高级检索

    网格环境中证书和策略的隐私保护机制研究

    Research on Privacy Preservation Mechanism for Credentials and Policies in Grid Computing Environment

    • 摘要: 网格访问控制机制中网格实体的访问控制策略和证书的隐私保护是网格安全的一个重要方面,其重要性随着网格技术的进一步广泛应用而日益突出.利用安全函数计算和同态加密理论来解决访问控制过程中策略和证书的隐私保护问题.首先提出了适应于复合策略表达的电路组成方法,并基于无记忆传递机制和“混乱电路”计算协议提出了策略计算协议;然后提出了基于同态加密理论的属性相等测试协议;最后基于策略计算协议和属性相等测试协议提出了策略和证书的隐私保护协议.分析表明,本方案可以对策略和证书的属性进行完全的隐私保护,并且可以避免传统方法所引起的循环依赖问题.

       

      Abstract: Privacy preservation of access control policy and credential for grid entities is an important aspect of grid security, whose importance has been increasingly highlighted with the wide application of grid technology. Using the theory of secure function evaluation, a circuit composition mechanism is proposed which adapts to the expression of composite policy, and a policy evaluation protocol is proposed based on oblivious transfer mechanism and scrambled circuit evaluation protocol; Using the theory of homomorphic encryption, an equility test protocol for attributes is proposed; Based on the two protocols, a privacy preserving protocol is proposed for the access control policies and credentials. Analysis shows that the proposed scheme can provide complete privacy preservation for the attributes of policy and credential, and also can avoid circle dependence problem caused by the related method.

       

    /

    返回文章
    返回