摘要
针对传统数据共享方法存在隐私泄露、易受到拒绝服务攻击和黑客入侵等问题,通过密文属性策略基加密、同步聚合签名、可验证随机函数等方法,设计基于区块链的物联网安全数据共享系统.首先,物联网设备利用密文属性策略基加密方案对数据进行加密,从而对数据使用者的属性进行限定,实现细粒度的数据共享访问控制,并且可以定义使用者的访问次数;其次,在数据共享系统中引入付费商业模型,让云服务器可以为提供的服务进行收费,并且通过可验证随机函数和同步聚合签名产生相应的资源使用证明;再次,物联网设备管理方利用区块链智能合约可以对云服务器产生的证明进行自动化验证;最后,通过外包计算方法将大量运算外包给云服务器进行计算,从而降低用户端的解密开销.系统的优势是抵抗针对云存储密文的分布式拒绝服务攻击,降低细粒度安全数据共享中用户的解密开销,以及利用区块链智能合约对云平台提供的服务进行审计.通过同步聚合签名可以将多个服务证明进行聚合,从而提高审计的效率.实验结果表明:该系统能够实现分布式的信任管理,对物联网数据的处理速度效率高,能够对加密数据进行细粒度的共享和管理.
The traditional data sharing system suffers from privacy leakage,distributed denial of service(DDoS)attack and prone to be compromised by hackers.To deal with these problems,we utilize ciphertext-policy attribute based encryption(CP-ABE),synchronized aggregate signature(SAS)and verifiable random function(VRF)to design blockchain based secure data sharing algorithm for internet of things(IoT).First of all,the IoT devices make use of CP-ABE to encrypt data in order to realize fine-grained access control on data user.It enables the data owner to pre-define the data access times for the users.Secondly,introducing pay-as-you-go such that the cloud platform could charge for the provided service,which is proved by SAS and VRF.Thirdly,the IoT manager is able to audit the consumed data sharing service by the blockchain nodes and smart contract.Fourth,outsourcing decryption algorithm is introduced to alleviate user’s computation burden,where most calculation overheads are undertaken by the cloud platform.The advantage of this system is to resist DDoS attack,reduce data user’s computation overhead and audit resource consumption.The SAS technique enables the proof aggregation of resource consumption,which improves the efficiency of audition.The experiment results indicate that this system supports decentralized trust management,has relatively high efficiency to compute on IoT data,and realizes fine-grained secret data sharing and management.
作者
杨业平
林德威
黄芳芳
王斌
杨旸
YANG Yeping;LIN Dewei;HUANG Fangfang;WANG Bin;YANG Yang(State Grid Fujian Information and Telecommunication Company,Fuzhou,Fujian 350003,China;State Grid Info-Telecom Greate Power Science and Technology Co.,Ltd,Fuzhou,Fujian 350003,China;College of Computer and Data Science,Fuzhou University,Fuzhou,Fujian 350108,China)
出处
《福州大学学报(自然科学版)》
CAS
北大核心
2021年第6期739-746,共8页
Journal of Fuzhou University(Natural Science Edition)
基金
国网福建省电力有限公司2020年信通公司群众性创新项目(52130M0029)
国家自然科学基金资助项目(61872091)。
关键词
物联网
数据共享
区块链
隐私保护
internet of things
data sharing
blockchain
privacy protection
