypted data on a service node, and the service node provides storage and access services; when a legal user accesses authorized data, the service equipment firstly retrieves the attribute key of the user, then decrypts the ciphertext by using the attribute key to generate a Decryption Token (DT) and sends the DT and the ciphertext to the user, and then the user decrypts the ciphertext by using the global private key and the DT to finally obtain the data needing to be accessed.
The invention provides a hierarchical attribute encryption method in a distributed environment, which comprises the following steps:
s1: initializing a system: generating a system public parameter, a public/private key pair of a Service Provider (SPs), a public/private key pair of an attribute, and a public/private key pair of an Identity federation Provider (FIP);
s2: data encryption: the data owner encrypts the data and stores the encrypted data on a Service Node (SN);
s3: user registration and key generation: requesting registration, allocating a Global Identifier (GID) to the FIP, and distributing a signed attribute certificate and a Global private key to the user, wherein the SPs distribute a corresponding attribute private key to the user based on the attribute certificate of the user, and the attribute private key is divided into two parts, one part is sent to the user, and the other part is sent to the service node;
s4: accessing data: the user submits a data access request to the service node SN, if and only if the attribute set of the user meets the access structure in the ciphertext, the ciphertext is decrypted by the user and the service node in a combined manner, and the service node bears part of decryption calculation tasks, so that the burden of a terminal user is reduced;
s5: user attribute key delegation: only in the case of cooperation between the user and the service node SN, i.e. under the control of the service node, the superior user can generate an attribute key for the subordinate user, enabling secure key delegation.
Further, the step S1 includes the following steps:
s11: identity federation provider FIP initialization: inputting security parameters to generate public parameters of the system and public/private key pairs of identity alliance suppliers;
s12: service provider SPs initialization, including:
s121: each service provider SP receives the system public parameters and the public key of the FIP from the identity federation provider FIP;
s122: each service provider SP defines attributes, builds an attribute tree and generates public/private key pairs for the attributes it manages.
Further, the step S2 includes the following steps:
s21: the data owner receives the public key of the system public parameter and the attribute from the identity alliance supplier FIP and the service supplier respectively;
s22: for data M to be encrypted, the data owner defines an access structure a for the data based on a global attribute set S, denoted by (M, ρ, τ), where M is an access matrix of l rows and n columns, and the function ρ (i) maps the ith row of the matrix M to an attribute vector in SFunction(s)Representing attribute vectorsMapping to attribute tree τ;
s23: data owner from integer ZpSelecting random number s and random arrayAnd let s be a vectorThe first element of (a);
s25: selecting a random number ri∈Zp,i∈{1,2,...,l};
S26: encrypting the message m and outputting a ciphertext CT;
s27: the data owner uploads the ciphertext CT to the service node.
Further, the step S3 includes the following steps:
s31: a user requests to join the system and submits identity information to an identity alliance provider (FIP) for registration;
s32: the FIP firstly authenticates the user;
s33: if the user is legal, distributing a global identity GID to the user, and distributing a certificate and a global private key to the user, wherein the certificate comprises the global identity GID of the user, an attribute list of the user and a global public key of the user, and the identity alliance provider FIP signs the certificate by using the private key and sends the certificate and the private key to the user in a safe mode; if the user is illegal, refusing the user to join the system;
s34: when the user receives the certificate and the global private key sent by the identity alliance provider FIP, the certificate is sent to the related service provider SPs;
s35: after receiving the user certificate, the service provider SPs verifies the certificate by using the public key of the identity alliance provider FIP;
s36: the service provider SPs verifies whether the global identity GID of the user belongs to a User Revocation List (URL); if it isThe service provider SPs generates two shares of the attribute private key UASK to the user based on the user's attribute listGID,1And UASKGID,2If GID ∈ URL, service provider SPs terminate operation;
s37: SPs private key UASK attribute of userGID,1And UASKGID,2Respectively to the service node SN and the user.
Further, the step S4 includes the following steps:
s41: a user with a global identity GID sends a data access request to the SN, and sends a certificate of the user to the SN;
s42: the service node SN verifies the certificate using the public key of the identity federation provider FIP and verifies whether the global identity GID of the user belongs to a User Revocation List (URL);
s44: service node SN retrieves user's attribute private key UASKGID,1;
S45: the service node SN uses the attribute private key of the user to pre-decrypt the ciphertext and generates a decryption token DT;
wherein S45 includes the following steps:
s451: order toAnd I ═ I:ρ (I) ∈ RAIn which R isAAnd representing the attribute vector set corresponding to the access structure A. If according to the access matrix M, { λi}i∈IIs an efficient share of the encryption index s, then there is a recovery coefficient { wi∈Zp}i∈ICapable of reconstructing an encryption index ofFirst, the service node SN acquires the recovery coefficient wi∈Zp}i∈I;
S452: then the service node SN calculates a decryption token DT;
s46: the service node SN sends the decryption token DT to the user;
s47: finally, the user uses the attribute private key UASKGID,2And the decryption token DT decrypts the ciphertext, if the attribute of the user meets the access structure in the ciphertext, the user successfully decrypts the ciphertext; if not, the decryption fails.
Further, the step S5 includes the following steps:
s51: a lower layer user with a global identity GID' requests a entrusting secret key from an upper layer user with the global identity GID;
s52: the upper layer user with the global identity GID calculates the UASKGID',2;
S53: the upper layer user calculates a key token KT;
s54: upper layer user sets attribute key UASKGID',2Entrusted to the lower layer user;
s55: the upper layer user sends a key entrusting request to the service node SN and sends a key token KT to the service node SN;
s56: the service node SN firstly detects whether the user is legal or not according to the key token KT sent by the user;
s57: if the key is legal, executing a key delegation request; if not, rejecting the key delegation request;
s58: the service node SN generates a corresponding attribute key UASKGID',2And stored on the service node SN.
The invention has the advantages that: the invention provides a multi-authority hierarchical attribute encryption mechanism, each SP is independently operated and does not influence each other, the invention shares the workload of only one SP before by utilizing a plurality of SPs, and can effectively avoid the SP becoming the bottleneck and security loophole of the system; in addition, the present invention achieves a means to prevent user collusion by assigning a global identity GID to each user in the system using FIP, which must be fully trusted in the present system because FIP is uniquely present and owns the GID of all users in the system.
In addition, in the invention, the private key of the user is divided into a user global private key and a user attribute private key by using a key separation technology, wherein the user global private key is owned by the user only, the user attribute private key is divided into two parts, one part is stored by the user, and the other part is stored by the SN; therefore, in the invention, each of the three entities of the user, the SP and the SN has no capacity of completely decrypting the ciphertext, when the user needs to decrypt the ciphertext, the user can correctly decrypt the ciphertext under the assistance of the SN, and the SN can help the user to decrypt the ciphertext only when the attribute of the user meets the access structure in the ciphertext, so that the data access mode strengthens the safety of the system to a certain extent. In addition, the invention not only can realize the safe privacy protection of data in a distributed environment, but also can realize the effective and quick proceeding of data access, entrust the process of partially decrypting the ciphertext to the SN, and because the SN only has partial attribute private keys of users, the SN can only partially decrypt the ciphertext, thereby not only improving the decryption efficiency, but also ensuring the safety of the system.
The invention designs a novel method for entrusting the user attribute key. In the system, the attributes of the users are arranged in a layered mode, SP and FIP only need to distribute keys to upper layer users, when other lower layer users want to access data in SN, the lower layer users need to make key requests to the upper layer users, at this time, the upper layer users can request help of the SN, under the assistance of the two, the lower layer users can obtain a new attribute private key, and the SN can also generate and store a new attribute private key for the lower layer users; therefore, the key delegation method in the invention is controlled, which not only can prevent the misuse of the user key delegation, but also can make the key delegation work more safe and reliable by the cooperation of the user and the SN because the SN is not completely trusted.
Drawings
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be further described in detail with reference to the accompanying drawings, in which:
FIG. 1 is a system model;
wherein: (1) registering a user; (2) distributing a global private key and a certificate to a user; (3) sending an attribute key request; (4) distributing the attribute key; (5) uploading the ciphertext; (6) sending an access request; (7) providing a decryption token; (8) requesting a key delegate; (9) key delegation; (10) sending a key token;
FIG. 2 is a block flow diagram of the present invention;
FIG. 3 is a block diagram of a system initialization process;
FIG. 4 is a block diagram of a data encryption flow;
FIG. 5 is a block diagram of a user key generation flow;
FIG. 6 is a block diagram of the access data flow;
fig. 7 is a block diagram of a key delegation process.
Detailed Description
So that the preferred embodiments of the present invention will be described in detail, with reference to the accompanying drawings.
The distributed cross-domain authorization and access control method based on the attribute password provided by the invention is shown in figure 2 and comprises the following steps:
s1: and (3) system initialization generation: system public parameters, public/private key pairs of Service Providers (SPs) and public/private key pairs of attributes, public/private key pairs of Identity federation Providers (FIP);
further, referring to fig. 3, the step S1 includes the following steps:
s11: identity federation provider FIP initialization: inputting security parameters and generating public/private key pairs of system public parameters and identity alliance suppliers, comprising:
s111: a safety parameter lambda is input and,
s112: generating a system common parameter PP, wherein the system common parameter comprises two bilinear groups G with order p1And G2Wherein G is G1Generator of (2) and bilinear map e: G1×G1→G2;
S113: FIP public/private key pair (sk)FIP,pkFIP);
S12: service provider SPs initialization, including:
s121: each service provider SP receives the system common parameters G, G from the FIP1,G2E (g, g) } and the public key pk of FIPFIP;
S122, each service provider SP selects three random numbers αk,βk,γk∈ZpThe private key as the attribute tree is { αk,βk,γkAnd then generating a public key for the attribute treeIn addition, for the attribute tree managed by the SP, the SP additionally selects a random number vk∈ZpAnd define hk,1,hk,2,…,hk,L∈ G, where L is the height of the attribute tree, and vk,hk,1,hk,2,…,hk,LAre all disclosed.
S2: data encryption: the data owner encrypts the data and stores the encrypted data on the service node;
further, referring to fig. 4, the step S2 includes the following steps:
s21: the data owner receives the system common parameters G, G from FIP and SP, respectively1,G2E (g, g) } and public key of attribute
S22: for a message M to be encrypted, the data owner defines an access structure a for the data, denoted (M, ρ, τ) based on a global attribute set S, where M is an access matrix of l rows and n columns, and the function ρ (i) maps the ith row of the matrix M to an attribute vector in SFunction(s)Representing attribute vectorsMapping to attribute tree τ;
s23: data owner from integer ZpSelecting random number s and random arrayAnd let s be a vectorThe first element of (a);
s25: selecting a random number ri∈Zp,i∈{1,2,...,l};
S26: encrypt the message m, output the ciphertext CT as
Wherein R isARepresenting the set of attributes in access structure A;
s27: the data owner stores the ciphertext CT on the SN.
S3: user registration and key generation: requesting registration, allocating a Global Identifier (GID) to the FIP, and distributing a signed attribute certificate and a Global private key to the user, wherein the SPs distribute a corresponding attribute private key to the user based on the attribute certificate of the user, and the attribute private key is divided into two parts, one part is sent to the user, and the other part is sent to the service node;
further, referring to fig. 5, the step S3 includes the following steps:
s31: a user requests to join the system and submits identity information to an identity alliance provider (FIP) for registration;
s32: the FIP firstly authenticates the user;
s33: if the user is legal, a GID is allocated to the user and a random number u is selectedGID∈ZpAs a user global private key UGSKGIDThen generating a user global public keyThe FIP then uses the private key skFIPGenerating certificatesWherein ALGIDA list of attributes representing the user; FIP handle UGSKGIDAnd certificate AcertGIDSimultaneously sending the data to the user; if the user is illegal, refusing the user to join the system;
s34: when the user receives the certificate and the global private key sent by the identity alliance provider FIP, the certificate is sent to the related service provider SPs;
s35: when service provider SPs receive the certificate AcertGIDLater, SPs use the public key pk of FIPFIPAuthentication certificate AcertGID
S36: the service provider SPs verifies whether the global identity GID of the user belongs to a User Revocation List (URL); if it isThe service provider SPs generates two shares of the attribute private key UASK to the user based on the user's attribute listGID,1And UASKGID,2If GID ∈ URL, service provider SPs terminate operation;
s37: SPs then lists AL according to the user's attributesGIDAnd generating an attribute private key corresponding to the attribute private key for the user as follows:
wherein S37 includes the following steps:
S4: accessing data: the user submits a data access request to the service node SN, if and only if the attribute set of the user meets the access structure in the ciphertext, the ciphertext is decrypted by the user and the service node in a combined manner, and the service node bears part of decryption calculation tasks, so that the burden of a terminal user is reduced;
further, referring to fig. 6, the step S4 includes the following steps:
s41: a user with a global identity GID sends a data access request to a service node SN and sends a certificate of the user to the service node SN;
s42: the service node SN verifies the certificate using the public key of the identity federation provider FIP and verifies whether the global identity GID of the user belongs to a User Revocation List (URL);
s44: service node SN retrieves user's attribute private key UASKGID;
S45: service node SN uses attribute private key UASK of userGID,1Decrypting the ciphertext and generating a decryption token DT;
wherein, S45 includes the following steps:
s451: : order toAnd I ═ I:ρ (I) ∈ RAIn which R isAAnd representing the attribute vector set corresponding to the access structure A. If according to the access matrix M, { λi}i∈IIs an efficient share of the encryption index s, then there is a recovery coefficient { wi∈Zp}i∈ICapable of reconstructing an encryption index ofFirst, the service node SN acquires the recovery coefficient wi∈Zp}i∈I;
S452: the SN then computes the decryption token DT:
s46: the service node SN sends the decryption token DT and the ciphertext to the user;
s47: finally, the user uses the attribute private key UGSKGID,2And the decryption token DT decrypts the ciphertext, if the attribute of the user meets the access structure in the ciphertext, the user successfully decrypts,
the end user obtains the data m ═ C0(ii)/M'; if not, the decryption fails.
S5: user attribute key delegation: only in the case of cooperation between the user and the service node SN, i.e. under the control of the service node, the superior user can generate an attribute key for the subordinate user, enabling secure key delegation.
Further, referring to fig. 7, the step S5 includes the following steps:
s51: a lower layer user with a global identity GID' requests a entrusting secret key from an upper layer user with the global identity GID;
s52, the upper layer user with the global identity GID randomly selects two random numbers u, t ∈ ZpThen user GID calculates UGSK(GID,2)={K′(x,2),K′(x,d+2),…,K′(x,L)Therein of
S54: upper layer user sets attribute key UASKGID',2Entrusted to user GID';
s55: the upper layer user sends a key entrusting request to the service node SN and sends a key token KT to the service node SN;
s56: the service node SN firstly detects whether the user is legal or not according to the key token KT sent by the user;
s57: if the key is legal, executing a key delegation request; if not, rejecting the key delegation request;
Finally, it is noted that the above preferred examples are only intended to illustrate the technical solutions of the present invention, and not to limit the same, and that various changes in form and details may be made therein by those skilled in the art according to the above technical solutions, but all such changes should be included in the scope of the claims of the present invention.
Claims (4)
1. A distributed cross-domain authorization and access control method based on attribute password is characterized in that: comprises the following steps
S1: initializing a system: generating a system public parameter, a public/private key pair of a service provider SPs, a public/private key pair of an attribute and a public/private key pair of an identity alliance provider FIP;
s2: data encryption: the data owner encrypts the data and stores the encrypted data on the service node SN;
s3: user registration and key generation: requesting registration, allocating a Global Identity (GID) by an identity alliance provider (FIP), and distributing a signed attribute certificate and a global private key to the user, wherein a Service Provider (SPs) distributes a corresponding attribute private key to the Service Provider (SPs) based on the attribute certificate of the user, the attribute private key is divided into two parts, one part is sent to the user, and the other part is sent to a service node;
s4: accessing data: the user submits a data access request to the service node SN, if and only if the attribute set of the user meets the access structure in the ciphertext, the ciphertext is decrypted by the user and the service node in a combined manner, and the service node bears part of decryption calculation tasks, so that the burden of a terminal user is reduced;
the step S4 includes the following steps:
s41: a user with a global identity GID sends a data access request to a service node SN and sends a certificate of the user to the service node SN;
s42: the service node SN uses the public key of the identity alliance supplier FIP to verify the certificate and verifies whether the global identity GID of the user belongs to the user revocation list URL;
s44: service node SN retrieves user's attribute private key UASKGID,1;
S45: the service node SN uses the attribute private key of the user to pre-decrypt the ciphertext and generates a decryption token DT;
wherein S45 includes the following steps:
s451: order toAnd I ═ I:ρ (I) ∈ RAWhere i denotes the ith row of the matrix M, ρ (i) denotes the attribute corresponding to the ith row, and RAThe attribute vector set corresponding to the access structure A is shown, if according to the access matrix M, { lambda }i}i∈IIs an efficient share of the encryption index s, then there is a recovery coefficient { wi∈Zp}i∈ICapable of reconstructing an encryption index ofFirst, the service node SN acquires the recovery coefficient wi∈Zp}i∈I;
S452: then the service node SN calculates a decryption token DT;
s46: the service node SN sends the decryption token DT to the user;
s47: finally, the user uses the attribute private key UASKGID,2And decrypting the ciphertext by the decryption token DT, and if the attribute of the user meets the access structure in the ciphertext, using the attributeThe user successfully decrypts; if not, the decryption fails;
s5: user attribute key delegation: only under the cooperation of the user and the service node SN, namely under the control of the service node, the superior user can generate an attribute key for the subordinate user, so that safe key delegation is realized;
the step S5 includes the following steps:
s51: a lower layer user with a global identity GID' requests a entrusting secret key from an upper layer user with the global identity GID;
s52: the upper layer user with the global identity GID calculates the UASKGID',2;
S53: the upper layer user calculates a key token KT;
s54: upper layer user sets attribute key UASKGID',2Entrusted to the lower layer user;
s55: the upper layer user sends a key entrusting request to the service node SN and sends a key token KT to the service node SN;
s56: the service node SN firstly detects whether the user is legal or not according to the key token KT sent by the user;
s57: if the key is legal, executing a key delegation request; if not, rejecting the key delegation request;
s58: the service node SN generates a corresponding attribute key UASKGID',2And stored on the service node SN.
2. The distributed cross-domain authorization and access control method based on the attribute password as claimed in claim 1, wherein: the step S1 includes the following steps:
s11: identity federation provider FIP initialization: inputting security parameters to generate public parameters of the system and public/private key pairs of identity alliance suppliers;
s12: service provider SPs initialization, including:
s121: each service provider SP receives the system public parameters and the public key of the FIP from the identity federation provider FIP;
s122: each service provider SP defines attributes, builds an attribute tree and generates public/private key pairs for the attributes it manages.
3. The distributed cross-domain authorization and access control method based on the attribute password as claimed in claim 1, wherein: the step S2 includes the following steps:
s21: the data owner receives the public key of the system public parameter and the attribute from the identity alliance supplier FIP and the service supplier respectively;
s22: for a message M to be encrypted, the data owner defines an access structure a for the data, denoted (M, ρ, τ) based on a global attribute set S, where M is an access matrix of l rows and n columns, and the function ρ (i) maps the ith row of the matrix M to an attribute vector in SFunction(s)Representing attribute vectorsMapping to attribute tree τ;
s23: data owner from integer ZpSelecting random number s and random arrayAnd let s be a vectorThe first element of Z;
s25: selecting a random number ri∈Zp,i∈{1,2,...,l};
S26: encrypting the message m and outputting a ciphertext CT;
s27: the data owner uploads the ciphertext CT to the service node.
4. The distributed cross-domain authorization and access control method based on the attribute password as claimed in claim 1, wherein: the step S3 includes the following steps:
s31: a user requests to join the system and submits identity information to an identity alliance provider (FIP) for registration;
s32: the FIP firstly authenticates the user;
s33: if the user is legal, distributing a global identity GID to the user, and distributing a certificate and a global private key to the user, wherein the certificate comprises the global identity GID of the user, an attribute list of the user and a global public key of the user, and the identity alliance provider FIP signs the certificate by using the private key and sends the certificate and the private key to the user in a safe mode; if the user is illegal, refusing the user to join the system;
s34: when the user receives the certificate and the global private key sent by the identity alliance provider FIP, the certificate is sent to the related service provider SPs;
s35: after receiving the user certificate, the service provider SPs verifies the certificate by using the public key of the identity alliance provider FIP;
s36: the service provider SPs verifies whether the global identity GID of the user belongs to the user revocation list URL; if it isThe service provider SPs generates two shares of the attribute private key UASK to the user based on the user's attribute listGID,1And UASKGID,2If GID ∈ URL, service provider SPs terminate operation;
s37: service provider SPs private key UASK attribute of userGID,1And UASKGID,2Respectively to the service node SN and the user.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711260376.6A CN108418784B (en) | 2017-12-04 | 2017-12-04 | Distributed cross-domain authorization and access control method based on attribute password |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711260376.6A CN108418784B (en) | 2017-12-04 | 2017-12-04 | Distributed cross-domain authorization and access control method based on attribute password |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108418784A CN108418784A (en) | 2018-08-17 |
CN108418784B true CN108418784B (en) | 2020-09-25 |
Family
ID=63125384
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711260376.6A Active CN108418784B (en) | 2017-12-04 | 2017-12-04 | Distributed cross-domain authorization and access control method based on attribute password |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108418784B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR3118382A1 (en) * | 2020-12-21 | 2022-06-24 | Commissariat A L'energie Atomique Et Aux Energies Alternatives | Method and device for enabling authorized and authenticated access for federated identities |
Families Citing this family (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108881314B (en) * | 2018-08-28 | 2021-02-02 | 南京邮电大学 | Privacy protection method and system based on CP-ABE ciphertext under fog computing environment |
CN109327309A (en) * | 2018-11-08 | 2019-02-12 | 北京中电华大电子设计有限责任公司 | A kind of domain traversal key management method based on IBC Yu PKI mixed system |
CN109728903B (en) * | 2018-12-22 | 2021-09-17 | 复旦大学 | Block chain weak center password authorization method using attribute password |
CN109936630B (en) * | 2019-02-27 | 2021-09-28 | 重庆邮电大学 | Distributed service access authorization and access control method based on attribute-based password |
CN109981263B (en) * | 2019-02-28 | 2021-10-26 | 复旦大学 | Distributed verifiable random number generation method based on CP-ABE |
GB2587404B (en) | 2019-09-27 | 2024-03-27 | Airbus Defence & Space Ltd | Encryption and verification method |
CN110781508B (en) * | 2019-10-25 | 2022-06-03 | 四川长虹电器股份有限公司 | Personal data hosting method based on block chain technology |
CN110933033B (en) * | 2019-10-27 | 2021-08-06 | 西安电子科技大学 | Cross-domain access control method for multiple Internet of things domains in smart city environment |
CN111107071B (en) * | 2019-12-10 | 2022-04-05 | 重庆邮电大学 | Electric vehicle charging service method capable of protecting privacy |
WO2021232193A1 (en) * | 2020-05-18 | 2021-11-25 | 深圳技术大学 | Cp-abe-based ciphertext search method, apparatus and device in fog computing, and storage medium |
CN113127927B (en) * | 2021-04-27 | 2022-03-18 | 泰山学院 | Attribute reconstruction encryption method and system for license chain data sharing and supervision |
CN113132117B (en) * | 2021-06-18 | 2021-08-24 | 国网电子商务有限公司 | Cross-domain distributed identity authentication method and system based on block chain |
CN115250205B (en) * | 2022-09-22 | 2023-01-24 | 湖北省楚天云有限公司 | Data sharing method and system based on alliance chain, electronic device and storage medium |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102916954A (en) * | 2012-10-15 | 2013-02-06 | 南京邮电大学 | Attribute-based encryption cloud computing safety access control method |
CN104901942A (en) * | 2015-03-10 | 2015-09-09 | 重庆邮电大学 | Distributed access control method for attribute-based encryption |
CN105592100A (en) * | 2016-01-26 | 2016-05-18 | 西安电子科技大学 | Government services cloud access control method based on attribute encryption |
CN105915333A (en) * | 2016-03-15 | 2016-08-31 | 南京邮电大学 | High-efficiency secret key distribution method based on attribute encryption |
CN105991278A (en) * | 2016-07-11 | 2016-10-05 | 河北省科学院应用数学研究所 | Ciphertext access control method based on CP-ABE (Ciphertext-Policy Attribute-Based Encryption) |
CN106850652A (en) * | 2017-02-21 | 2017-06-13 | 重庆邮电大学 | One kind arbitration can search for encryption method |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9705850B2 (en) * | 2013-03-15 | 2017-07-11 | Arizona Board Of Regents On Behalf Of Arizona State University | Enabling comparable data access control for lightweight mobile devices in clouds |
-
2017
- 2017-12-04 CN CN201711260376.6A patent/CN108418784B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102916954A (en) * | 2012-10-15 | 2013-02-06 | 南京邮电大学 | Attribute-based encryption cloud computing safety access control method |
CN104901942A (en) * | 2015-03-10 | 2015-09-09 | 重庆邮电大学 | Distributed access control method for attribute-based encryption |
CN105592100A (en) * | 2016-01-26 | 2016-05-18 | 西安电子科技大学 | Government services cloud access control method based on attribute encryption |
CN105915333A (en) * | 2016-03-15 | 2016-08-31 | 南京邮电大学 | High-efficiency secret key distribution method based on attribute encryption |
CN105991278A (en) * | 2016-07-11 | 2016-10-05 | 河北省科学院应用数学研究所 | Ciphertext access control method based on CP-ABE (Ciphertext-Policy Attribute-Based Encryption) |
CN106850652A (en) * | 2017-02-21 | 2017-06-13 | 重庆邮电大学 | One kind arbitration can search for encryption method |
Non-Patent Citations (2)
Title |
---|
Attribute-Based Access Control with Efficient Revocation in Data;Hur J et al;;《IEEE Transactions on Parallel & Distributed Systems》;20111231;第1214-1221页 * |
属性加密机制在大数据安全中的应用研究;王明昕;《中国优秀硕士学位论文全文数据库信息科技辑 (月刊 )》;20170315(第03期);I138-356 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR3118382A1 (en) * | 2020-12-21 | 2022-06-24 | Commissariat A L'energie Atomique Et Aux Energies Alternatives | Method and device for enabling authorized and authenticated access for federated identities |
Also Published As
Publication number | Publication date |
---|---|
CN108418784A (en) | 2018-08-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108418784B (en) | Distributed cross-domain authorization and access control method based on attribute password | |
CN110099043B (en) | Multi-authorization-center access control method supporting policy hiding and cloud storage system | |
Xue et al. | RAAC: Robust and auditable access control with multiple attribute authorities for public cloud storage | |
CN109559124B (en) | Cloud data security sharing method based on block chain | |
CN104901942B (en) | A kind of distributed access control method based on encryption attribute | |
CN106487506B (en) | Multi-mechanism KP-ABE method supporting pre-encryption and outsourcing decryption | |
CN106059763B (en) | The properties base multi-mechanism hierarchical Ciphertext policy weight encryption method of cloud environment | |
Swathy et al. | Providing advanced security mechanism for scalable data sharing in cloud storage | |
CN107465681B (en) | Cloud computing big data privacy protection method | |
CN113901512B (en) | Data sharing method and system | |
CN109936630B (en) | Distributed service access authorization and access control method based on attribute-based password | |
CN110933033A (en) | Cross-domain access control method for multiple Internet of things domains in smart city environment | |
CN109587115B (en) | Safe distribution and use method of data files | |
CN108429749B (en) | Outsourcing mandatory access control method based on hierarchical attribute encryption | |
Ramachandran et al. | Secure and efficient data forwarding in untrusted cloud environment | |
Chaudhari et al. | A review on attribute based encryption | |
Malarvizhi et al. | Secure file sharing using cryptographic techniques in cloud | |
Swetha et al. | Security on mobile cloud computing using cipher text policy and attribute based encryption scheme | |
Chennam et al. | Cloud security in crypt database server using fine grained access control | |
Imine et al. | ABR: A new efficient attribute based revocation on access control system | |
KR20230056777A (en) | Secure and Efficient Distribution of Cryptographic Keys | |
Feng et al. | Secure data sharing solution for mobile cloud storage | |
Vijayalakshmi et al. | An efficient security based multi owner data sharing for un-trusted groups using broadcast encryption techniques in cloud | |
Mishra et al. | Privacy preserving hierarchical content distribution in multiparty multilevel DRM | |
Malik et al. | Effective renewal and signing method to achieve secure storage and computation using hybrid RSA-MABC algorithm |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20240326 Address after: Room 801, 85 Kefeng Road, Huangpu District, Guangzhou City, Guangdong Province Patentee after: Guangzhou Dayu Chuangfu Technology Co.,Ltd. Country or region after: China Address before: 400065 Chongqing Nan'an District huangjuezhen pass Chongwen Road No. 2 Patentee before: CHONGQING University OF POSTS AND TELECOMMUNICATIONS Country or region before: China |