一种全生命周期可控的公共数据共享方案
A Lifecycle-Manageable Public Data Sharing Scheme
吕秋云 1周凌飞 2任一支 2周士飞 3盛春杰3
作者信息
- 1. 杭州电子科技大学网络空间安全学院,杭州 310018;杭州电子科技大学平湖数字技术创新研究院,平湖 314299
- 2. 杭州电子科技大学网络空间安全学院,杭州 310018
- 3. 浙江省嘉兴市平湖市数据局,平湖 314200
- 折叠
摘要
公共数据作为数据要素将极大赋能政府公共服务和社会治理,然而,频繁爆发的数据泄露事件严重阻碍了公共数据共享的进程.虽然现有的属性基加密方案能够实现公共数据的安全访问,但存在授权管理低效、共享后难以管控等问题,不适合现有的公共数据共享模式.为此,文章提出了一种全生命周期可控的公共数据共享方案.该方案设计了一种数据胶囊封装方法,将共享的公共数据与访问授权策略进行深度绑定,并构建了共享数据多方参与的分层授权、全生命周期感知的访问管控方式.安全性分析以及实验仿真表明,该方案实现了公共数据共享的全生命周期可控,开销较小,符合现实需求.
Abstract
Public data as a data element can significantly empower government public services and social governance.However,frequent data breaches severely hinder the progress of public data sharing.Existing attribute-based encryption schemes,while enabling secure access to public data,suffer from inefficiencies in authorization management and difficulties in control after sharing,making them unsuitable for current public data sharing models.Therefore,this paper proposed a public data sharing scheme that was controllable throughout the entire lifecycle.The scheme began with a data capsule encapsulation method that deeply bound shared public data with access authorization policies;it then constructed a multi-party,layered authorization and lifecycle-aware access control method for the shared data.Security and experimental simulation analyses demonstrate that the scheme achieves controllable public data sharing throughout its entire lifecycle,with minimal overhead and meeting practical needs.
关键词
数据胶囊/数据共享/访问控制/区块链Key words
data capsule/data sharing/access control/blockchain引用本文复制引用
出版年
2024
NETL
NSTL
万方数据