云环境下数据访问控制与隐私保护技术
摘 要
随着云计算技术的快速发展,数据存储与共享逐渐向云端迁移,如何在开放环境中实现细粒度的数据访问控制与隐私保护成为亟待解决的关键问题。本研究针对云环境下数据安全面临的挑战,提出了一种基于属性加密和区块链技术的新型访问控制方案。该方案首先构建了多授权中心的属性基加密框架,通过引入分布式密钥生成机制有效解决了传统单授权中心存在的信任瓶颈问题;其次设计了基于智能合约的访问策略管理模型,利用区块链的不可篡改性实现了访问策略的透明化存储与验证;最后提出了支持动态更新的密文重加密算法,在保证数据机密性的同时提高了系统的灵活性。实验结果表明,所提方案在安全性、效率和可扩展性方面均优于现有方法,能够有效抵御共谋攻击和中间人攻击等安全威胁。
关键词:属性基加密;区块链;访问控制
DATA ACCESS CONTROL AND PRIVACY PROTECTION TECHNOLOGY IN THE CLOUD ENVIRONMENT
ABSTRACT
With the rapid development of cloud computing technology, data storage and sharing are gradually migrated to the cloud. How to achieve fine-grained data access control and privacy protection in an open environment has become a key problem to be solved. Aiming at the challenges of data security in the cloud environment, this study proposes a new access control scheme based on attribute encryption and blockchain technology. Firstly, it constructs the attribute-based encryption fr amework of multi-authorization center, effectively solves the trust bottleneck of the traditional single authorization center by introducing the distributed key generation mechanism; secondly, designs the access strategy management model based on smart contract, and realizes the transparent storage and verification of the access strategy; finally, the ciphtext re-encryption algorithm supports dynamic update, which ensures the confidentiality of data, and improves the flexibility of the system. The experimental results show that the proposed scheme is better than the existing methods in terms of security, efficiency and scalability, and can effectively resist the security threats such as collusion attack and middleman attack.
KEY WORDS:Attribute-base encryption; blockchain; access control
目 录
摘 要 I
ABSTRACT II
第1章 绪论 1
1.1 研究背景及意义 1
1.2 研究现状分析 1
第2章 云环境下的数据访问控制机制 3
2.1 基于属性的访问控制模型 3
2.2 动态访问控制策略研究 3
2.3 多租户环境下的访问控制优化 4
第3章 云数据隐私保护关键技术 5
3.1 同态加密在云存储中的应用 5
3.2 差分隐私保护机制研究 5
3.3 数据脱敏与匿名化技术分析 5
第4章 云环境安全防护体系构建 7
4.1 多层次安全防护架构设计 7
4.2 实时监控与异常检测机制 7
4.3 安全评估与风险预警系统 7
第5章 结论 9
参考文献 10
致 谢 11
摘 要
随着云计算技术的快速发展,数据存储与共享逐渐向云端迁移,如何在开放环境中实现细粒度的数据访问控制与隐私保护成为亟待解决的关键问题。本研究针对云环境下数据安全面临的挑战,提出了一种基于属性加密和区块链技术的新型访问控制方案。该方案首先构建了多授权中心的属性基加密框架,通过引入分布式密钥生成机制有效解决了传统单授权中心存在的信任瓶颈问题;其次设计了基于智能合约的访问策略管理模型,利用区块链的不可篡改性实现了访问策略的透明化存储与验证;最后提出了支持动态更新的密文重加密算法,在保证数据机密性的同时提高了系统的灵活性。实验结果表明,所提方案在安全性、效率和可扩展性方面均优于现有方法,能够有效抵御共谋攻击和中间人攻击等安全威胁。
关键词:属性基加密;区块链;访问控制
DATA ACCESS CONTROL AND PRIVACY PROTECTION TECHNOLOGY IN THE CLOUD ENVIRONMENT
ABSTRACT
With the rapid development of cloud computing technology, data storage and sharing are gradually migrated to the cloud. How to achieve fine-grained data access control and privacy protection in an open environment has become a key problem to be solved. Aiming at the challenges of data security in the cloud environment, this study proposes a new access control scheme based on attribute encryption and blockchain technology. Firstly, it constructs the attribute-based encryption fr amework of multi-authorization center, effectively solves the trust bottleneck of the traditional single authorization center by introducing the distributed key generation mechanism; secondly, designs the access strategy management model based on smart contract, and realizes the transparent storage and verification of the access strategy; finally, the ciphtext re-encryption algorithm supports dynamic update, which ensures the confidentiality of data, and improves the flexibility of the system. The experimental results show that the proposed scheme is better than the existing methods in terms of security, efficiency and scalability, and can effectively resist the security threats such as collusion attack and middleman attack.
KEY WORDS:Attribute-base encryption; blockchain; access control
目 录
摘 要 I
ABSTRACT II
第1章 绪论 1
1.1 研究背景及意义 1
1.2 研究现状分析 1
第2章 云环境下的数据访问控制机制 3
2.1 基于属性的访问控制模型 3
2.2 动态访问控制策略研究 3
2.3 多租户环境下的访问控制优化 4
第3章 云数据隐私保护关键技术 5
3.1 同态加密在云存储中的应用 5
3.2 差分隐私保护机制研究 5
3.3 数据脱敏与匿名化技术分析 5
第4章 云环境安全防护体系构建 7
4.1 多层次安全防护架构设计 7
4.2 实时监控与异常检测机制 7
4.3 安全评估与风险预警系统 7
第5章 结论 9
参考文献 10
致 谢 11
