| With the rapid development of the Internet today,the demand for data downloading and sharing has grown tremendously.However,there are concerns about data security and privacy leakage behind the growth.Especially in recent years,network fraud and privacy leakage have been common,and data security and privacy leakage have become problems that need to be solved urgently.In addition,the rapid development of cloud storage technology has become the mainstream storage platform in today's society.Unfortunately,the cloud server is an untrusted service provider,which also has the risk of privacy leakage and data falsification.Authentication technology based on attribute encryption has become a hot research topic for its protection of user's privacy,legal identity and data security.But as the number of attributes in the system continues to increase,the computational burden of the traditional single-center encryption system will also become heavier.At the same time,there are also problems such as excessive single-center power,abuse of power by key escrow agents,and disclosure of escrow keys.This thesis focuses on these issues,and makes the contributions as follows:Firstly,a multi-authority access control scheme for dual anonymous authentication in personal health records is constructed.Personal health records serve doctors and patients,and contain patients' private information.Aiming at the potential leakage of personal privacy and the tampering of medical data,a multi-authority access control solution that can achieve dual anonymous authentication is proposed.In this solution,a multi-authority attribute-based encryption is used to encrypt personal health records and the encrypted personal health records are uploaded to the cloud.The multi-center system solves the problem of excessive power and burden of a single center,abuse of power by key escrow agents,and leakage of escrow keys and other issues.In view of the privacy leakage problem that may occur during the interaction between the cloud server and the user,a double anonymous authentication protocol has been added to the interaction between the cloud server and the user.This protocol not only ensures the integrity and unforgeability of the ciphertext,but also verifies the legitimacy of the user's identity under the premise of hiding the user's identity information.The security of the scheme is proved under the PBDHEq-assumption and the CDHEq-assumption.In order to improve the efficiency of the algorithm,the scheme uses offline-online technology and outsourced decryption technology.Efficiency analysis shows that this scheme has obvious advantages in encryption and decryption over existing schemes.Secondly,a decentralized access control scheme for data security sharing in the smart grid is constructed.In view of the high computational pressure of authorities,the risk of leakage of user's privacy,and low computational efficiency in the smart grid,attribute-based access control is introduced into the data sharing and exchange system of smart grid to construct a decentralized access control scheme.This solution solves the problem that the single center has excessive computing pressure and excessive power in the existing solutions.At the same time,the attribute-based signcryption technology is used to solve the confidentiality and unforgeability of user's data.In addition,the solution supports large attribute sets and user efficient cancellation function and uses outsourcing signcryption and outsourcing unsigncryption to reduce computational burden.The security of the solution is based on the PBDHEq-assumption and the CDHEq-assumption.Security analysis and performance analysis show that this scheme has significantly improved security and efficiency compared with existing schemes. |
PDF Full Text Request