中国邮电高校学报(英文) ›› 2021, Vol. 28 ›› Issue (5): 18-26.doi: 10.19682/j.cnki.1005-8885.2021.0028

所属专题: Special issue on Blockchain Technology and Applications

• Blockchain • 上一篇    下一篇

Trusted data access and authorization protocol

宋文鹏1,李鸣2,3,刘百祥1   

  1. 1. 复旦大学
    2. 上海市智能信息处理重点实验室 复旦大学计算机科学技术学院
    3. 中国电子技术标准化研究院
  • 收稿日期:2021-06-21 修回日期:2021-09-16 出版日期:2021-10-31 发布日期:2021-10-29
  • 通讯作者: 李鸣 E-mail:13701388822@139.com

Trusted data access and authorization protocol

  • Received:2021-06-21 Revised:2021-09-16 Online:2021-10-31 Published:2021-10-29
  • Contact: Ming Li E-mail:13701388822@139.com

摘要:

Threshold proxy re-encryption( PRE) authorizes the data access right of data subject to multiple proxies, who authorize the right again to delegatee to accomplish the end-to-end data encryption process from storage to authorization. Based on threshold PRE algorithm, in order to build a complete trusted data storage and authorization system, the four protocols, which are data access protocol, authorization proxy protocol, authorization proxy cancellation protocol and data reading authorization protocol, are defined completely. On that basis, an efficient data searching method is constructed by specifying the data delegatee. At last, to ensure the right to know of data, the audit log is processed with trusted data right confirmation based on distributed ledger technology. Meanwhile, a parallel data right confirmation processing method is defined based on hierarchical derivation algorithm of public and private key. In the end, the performance evaluation analysis of the protocol are given. Trusted data access and authorization protocol is convenient to build a complete data processing system on the premise of protecting data privacy based on public cloud storage system or distributed storage system.

关键词:

proxy re-encryption ( PRE), data privacy, distributed ledger technology, blockchain




Abstract:

Threshold proxy re-encryption( PRE) authorizes the data access right of data subject to multiple proxies, who authorize the right again to delegatee to accomplish the end-to-end data encryption process from storage to authorization. Based on threshold PRE algorithm, in order to build a complete trusted data storage and authorization system, the four protocols, which are data access protocol, authorization proxy protocol, authorization proxy cancellation protocol and data reading authorization protocol, are defined completely. On that basis, an efficient data searching method is constructed by specifying the data delegatee. At last, to ensure the right to know of data, the audit log is processed with trusted data right confirmation based on distributed ledger technology. Meanwhile, a parallel data right confirmation processing method is defined based on hierarchical derivation algorithm of public and private key. In the end, the performance evaluation analysis of the protocol are given. Trusted data access and authorization protocol is convenient to build a complete data processing system on the premise of protecting data privacy based on public cloud storage system or distributed storage system.

Key words:

proxy re-encryption ( PRE), data privacy, distributed ledger technology, blockchain