摘要
通用串行总线大容量存储器是一种被广大用户广泛使用的存储设备。为了保护USB存储设备中用户数据安全,提出了一种适用于USB大容量存储器有效的身份认证与数据保护方案。利用属性权限控制技术,实现了对USB设备用户的安全认证、实现了对USB设备中隐私数据细粒度控制。安全性分析表明该方案具有较强的安全性,能够抵抗重放攻击、拒绝服务攻击、在线口令猜测攻击、用户伪装攻击等;实验性能分析表明该方案在用户注册、认证、文件解密等方面具有较高的效率。
Universal serial bus mass storage is a widely used storage device.In order to protect the user data security in USB storage devices,an effective authentication and data protection scheme is proposed.Using the attribute-based control technology,the security authentication of the USB device user is realized,and the privacy data fine-grained control of the USB device is realized.Security analysis shows that the scheme has strong security,it can resist replay attack,denial of service attack,the online password guessing attack,user impersonation attack,etc.Experimental performance analysis shows that the scheme has high efficiency in user registration,authentication and file decryption.
作者
韩刚
李辉
Han Gang;Li Hui(School of Electronics and Information,Northwestern Polytechnical University,Xi′an 710072,China)
出处
《西北工业大学学报》
EI
CAS
CSCD
北大核心
2018年第3期550-557,共8页
Journal of Northwestern Polytechnical University
基金
国家自然科学基金(61571364)
陕西省自然科学基金(2017JM6037)
西北工业大学研究生创意创新种子基金(Z2017022)资助
关键词
大容量存储器
属性基权限控制
细粒度控制
实验设计
可靠性分析
universal serial bus mass storage
attribute-based control technology
fine-grained control
design of experiments,reliability analysis
