| In outsourced databases model, the third-party server may not be completely trusted. One of the challenges that the outsourced database faces is its security issue. Data security and data privacy are protected in the access control mechanism of outsourced database. Therefore, access control techniques in outsourced databases have very broad application prospects and research significance.With respect to access control techniques in outsourced databases, this paper has done the following works.Firstly, we introduced Liu et al's scheme base on a key-assignment approach by using linear equation in two unknowns, Liu et al's scheme is analyzed and a security flaw is pointed out,that is, authorized users can easy authorized other non-authorized user to access to resource. With analyze Liu et al's scheme, we present a novel solution to the enforcement of access control and the management of its evolution. To adapt to access policy changes taking over-encryption for the outsourced databases, an improved scheme that can derive the encryption key by using linear equation in two unknowns is proposed. An authentication strategy that can effectively improve the efficiency of accessing to different resources is proposed. Security analysis and experimental analysis show that our approach is not only to overcome the flaws of the original program but also to adapt to dynamic changes. Our approach that can easily and efficiently add new users and revoke users is safe and effective.In the windows operating system, an access control model system of outsourced database base on B/S structure is implemented in using of Java and C++. Experimental analysis shows that our approach is a safe and efficient access control scheme. |
PDF Full Text Request