计算机技术与发展2024,Vol.34Issue(1) :91-98.DOI:10.3969/j.issn.1673-629X.2024.01.014

基于多机构属性加密的云数据确定性删除方案

Assured Data Deletion with Multi-authority Attribute-based Encryption for Cloud Data

江艳惠 胡学先 陈越 郝增航
计算机技术与发展2024,Vol.34Issue(1) :91-98.DOI:10.3969/j.issn.1673-629X.2024.01.014
  • 国家科技期刊平台
  • NETL
  • NSTL
  • 维普
  • 万方数据

基于多机构属性加密的云数据确定性删除方案

Assured Data Deletion with Multi-authority Attribute-based Encryption for Cloud Data

江艳惠 1胡学先 2陈越 2郝增航2
扫码查看

作者信息

  • 1. 郑州大学 网络空间安全学院,河南 郑州 450002;中国人民解放军战略支援部队信息工程大学,河南 郑州 450001
  • 2. 中国人民解放军战略支援部队信息工程大学,河南 郑州 450001
  • 折叠

摘要

云存储服务的使用越来越普遍,但是将大量数据存储在第三方云服务器中,给用户带来便利的同时也提出了更高的安全要求.由于云存储服务是半可信的,使得如何确定性删除云存储数据成为需要解决的问题.目前,云存储数据的确定性删除的相关研究大多基于单机构管理属性的属性基加密,该类方案虽然满足云数据的细粒度访问控制,但容易引起单点故障等问题.因此,提出一种基于多机构属性基加密的云存储数据确定性删除方案.将多机构属性基加密应用于该方案,不仅支持有多个机构管理属性时对云存储数据的安全删除,并实现了云数据的细粒度访问.此外,该方案通过利用策略隐藏保护存储在云服务器中的访问策略的隐私.最后,通过撤销属性改变密文实现云数据删除,并通过区块链存储删除证明实现删除结果公开可验证和责任可追溯.实验仿真和对比分析表明,该方案在云存储数据删除方面具有较高的安全性,为云储存数据的删除提供一种实用方案.

Abstract

The use of cloud storage services is becoming more and more common,but a large amount of data is saved in the third-party cloud server,which brings convenience to users but also puts forward higher security requirements.Since the cloud storage service is semi-trusted,how to delete cloud storage data deterministically becomes a problem that needs to be solved.At present,most of the research on assured deletion of cloud storage data is based on attribute-based encryption of single authority management attributes.Although this kind of solution meets the fine-grained access control of cloud data,it is easy to cause single point of failure and other problems.Therefore,,we propose a cloud storage data assured deletion scheme based on multi-authority attribute-based encryption.The application of multi-authority attribute-based encryption in this scheme not only supports the secure deletion of cloud storage data when there are multiple authority to manage attributes,but also realizes fine-grained access to cloud data.In addition,this scheme protects the privacy of access policies stored in the cloud server by using policy hiding.Finally,cloud data deletion is realized by changing the ciphertext through revocation attributes,and the deletion result is publicly verifiable and responsibility traceable through the blockchain storage deletion proof.Experimental simulation and comparative analysis show that the proposed scheme has high security in cloud storage data deletion,and provides a practical scheme for cloud storage data deletion.

关键词

云存储/确定性删除/多机构属性基加密/区块链/策略隐藏

Key words

cloud storage/assured deletion/multi-authority attribute-based encryption/blockchain/policy hidden

引用本文复制引用

基金项目

国家自然科学基金资助项目(62172433)

出版年

2024
计算机技术与发展
陕西省计算机学会

计算机技术与发展

CSTPCD
影响因子:0.621
ISSN:1673-629X
参考文献量4
段落导航相关论文