| With the rapid development of the times,the fifth generation of mobile communication technology has gradually come into commercial use,and the use of the IoT has been continuously brought into reality.More and more data needs to be processed at various stages in production.The pure cloud computing model can not meet the current information business needs.In the past few years,fog computing has developed from conception to gradual improvement,and today it has become a mature edge computing model.Unlike cloud computing,which is far from the end user in the network,the fog computing platform is more close to the edge devices of the end user.Therefore,compared with cloud computing,the fog computing network has lower latency and more suitable for the application with high real-time requirements.Although it can make up for some shortcomings of the cloud computing,the fog computing also have many problems in practical use.For example,a valid user take control of data resources in an open fog environment is one of the difficulties.In the access period,how to expand the access structure without restriction,and at the same time ensure the integrity of the original data is not destroyed,to achieve the purpose of expanding data sharing effectively;In the stage of formulating the access structure,how to completely hide the access structure to achieve a higher privacy protection for the data and users is the crucial problem that needs to be resolved in the access control in the fog computingBecause of the above problems faced by secure access control technology in the fog computing,the main tasks of this paper will be divided into two partsFirstly,in order to provide users with more timely and flexible access control options when expanding the access structure,this paper proposes an expandable access control scheme for fog computing.This scheme uses Linear Secret Sharing Schemes(LSSS)as the access structure to implement attribute-based access control.It uses fog nodes as edge service nodes,and the decryption and extension operations in access control are reasonably allocated to reduce the computation costs of the end user in the access control.The access structure is extensible,it can add new legal members to form a new access structure on the basis of maintaining the original access structure.At the same time,it can also detect whether the original data has been tampered by the visiting user when uploading the new access structure,and also achieve the integrity protection of the original data.The analysis of the scheme process and experimental data prove that this scheme can effectively reduce the end user's computing overhead,and at the same time achieve the expansion of the access control structure and data integrity detection in the fog computingSecondly,in terms of hidden access structure,in order to better realize the protection of data security and user's privacy,this paper proposes an access control hiding scheme for fog computing This solution introduces a cuckoo filter algorithm in the fog node to hide the mapping function in the access structure.The fog node is taken as the edge service node,and store the hidden access structure in it.During the decryption process,it confirmed whether the user's attribute exists in the access structure.The access structure is concealable,which can completely hide the access structure,avoid the leakage of data and user's privacy in the system.What's more,the low latency of the fog node can be used to reduce unnecessary time loss during the user's communication.The analysis of the scheme process and experimental data prove that this scheme can completely hide the access structure in the fog computing and quickly detect the user's attributes. |
PDF Full Text Request