| The erosion of trust put in traditional database servers and in Database Service Providers and the growing interest for different forms of selective data dissemination are different factors that lead to move the access control from servers to clients.Different data encryption and key dissemination schemes have been proposed to serve this purpose.Based on the symmetric encryption and a public-key encryption based on elliptic curves,a hybrid encryption scheme was proposed in paper[5]to make the database field security classification possible and practical.In his constructions,the sensitive data-items of database are divided into multilevel security in accordance with their security demand,and the sensitive data at each level is encrypted by the symmetric encryption algorithm,then these different symmetric encryption keys are protected by the public-key encryption.Thus,allowing different privileges are exercised by different users on the same encrypted content.However,the server has to store two values(C1(i),C2(i)) for every user Ui in order to derive the symmetric encryption keys for Ui's authorization data-items.In this thesis,a new database hybrid encryption scheme comprising of both identity authentication and encryption technology is presented.Our constructions derive from a novel application of paper[5]'s scheme,and can significantly decrease the space cost by using the following strategy.In order to make every user Ui to derive the symmetric encryption keys for his/her authorization data-items,the server only stores the value C2(i).Moreover,an identity authentication protocol concerned with verifying proof of an asserted identity is designed,whose security is based on solving the elliptic curve discrete logarithm problem. |
PDF Full Text Request