高级检索
    马骏, 郭渊博, 马建峰, 张琦. 一种基于时间约束的分层访问控制方案[J]. 计算机研究与发展, 2017, 54(2): 328-337. DOI: 10.7544/issn1000-1239.2017.20150925
    引用本文: 马骏, 郭渊博, 马建峰, 张琦. 一种基于时间约束的分层访问控制方案[J]. 计算机研究与发展, 2017, 54(2): 328-337. DOI: 10.7544/issn1000-1239.2017.20150925
    Ma Jun, Guo Yuanbo, Ma Jianfeng, Zhang Qi. A Time-Bound Hierarchical Access Control Scheme for Ubiquitous Sensing Network[J]. Journal of Computer Research and Development, 2017, 54(2): 328-337. DOI: 10.7544/issn1000-1239.2017.20150925
    Citation: Ma Jun, Guo Yuanbo, Ma Jianfeng, Zhang Qi. A Time-Bound Hierarchical Access Control Scheme for Ubiquitous Sensing Network[J]. Journal of Computer Research and Development, 2017, 54(2): 328-337. DOI: 10.7544/issn1000-1239.2017.20150925

    一种基于时间约束的分层访问控制方案

    A Time-Bound Hierarchical Access Control Scheme for Ubiquitous Sensing Network

    • 摘要: 提出一种时间约束条件下的分层访问控制方案.根据用户对感知节点资源的访问控制需求,充分考虑感知节点计算、存储能力受限且节点数海量的特点,从用户掌握密钥数、密钥获取时间和产生公共信息数3方面进行优化设计,以实现高效、安全的分层访问控制. 与现有其他方案对比,该方案的优势在于:1)用户对大量感知节点资源进行的一次访问,仅需要掌握单个密钥材料;2)通过优化设计,使用户访问节点资源密钥的获取时间与产生的公共信息数达到最佳平衡;3)提出的方案是可证明安全的.

       

      Abstract: In order to realize an effective access control of sensitive data captured by sensor nodes, researchers have made great achievements on secure and efficient hierarchical access control to satisfy the features of widespread distribution, large universe, limited computation and storage capacity of sensor nodes in ubiquitous sensing network. However, time is the main factor that makes the requirements of hierarchical access control scheme in ubiquitous sensing network different from that in traditional Internet networks, leading to the limited actual application scenario. According to the users' requirement on the nodes for gathering resources, an efficient and secure time-bound hierarchical access control scheme is presented in this paper. Based on the characteristics of perception node in ubiquitous sensing network, including the limited power and computation capability, as well as the storage resource, the scheme optimizes the key storage of user, key derivation time, and public information. The advantages of our scheme include that 1) only one key material is required in each users'access; 2) the balance can be achieved between the time for key acquisition and the amount of public information and 3) the scheme is provably secure without random oracle model. Theoretical analysis indicates that our proposed schedule adapts to user' access control requirement of ubiquitous sensing network.

       

    /

    返回文章
    返回