摘要
为了解决广域信息管理(system wide information management,SWIM)信息安全问题,根据SWIM面向服务的系统架构(service-oriented architecture,SOA)的特点,设计SWIM的访问策略,提出了一种基于属性密码(attribute-based encryption,ABE)的授权方法.该方法根据SWIM访问结构中分布性、异构性和动态性的特点,采用密文访问策略(cipher policy-attribute based encryption,CP-ABE)实现.在模拟环境中对该方法进行仿真实验和安全性分析,实验结果表明:该方法支持SWIM航空用户细粒度的授权,降低了SWIM授权管理的复杂度,提高了SWIM系统的安全性.
System wide information management ( SWIM ) is a fundamental network system, which supports aviation collaborative decision making ( CDM) by using big data analysis. Likewise data security and privacy protection issues exist while providing aeronautical information exchange and data sharing. According to the service -oriented architecture ( SOA) of SWIM, an authorization approach based on attribute-based encryption ( ABE) was proposed to solve the problem of SWIM information security. Cipher policy- attribute based encryption ( CP-ABE ) was applied to meet the characteristics of distributives,heterogeneousness and dynamic in SWIM access structure. Experiments on the security of SWIM authorization approach based on the CP-ABE algorithm were performed in simulation environment. Results indicate that the proposed approach supports fine-grained authorization for the aviation users of SWIM with more security and lower complexity.
出处
《北京工业大学学报》
CAS
CSCD
北大核心
2017年第3期350-357,共8页
Journal of Beijing University of Technology
基金
国家自然科学基金委员会与中国民航局联合基金资助项目(U1533107)
中央高校基本科研业务费资助项目(3122016D003)
关键词
广域信息管理
隐私保护
数据安全
属性密码
授权
细粒度
system wide information management ( SWIM)
privacy- preserving
data protection
attribute-based encryption ( ABE)
authorization
fine-grained
