Research On 5G Network Oriented Secure Data Access Control Algorithms

The fifth generation(5G)communication technology has been developing rapidly in recent years.In 5G network,the application of device to device(D2D)communication alleviates the communication pressure of 5G base stations and improves the spectrum capacity of communication system.The development of Io T promotes the application of 5G network.However,there are some security problems in D2 D communication and Io T communication.In the 5G network D2 D communication,it is difficult to guarantee the data cofidentialily and achieve fine-grained access control.Although Attribute based encryption(ABE)algorithm can be adopted to ensure the confidentiality of D2 D communication and achieve fine-grained access control,the current ABE algorithms in D2 D communication cannot realize dynamic user management,cannot resist network collusion attack,and cannot realize secure attribute revocation.Also,in the current 5G Io T environment,the data confidentiality is difficult to be guaranteed,the effective supervision of Io T devices cannot be realized,the computation overhead of Io T devices is too large,network collusion attack cannot be resisted and secure attribute revocation cannot be realized.In order to solve the above theoretical and technical security problems in 5G network,we do the research on 5G network oriented secure data access control algorithms.By applying attribute based encryption,the data confidentiality of D2 D communication and Io T communication,secure attribute revocation and collusion attack resistance are guaranteed.Also,we combine cloud computing environment and fog computing environment together to improve the computing ability of Io T system and the supervision of Io T devices.The main contributions of this thesis are as follows.Firstly,we propose a novel dynamic anti-collusion ciphertext policy attribute based encryption(NDA-CP-ABE)scheme for 5G D2 D environment.The NDA-CP-ABE scheme can realize secure data sharing in 5G D2 D environment.We construct a 5G D2 D communication system and use CP-ABE algorithm to protect the data confidentiality.Only if user with sufficient attributes meets the access policy defined by data owner,can the user decrypt ciphertext.Our NDA-CP-ABE scheme can achieve secure attribute revocation in 5G D2 D environment.When the attribute of the device is revoked,the algorithm only needs to update the attribute keys of other related user devices to control the access rights.The revoked user devices can no longer decrypt the ciphertext.We also achieve dynamic and efficient user management.We use polynomial algorithm to encrypt the data.When a user device loses the access to data,the algorithm can dynamically remove it from the system without updating the relevant attribute keys of other user devices.When a new user device obtains access to the system,the algorithm can assign the new user device access permission to the ciphertext without updating the relevant attribute keys of the existing user device.Finally,our scheme can resist collusion attacks among legitimate users,revoked users and external network attackers in5 G D2D environment.Secondly,we propose an encryption scheme(SID-ABE)for Io T device supervision in cloud computing environment and fog computing environment.We combine cloud computing environment and fog computing environment to realize secure data sharing in 5G cloud computing and fog computing environment.In our SID-ABE scheme,we let the fog nodes undertake most of the computing operations which reduce the computing overhead of Io T devices.The SID-ABE scheme adopts ABE algorithm to protect the data confidentiality and realize attribute revocation of fog nodes and users.In addition,our SID-ABE scheme can realize the supervision of Io T devices by fog nodes.The data sent or received by Io T devices are encrypted with the lightweight symmetric key shared between the fog node and Io T devices.The fog nodes are responsible to check whether the data received or sent by Io T devices are secure.Finally,our SID-ABE scheme can resist collusion attacks among users,fog nodes and external network attackers.Finally,in order to solve the limitation of attribute management for single attribute authority in 5G network,we adopt the multi-authority management to solve the problem in Io T confidentiality,Io T supervision,secure attribute revocation and Io T device computation overhead.We propose a multi-authority attribute based encryption algorithm with Io T device supervision in cloud and fog environment(MA-SID-ABE).Based on the cloud and fog environment,the MA-SID-ABE scheme improves the management ability and uses multiauthority on the basis of single authority scheme.The MA-SID-ABE scheme also realizes the revocation of Io T deviecs and users.This scheme realizes the supervision of Io T equipment,especially the Io T equipment under different attribute authorities of different regions.In addition,in our MA-SID-ABE scheme,fog nodes undertake the encryption and decryption task of ABE algorithm,and greatly reduce the computation overhead of Io T devices.Finally,our MA-SID-ABE scheme can resist collusion attacks among users,fog nodes and external network attackers.