• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>IEEE International Conference on Cloud Computing Technology and Science >On the Insecurity of a Method for Providing Secure and Private Fine-Grained Access to Outsourced Data
【24h】

On the Insecurity of a Method for Providing Secure and Private Fine-Grained Access to Outsourced Data

机译:关于提供对私有数据的安全和私有细粒度访问的方法的不安全性

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

The protection of sensitive data stored in the cloud is paramount. Among the techniques proposed to provide protection, attribute-based access control, which frequently uses ciphertext-policy attribute-based encryption (CPABE), has received a lot of attention in the last years. Recently, Jahan et al.~(IEEE 40th Conference on Local Computer Networks, 2015) propose a scheme based on CPABE where users have reading and writing access to the outsourced data. We analyze the scheme by Jahan et al. and we show that it has several security vulnerabilities. For instance, the cloud server can get information about encrypted messages by using a stored ciphertext and an update of that ciphertext. As another example, users with writing access are able to decrypt all the messages regardless of their attributes. We discuss the security claims made by Jahan et al. and point out the reasons why they do not hold. We also explain that existing schemes can already provide the advantages claimed by Jahan et al.
机译:保护存储在云中的敏感数据至关重要。在提出的用于提供保护的技术中,基于属性的访问控制(通常使用基于密文策略的基于属性的加密(CPABE))在最近几年受到了广泛的关注。最近,Jahan等人(IEEE第40届本地计算机网络会议,2015年)提出了一种基于CPABE的方案,用户可以对外包数据进行读写访问。我们分析了Jahan等人的方案。并且我们证明它具有几个安全漏洞。例如,云服务器可以通过使用存储的密文和该密文的更新来获取有关加密消息的信息。作为另一个示例,具有写访问权的用户无论其属性如何都能够解密所有消息。我们讨论了Jahan等人提出的安全性要求。并指出它们不成立的原因。我们还解释说,现有方案已经可以提供Jahan等人声称的优势。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号