簡易檢索 / 詳目顯示
| 研究生: |
郭韋逸 Kuo, Wei-Yi |
|---|---|
| 論文名稱: |
3LSAA:一種基於零知識在不受信任的環境下保證安全且保護隱私的數據共享方法 3LSAA: A Secure And Privacy-preserving Zero-knowledge-based Data-sharing Approach Under An Untrusted Environment |
| 指導教授: |
蔡仁松
Tsay, Ren-Song |
| 口試委員: |
黃之浩
Huang, Chih-Hao 蘇培陞 Su, Pei-sheng |
| 學位類別: |
碩士 Master |
| 系所名稱: |
電機資訊學院 - 電機工程學系 Department of Electrical Engineering |
| 論文出版年: | 2021 |
| 畢業學年度: | 109 |
| 語文別: | 英文 |
| 論文頁數: | 26 |
| 中文關鍵詞: | 加密搜尋 、基於屬性加密 、資料分享 、本地密鑰回復 |
| 外文關鍵詞: | Searchable encryption, Attribute-based encryption, Data-sharing, Local Key Recovery |
| 相關次數: | 點閱:1 下載:0 |
| 分享至: |
| 查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
收集和分析所有者的資料成為許多雲服務的關鍵業務,因此和同意授權的資料所有者進行適當的資料共享成為必然的趨勢。然而,傳統的通過中心化資料託管伺服器的資料共享方法可能會犧牲所有者的資料隱私且資料安全性較弱。主要是託管中心實際將所有資料存在自己的伺服器上,而原始資料的所有者只剩下虛擬的資料所有權,失去了對資料確實訪問控制權。因此,基於伺服器「誠實但好奇」的不可信假設,我們提出了一種基於3層 SSE-ABE-AES (3LSAA) 密碼學的隱私保護資料共享協議。即使託管中心不可信,3LSAA協議讓所有者實現了對託管中心資料自動訪問控制管理和方便的文件搜索。除了實現資料自主權外,我們的方法還提高了系統可用性,消除了傳統SSE和ABE方法的缺陷,並為用戶的可用性提供了本地AES密鑰恢復方法。
As data collection and analysis become critical functions for many cloud applications, proper data sharing with approved parties is required. However, the traditional data sharing scheme through centralized data escrow servers may sacrifice owners' privacy and is weak in security. Mainly, the servers physically own all data while the original data owners have only virtual ownership and lose actual access control. Therefore, we propose a 3-layer SSE-ABE-AES (3LSAA) cryptography-based privacy-protected data-sharing protocol based on the assumption that servers are honest-but-curious. The 3LSAA protocol realizes automatic access control management and convenient file search even if the server is not trustable. Besides achieving data self-sovereignty, our approach also improves system usability, eliminates the defects in the traditional SSE and ABE approaches, and provides a local AES key recovery method for user’s availability.
[1] Popa, Raluca A., and Nickolai Zeldovich. "Multi-Key Searchable Encryption." IACR Cryptology ePrint Archive 2013 (2013): 508.
[2] Cui, Baojiang, Zheli Liu, and Lingyu Wang. "Key-aggregate searchable encryption (KASE) for group data sharing via cloud storage." IEEE Transactions on computers 65.8 (2015): 2374-2385.
[3] Bethencourt, John, Amit Sahai, and Brent Waters. "Ciphertext-policy attribute-based encryption." 2007 IEEE symposium on security and privacy (SP'07). IEEE, 2007.
[4] Lewko, Allison, and Brent Waters. "Decentralizing attribute-based encryption." Annual international conference on the theory and applications of cryptographic techniques. Springer, Berlin, Heidelberg, 2011.
[5] Liu, Zheli, et al. "Verifiable searchable encryption with aggregate keys for data sharing system." Future Generation Computer Systems 78 (2018): 778-788.
[6] Liu, Jiming, et al. "DMU-ABSE: Dynamic Multi-user Attribute-Based Searchable Encryption with File Deletion and User Revocation." International Symposium on Security and Privacy in Social Networks and Big Data. Springer, Singapore, 2019.
[7] Zhang, Yinghui, et al. "Anonymous attribute-based proxy re-encryption for access control in cloud computing." Security and Communication Networks 9.14 (2016): 2397-2411.
[8] Xu, Zhiqian, and Keith M. Martin. "Dynamic user revocation and key refreshing for attribute-based encryption in cloud storage." 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications. IEEE, 2012.
[9] Joshi, Nikunj, and Bintu Kadhiwala. "Big data security and privacy issues—A survey." 2017 Innovations in Power and Advanced Computing Technologies (i-PACT). IEEE, 2017.
[10] Sebastian, Libina Rose, Sheeba Babu, and Jubilant J. Kizhakkethottam. "Challenges with big data mining: A review." 2015 International Conference on Soft-Computing and Networks Security (ICSNS). IEEE, 2015.
[11] Yin, Hui, et al. "A query privacy-enhanced and secure search scheme over encrypted data in cloud computing." Journal of Computer and System Sciences 90 (2017): 14-27.
[12] Ren, Kui, Cong Wang, and Qian Wang. "Security challenges for the public cloud." IEEE Internet computing 16.1 (2012): 69-73.
[13] Liang, Fan, et al. "A survey on big data market: Pricing, trading and protection." IEEE Access 6 (2018): 15132-15154.
[14] Tchernykh, Andrei, et al. "Towards understanding uncertainty in cloud computing with risks of confidentiality, integrity, and availability." Journal of Computational Science 36 (2019): 100581.
[15] Yin, Hui, et al. "CP-ABSE: A ciphertext-policy attribute-based searchable encryption scheme." IEEE Access 7 (2019): 5682-5694.
[16] Boneh, Dan, and Xavier Boyen. "Efficient selective-ID secure identity-based encryption without random oracles." International conference on the theory and applications of cryptographic techniques. Springer, Berlin, Heidelberg, 2004.
[17] Nweke, Livinus Obiora. "Using the CIA and AAA Models to explain Cybersecurity Activities." PM World Journal 6 (2017).
[18] Chung, Pei-Shan, Chi-Wei Liu, and Min-Shiang Hwang. "A Study of Attribute-based Proxy Re- encryption Scheme in Cloud Environments." Int. J. Netw. Secur. 16.1 (2014): 1-13.
[19] “Computational hardness assumption” https://www.wikiwand.com/en/Computational_hardness_assumption
[20] Sun, Wenhai, et al. "Protecting your right: Attribute-based keyword search with fine-grained owner- enforced search authorization in the cloud." IEEE INFOCOM 2014-IEEE Conference on Computer Communications. IEEE, 2014.