开放网络环境下敏感数据安全与防泄密关键技术研究
|
摘要
网络技术的飞速发展,促使敏感数据及电子文档的应用已成为一种主流趋势。然而,由于电子文档天生存在易复制、易传播、易修改的特点,导致各种敏感信息时刻受到潜在的泄密风险。目前,电子文档安全管理主要基于C/S架构,将敏感数据存储于第三方服务端,并由服务端和用户联合控制用户对敏感资源的共享和访问。国内外的相关研究工作主要集中在文档防泄密的应用层安全保护、密钥管理以及明文访问控制等技术,而忽略了文档在生命周期内的实时加密存储,以及开放网络环境下密文资源共享、访问控制等问题的研究,使得相关研究工作缺乏实质性的技术转变。因此,本文将针对开放网络环境下敏感数据安全与防泄密相关技术展开研究。
本论文将从开放网络环境下基于时空约束的敏感数据防泄密保护相关技术、基于身份的电子文档域密钥分发算法及协议、开放网络环境下基于代理重加密的电子文档分发算法及协议、基于属性的电子文档访问控制机制四个关键问题进行研究,保证敏感数据在生成、存储、传输、分发、共享等各个环节下处于安全状态,同时解决密文状态下数据资源共享以及细粒度访问控制问题。本论文的主要创新点如下:
(1)分析并提出基于身份的电子文档域密钥分发算法及协议
为了实现电子文档安全管理环境中域间用户的通信安全,采用双线性对构造了一个适用于大数量、动态域组的基于身份的域密钥分发算法,该算法实现了域环境下用户的动态加入与离开,通过广播加密的方式使域用户获得更新后的域密钥,避免了复杂的密钥更新协商协议。另外,提出基于共享域的电子文档管理协议,实现域内用户共享,不同域之间安全分发电子文档。在该协议工作下,共享域内每个用户合法获得的电子文档可以在域中各设备间无缝地流动,实现资源共享。不同的域之间电子文档的传输有严格的限制,需要经服务器认证,确保电子文档的安全管理与防泄密。
(2)研究并提出基于代理重加密的电子文档分发算法及协议
针对开放网络环境下电子文档安全管理,提出一种基于代理重加密机制的电子文档分发算法及协议,并证明其在标准模型下选择密文(CCA, chosen-ciphertext attack)安全。其思想是采用双线性对构造一个高效的单向代理重加密算法,文档拥有者将数据加密后发送给半可信服务端,由服务端对数据密文进行安全存储,同时对数据密文重加密后发送给用户。该方案避免了服务端对数据密文解密后进行二次加密,降低了服务端对电子文档管理的复杂度,同时采用密文方式存储,防止服务器被恶意攻击后敏感数据泄露。与其它算法与协议分析表明,本方案显著降低了代理重加密算法的计算复杂度,同时提高了加解密效率。
(3)设计基于属性的电子文档密文访问控制协议
针对开放网络环境下电子文档的机密性保护问题,在属性基加密和代理重加密机制基础上提出一种文档密文访问控制协议,并给出了全面的安全证明和效率分析。该协议通过密文策略属性基加密算法实现文档的密文存储与访问,而代理重加密机制解决密文访问控制中的动态权限变更问题。同普通的文档管理方式相比,该协议降低了数据所有者的权限管理代价,减轻了域服务端的工作负荷,同时实现了动态灵活的细粒度权限控制,更高效的保持了数据机密性。
With the rapid development of network, the security demands of E-docuements in the multi-domain environment become to appear. However, due to the characteristics of E-document which is easy to copy, spread and modify, the sensitive information may be subject to the potential risk of leaking. At present, more E-document security management systems are based on C/S structure, which sensitive data are stored by third-party server and shared between users with the control of the third-party server. The foreign and domestic experts are focused on the research of protection in the application layer for the documents, key management, and access control technology for the plain text. In other words, they neglect the research of real-time encryption within the life time of the document, ciphertext recourse sharing in multi-domain, and technology of usage control on the ciphertext. Therefore, the technology of the E-document management in the multi-domain environment will be shown in the paper.
The trusted model for E-document management supporting with time and space constraint, identity_based domain key distribution protocol, a distribution protocol based on proxy re-encryption, and cryptographic access control based on attribute-based encryption (ABE) for E-document management will be shown in this dissertation. The research will ensure that the sensitive data is always in the form of ciphertext within the life time including creating, storage, transfer and distribution, etc. In addition, the research will solve that how to share the ciphertext resource and it provides a fine-grained access control for ciphertext. The major innovations of this dissertation are as follows:
Ⅰ. Identity based domain key distribution protocol in the E_document security management
In order to create a security domain environment in the E_document management, an identity domain key distribution scheme using bilinear pairings for large and dynamic domain is proposed in this paper. The scheme can handle the joining and leaving of domain members efficiently, and update the domain key in the manner of broadcast, which avoids the complex protocols of key agreement. In addition, the distribution protocol based sharing_domain for E_document is also given in the paper, which aims to realize the function of sharing the documents in a domain and distributing the documents between different domains securely. With the protocol, the E_documents obtained by a domain member can be transmitted to other domain members seamlessly. On the opposite, the E_document which is distributed to another domain need to be upload to the server, which will verify the identity of the domain member and encrypt the documents with the specified domain key.
II. A distribution protocol based on proxy re-encryption for E-document management
In view of the domain environment in E-documents management, a CCA-secure (Chosen ciphertext attack) and interoperable cross-domain distribution protocol for E-document will be proposed in the paper. Based on proxy re-encryption, the scheme uses a semi-trusted entity called proxy server to re-encrypt the document ciphertext without decrypting the ciphertext such that only users can decrypt the data with his private key. Compared with the existing system, our scheme relieves the server from intense encryption/decryption processing, and achieves reliable decentralized encryption/decryption with good scalability and efficiency. Additionally, our scheme enjoys the advantages of both higher efficiency and stronger security. Therefore, the distribution protocol based on proxy re-encryption can be widely used in the domain interoperability environment.
III. Cryptographic access control based on attribute-based encryption (ABE) for E-document management
To keep the E-document confidential in the n the open network enviroment, a cryptographic access control based on attribute-based encryption (ABE) was introduced. This scheme combines the techniques of ciphertext policy attribute based encryption (CP-ABE) and proxy re-encryption, and the E-document will be stored and operated in the form of ciphertext through CP-ABE, while the server will supports dynamic and fine-grained access control for ciphertext. Comparing with the traditional way, the scheme alleviates the administering burdens on the data owner, and supports dynamic and fine-grained access policies.
本论文将从开放网络环境下基于时空约束的敏感数据防泄密保护相关技术、基于身份的电子文档域密钥分发算法及协议、开放网络环境下基于代理重加密的电子文档分发算法及协议、基于属性的电子文档访问控制机制四个关键问题进行研究,保证敏感数据在生成、存储、传输、分发、共享等各个环节下处于安全状态,同时解决密文状态下数据资源共享以及细粒度访问控制问题。本论文的主要创新点如下:
(1)分析并提出基于身份的电子文档域密钥分发算法及协议
为了实现电子文档安全管理环境中域间用户的通信安全,采用双线性对构造了一个适用于大数量、动态域组的基于身份的域密钥分发算法,该算法实现了域环境下用户的动态加入与离开,通过广播加密的方式使域用户获得更新后的域密钥,避免了复杂的密钥更新协商协议。另外,提出基于共享域的电子文档管理协议,实现域内用户共享,不同域之间安全分发电子文档。在该协议工作下,共享域内每个用户合法获得的电子文档可以在域中各设备间无缝地流动,实现资源共享。不同的域之间电子文档的传输有严格的限制,需要经服务器认证,确保电子文档的安全管理与防泄密。
(2)研究并提出基于代理重加密的电子文档分发算法及协议
针对开放网络环境下电子文档安全管理,提出一种基于代理重加密机制的电子文档分发算法及协议,并证明其在标准模型下选择密文(CCA, chosen-ciphertext attack)安全。其思想是采用双线性对构造一个高效的单向代理重加密算法,文档拥有者将数据加密后发送给半可信服务端,由服务端对数据密文进行安全存储,同时对数据密文重加密后发送给用户。该方案避免了服务端对数据密文解密后进行二次加密,降低了服务端对电子文档管理的复杂度,同时采用密文方式存储,防止服务器被恶意攻击后敏感数据泄露。与其它算法与协议分析表明,本方案显著降低了代理重加密算法的计算复杂度,同时提高了加解密效率。
(3)设计基于属性的电子文档密文访问控制协议
针对开放网络环境下电子文档的机密性保护问题,在属性基加密和代理重加密机制基础上提出一种文档密文访问控制协议,并给出了全面的安全证明和效率分析。该协议通过密文策略属性基加密算法实现文档的密文存储与访问,而代理重加密机制解决密文访问控制中的动态权限变更问题。同普通的文档管理方式相比,该协议降低了数据所有者的权限管理代价,减轻了域服务端的工作负荷,同时实现了动态灵活的细粒度权限控制,更高效的保持了数据机密性。
With the rapid development of network, the security demands of E-docuements in the multi-domain environment become to appear. However, due to the characteristics of E-document which is easy to copy, spread and modify, the sensitive information may be subject to the potential risk of leaking. At present, more E-document security management systems are based on C/S structure, which sensitive data are stored by third-party server and shared between users with the control of the third-party server. The foreign and domestic experts are focused on the research of protection in the application layer for the documents, key management, and access control technology for the plain text. In other words, they neglect the research of real-time encryption within the life time of the document, ciphertext recourse sharing in multi-domain, and technology of usage control on the ciphertext. Therefore, the technology of the E-document management in the multi-domain environment will be shown in the paper.
The trusted model for E-document management supporting with time and space constraint, identity_based domain key distribution protocol, a distribution protocol based on proxy re-encryption, and cryptographic access control based on attribute-based encryption (ABE) for E-document management will be shown in this dissertation. The research will ensure that the sensitive data is always in the form of ciphertext within the life time including creating, storage, transfer and distribution, etc. In addition, the research will solve that how to share the ciphertext resource and it provides a fine-grained access control for ciphertext. The major innovations of this dissertation are as follows:
Ⅰ. Identity based domain key distribution protocol in the E_document security management
In order to create a security domain environment in the E_document management, an identity domain key distribution scheme using bilinear pairings for large and dynamic domain is proposed in this paper. The scheme can handle the joining and leaving of domain members efficiently, and update the domain key in the manner of broadcast, which avoids the complex protocols of key agreement. In addition, the distribution protocol based sharing_domain for E_document is also given in the paper, which aims to realize the function of sharing the documents in a domain and distributing the documents between different domains securely. With the protocol, the E_documents obtained by a domain member can be transmitted to other domain members seamlessly. On the opposite, the E_document which is distributed to another domain need to be upload to the server, which will verify the identity of the domain member and encrypt the documents with the specified domain key.
II. A distribution protocol based on proxy re-encryption for E-document management
In view of the domain environment in E-documents management, a CCA-secure (Chosen ciphertext attack) and interoperable cross-domain distribution protocol for E-document will be proposed in the paper. Based on proxy re-encryption, the scheme uses a semi-trusted entity called proxy server to re-encrypt the document ciphertext without decrypting the ciphertext such that only users can decrypt the data with his private key. Compared with the existing system, our scheme relieves the server from intense encryption/decryption processing, and achieves reliable decentralized encryption/decryption with good scalability and efficiency. Additionally, our scheme enjoys the advantages of both higher efficiency and stronger security. Therefore, the distribution protocol based on proxy re-encryption can be widely used in the domain interoperability environment.
III. Cryptographic access control based on attribute-based encryption (ABE) for E-document management
To keep the E-document confidential in the n the open network enviroment, a cryptographic access control based on attribute-based encryption (ABE) was introduced. This scheme combines the techniques of ciphertext policy attribute based encryption (CP-ABE) and proxy re-encryption, and the E-document will be stored and operated in the form of ciphertext through CP-ABE, while the server will supports dynamic and fine-grained access control for ciphertext. Comparing with the traditional way, the scheme alleviates the administering burdens on the data owner, and supports dynamic and fine-grained access policies.
引文
[1]Douglas R.Stinson著,冯登国译.密码学原理与实践(第3版).电子工业出版社,2009.
[2]崔铭常,林喜荣.基于生物特征和移动密钥的电子数据保护方法及装置.中国专利:CN101345619,2009-1-14.
[3]Hennessy S D, Lauer G D, Zunic N, et al. Data-centric security:Intergrating data privacy and data security[J]. IBM Journal of Research and Development,2009,vol53(2):1-12.
[4]Sang Yeob Na*, SeungDae Lee. Design of security mechanism for electronic document repository system [A]. International conference on convergence and hybrid information technology[C],2008.
[5]Owczarek D, Wojciechowski J, Murlewski J, et al. Electronic document management system[A]. International conference on mixed design[C],2006.
[6]郑磊,马兆丰,顾明.基于文件系统过滤驱动的安全增强型加密系统技术研究[J].小型微型计算机系统,vol28(7),2008:1181-1184.
[7]马建设,王怀涛.数据安全保管设备和数据安全保管方法.中国专利:CN101403993,2009-4-8.
[8]马兆丰,冯博琴,宋擒豹.基于动态许可证的信任版权安全认证协议[J].软件学报,2004,vol15(1):131-140.
[9]马兆丰,范科峰,陈铭等.支持时空约束的可信数字版权管理安全许可协议[J].通信学报,2008,vol29(10):1 53-164.
[10]夏俊领.基于电子标签的多级文档安全模型研究与设计[D].西安,西安电子科技大学,2011.
[11]刘岸,吴琨,仲海骏等.基于策略机制的分布式文件保护系统PFICS[J],计算机工程,2004.
[12]WIPO-world intellectual property organization[EB/OL].http://www.wipo. int.
[13]XrML specifications[EB/OL].http://www.xrml.org/get_XrML.asp.
[14]庄杰,顾君忠.基于DRM的文档安全流转系统的研究与实现[D].上海,华东师范大学,2008.
[15]Muntes-Mulero V,Nin J.Privacy and anonymization for very large datasets.In:Chen P,ed.Proc of the ACM 18th Int'l Conf.on Information and Knowledge Management,CIKM 2009.New York:Association for Computing Machinery,2009,2117-2118.
[16]Vipul Goyal UCLA, Omkant Pandey UCLA. Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data[J]. Conference on Computer and Communication Security proceedings ACM2006.
[17]Matthew Pirretti, Patrick Traynor. Secure Attribute Based Systems[J]. Conference on Computer and Communication Security Proceedings ACM2006.
[18]耿振民,杨磊.基于可选透明加解密的文件保护方法及系统.中国专利:CN102215214A,2011-10-14.
[19]张汉宁,房鼎益,陈晓江等.基于透明加解密的数字内容安全防护系统.西北大学学报(自然科学版),2010,vol40(3):437-441.
[20]章勇.一种基于文件过滤驱动的文件流转权限控制系统.中国专利:CN201682524U,2010-12-22.
[21]沈明峰,李胜磊,张勇等.协同工作环境下涉密文档的保护方法.中国专利:CN1822014A.2006-8-23.
[22]M.Blaze, G.Bleumer, and M.Strauss. Divertible protocols and atomic proxy cryptography [A]. InEUROCRYPT1998, LNCS1403,1998,127-144.
[23]Anca Ivan, Yevgeniy Dodis. Proxy cryptography revisited. In Internet Society (ISOC):NDSS 2003.
[24]G Ateniese, K. Fu, M. Green, and S. Hohenberger. Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Transactions on Information and System Security (TISSEC), vol.9(1),2006,1-30.
[25]Canetti R, Hohenberger S. Chosen-ciphertext secure proxy re-encryption. In:ACM Conference on Computer and Communications Security,2007,185-194.
[26]Libert B, Vergnaud D. Unidirectional chosen-ciphertext secure proxy re-encryption. In:Cramer R, ed. Public Key Cryptography. LNCS 4939.Berlin:Springer-Verlag,2008,360-379.
[27]Goyal V, Pandey A, Sahai A, Waters B. Attribute-Based encryption for fine-grained access control of encrypted data. In:Juels A, Wright RN,Vimercati SDC, eds.Proc. of the 13th ACM Conference on Computer and Communications Security, CCS2006. Alexandria:ACM Press,2006,89-98.
[28]Bethencourt J, Sahai A, Waters B. Ciphertext-Policy attribute-based encryption. In:Shands D, ed. Proceeding of 2007 IEEE symposium on Security and Privacy. Oakland:IEEE Computer Society,2007,321-334.
[29]Gentry C.Fully homomorphic encryption using ideal lattices.In:Mitzenmacher M,ed. Proc.of the 2009 ACM Int'l Symp.on Theory of Computing.New York:Association for Computing Machinery,2009,169-178.
[30]Harney H. and Muckenhirn C. Group Key Management Protocol (GKMP) Architecture. RFC 2094.1997.
[31]保罗·麦卡沃伊,袁珀,奥尔森·肯普.用于数据内容分发的系统和方法[P].中国专利:CN101765845A,2010-06-30.
[32]D.M.Wallner, E.J.Harder and R.C. Agee. Key management for multieast:Issues and architectures.1999.
[33]Canetti R. Multicast Security:A Taxonomy and Efficient Constructions [A].in:IEEE INFOCOM[C].New York, NY,1999.708-716.
[34]GH.Chou and W.T.Chen. Secure broadcasting using the secure lock. IEEE Trans, on Software Engineering,1989,15(8),929-934.
[35]T.H wang and J.L.Chen. Identity-based conference key broadcast systems. IEE proc.of Computers and Digital Techniques,1994,Vol.141, No.1,57-60.
[36]T.Chikazawa and A.Yamagishi. An improved identity-based one-way conference key Sharing system. In Proc.of ICCS/ISITA, IEEE Computer Society Press,1992,270-273.
[37]Z.K Yang, H.T. Xie, W.Q. Chen, and Y.M. Tan. An Identity-based Fault-tolerant Conference Key Distribution Scheme. Parallel and Distributed Computing, Applications and Technologies, IEEE Computer Society, Taiwan,2006, pp.389-392.
[38]Yongquan Cai, Xiuying Li. An Improved Identity-based Fault-tolerant Conference Key Distribution Scheme. Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, IEEE Computer Society,2007,345-349.
[39]A. Shamir. How to share a secret, Communications of ACM,24(11), pp.612-613,1979.
[40]R.J. McEliece and D.V. Sarwate. On sharing secrets and Reed-Solomon codes. Communication of ACM,26(9), pp.583-584,1981.
[41]朱文涛,熊继平,李津生等.安全组播密钥管理的层次结构研究.电子与信息学报.2004,26(1).7-13.
[42]李晖,付晓红,吕锡香等.基于中国剩余定理的群组密钥管理方法.中国专利:CN101789945A.
[43]Wei Wang, Fenghua Li, Jianfeng Ma. Efficient and Secure Group Key Management for High Delay Networks. Chinese Journal of Electronics.2007,16(4):721-726.
[44]刘璟,周明天.大型动态多播群组的密钥管理和访问控制[J].软件学报.2002,vol13(2).291-297.
[45]朱文涛,熊继平,李津生等.安全组播密钥管理的层次结构研究.电子与信息学报.2004,26(1).7-13.
[46]Crampton J, Martin K, Wild P. On key assignment for hierarchical access control. In:Guttan J, ed, Proc. of the 19th IEEE Computer Security Foundations Workshop—CSFW 2006. Venice:IEEE Computer Society Press,2006.5-7.
[47]Malek B, Miri A. Combining attribute-based and access systems. In:Muzio JC, Brent RP, eds. Proc.IEEE CSE2009,12th IEEE Int'l Conf. on Computational Science and Engineering IEEE Computer Society,2009.305-312.
[48]Boneh D, Franklin M. Identity-Based encryption from the Weil pairing. SIAM Journal on Computing,2003,32(3):586-615.
[49]郭代飞,隋爱芬.一种用于防止文档被未授权访问的方法和装置.中国专利:CN101937501A,2011-1-5.
[50]PARK J, SANDHU R. Towards usage control models:beyond traditional access control [C]. ACM Symposium on Access control Models and Technologies,2002,2(3):57-64.
[51]Zhang X, Li Y, Nalla D. An attribute-based access matrix model[C]. In:proceedings of the 2005 ACM Symposium on applied computing,2005,359-363.
[52]Wang L Y, WIJESEKERA D, JAJODIA S. A logic-based framework for attribute based access control [A]. Proceedings of the 2004 ACMWorkshop on Formal Methods in Security Engineering[C].2004.45-55
[53]E Bertinol,A C Squicciarini,I Paloscia,et al.Ws-AC:A fine grained access control system for web services[J].World Wide Web,2006,9(2):143-171.
[54]Fareed Zaffer, Gershon Kedem. Paranoid:A Global Secure File Aceess Control System[J]. Proceedings of the 21st Annual Computer Security Applications Conference IEEE2005.
[55]赵铭伟,毛锐,江荣安.基于过滤驱动的透明加密文件系统模型.计算机工程,2009,35(1):150-152.
[56]刘功建,基于文档保护的数字权限管理系统设计与实现[硕士学位论文].山东,山东大学,2008.
[57]谷利泽,郑世慧,杨义先等.现代密码学教程.北京,北京邮电大学出版社,2009.
[58]刘建伟,王育民.网络安全——技术与实践.北京,清华大学出版社,2005.
[59]章照止.现代密码学基础.北京,北京邮电大学出版社,2004.
[60]B.W.Lampson.Protection.In:5th Princton Symposium on Information Science and Systems, 1971,437-443. Reprinted in ACM Operating Systems Reviews,1974,8(1):18-24.
[61]R.S.Sandhu. Role Hierarchies and Constraints for Lattice-Based Access Control. In:4th European Symposium on Research in computer Security, Rome, Italy,1996.25-27.
[62]D F Ferraiolo, D R Kuhn. Role-based access control [A]. In Proc.of 15th National Computer Security Conference[C].October,1992,554-563.
[63]鲁建锋,卢正鼎.访问控制策略的安全与效用优化方法研究[博士学位论文].武汉,华中科技大学,2010.
[64]PARK J, SANDHU R. Usage Control:A vision for next generation access control [C]. International Workshop on Mathematical Methods, Models and Architectures for Computer Networks Security,2003,2(1):17-31
[65]PARK J, SANDHU R. The UCONABC usage control model[J].ACM Transactions on Information and Systems Security,2004,7(1):128-174.
[66]俞银燕,汤帜.数字版权保护技术研究综述.计算机学报,2005,28(12):1957-1968.
[67]Kwok S.H, Lui S.M. A license management model to support B2C and C2C music sharing.In: Proceedings of the 10th International World Wide Web Conference (W WW 10), Hong Kong, 2001:136-137.
[68]Kwok S.H, Lui S.M. A license management model for peer-to-peer music sharing. International Journal of information Technology and Decision Making,2002,1(3):541-558.
[69]D.Boneh and X.Boyen. Secure Identity Based Encryption without Random Oracles. In CRYPTO 2004, LNCS3027,2004,443-459.
[70]Diffie W, Hellman M E. New directions in cryptography [J]. IEEE Trans on Information Theory, 1976,22(6):644-654.
[71]Boneh D. The decision Diffie-Hellman problem [G]//LNCS 1423:Proc of the 3rd Int Symp on Algorithmic Number Theory. Berlin:Springer,1998:48-63.
[72]Boneh D, Franklin M. Identity-based encryption from the Weil pairing [J]. SLAM Journal of Computing,2000,32(3):586-615.
[73]A. Shamir. Identity based cryptosystems and signature scheme. In proc. Of CRYPTO'84, LNCS. Vol.196, Springer-Verlag,47-53,1984.
[74]D.M.Wallner, E.J.Harder and R.C. Agee. Key management for multieast:Issues and architectures.1999.
[75]C.K.Wong, M.Gouda and S.S. Lam. Secure group communications using key graphs. IEEE Tran. Networks.2000, Vol 8(8):16-30.
[76]M.Waldvogel, G.Caronni, D.Sun, N.Weiler and B.Plattner. The versa key framework:versatile group key management. IEEE Journal on Selected Areas in Communications (Special Issue on Middleware),1999, Vol 17:(9),1614-1631.
[77]A.T. Sherman and D.A. McGrew. Key establishment in large dynamic groups using One-way function trees. IEEE Transactions on Software Engineering,2003,Vol 29:(5) 444-458.
[78]Dinsmore P T, Balenson D M, Heyman Met al. Policy-based security management for large dynamic groups:An overview of the DCCM project. In:Proc the DARPA Information Survivability Conference & Exposition, SC, USA,2000.64-73.
[79]Yongquan Cai, Xiuying Li. An Improved Identity-based Fault-tolerant Conference Key Distribution Scheme. Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, IEEE Computer Society,2007,345-349.
[80]A. Shamir. How to share a secret, Communications of ACM,24(11), pp.612-613,1979.
[81]R.J. McEliece and D.V. Sarwate. On sharing secrets and Reed-Solomon codes. Communication of ACM,26(9), pp.583-584,1981.
[82]M. Bellare and P. Rogaway. Random oracles are practical:a paradigm for designing efficient protocols. In Proc. of the 1st ACM Conference on Computer and Communication Security (CCS),1993,62-73.
[83]Canetti R, Goldreich O, Halevi S. The random oracle methodology, revisited. In Proceedings of the STOC1998, Texas, USA,1998:209-218.
[84]冯登国.可证明安全性理论与方法研究.软件学报,2005,16(10):1743-1756.
[85]Shao J, Cao Z. CCA-secure proxy re-encryption without Pairings. In:Public Key CryPtography. LNCS 5443. Berlin:Springer-Verlag,2009,357-376.
[86]邵俊.代理重密码的研究.博士学位论文.上海:上海交通大学.2008.
[87]Weng J, Deng R H, Ding X,et al. Conditional Proxy re-encryption secure against chosen-ciphertext attack. In:ASIAN ACM Symposium on Information, Computer and Communications Security, ASIACCS,2009,322-332.
[88]翁健,陈泯融,杨艳江等.无需随机预言机的自适应攻陷模型下选择密文安全的单向代理重加密方案.中国科学:信息科学,2010,Vol 40(2):298-312
[89]G. Taban, A. A. Cardenas, and V. D. Gligor. Towards a secure and interoperable DRM architecture. In Proceedings of the 6th ACM workshop on Digital Rights Management,2006, 69-78.
[90]D.-W. Nam, J.-S. Lee and J.-H. Kim. Interlock system for DRM interoperability of streaming contents. In Proceedings of IEEE International Symposium on Consumer Electronics 2007 (ISCE 2007),2007.
[91]Sangho L, Heejin P, Jong K. A secure and mutual-profitable DRM interoperability scheme. In: Computers and Communications (ISCC),2010,75-80.
[92]Qin Q, Zhi T, Yinyan Y. A decentralized authorization scheme for DRM in P2P file-sharing systems. In:Consumer Communications and Networking Conference(CCNC),2011,136-140.
[93]Beimel A. Secure schemes for secret sharing and key distribution [D]. Technion:Israel Institute of Technology,1996.
[94]H.Anton and C.Rorres. Elementary Linear Algebra,9th Edition.2005.
[95]Sahai A, Waters B. Fuzzy identity-based encryption. In:Cramer R,ed. Advances in Cryptology-EUROCRYPT 2005. Berlin, Heidelberg:Springer-Verlag,2005.457-473.
[96]Goyal V, Pandey O, Sahai A, Waters B. Attribute-Based encryption for fine-grained access control of encrypted data. In:Proceeding of the 13th ACM Conference on Computer and Communications Security. New York:ACM Press,2006,89-98.
[97]Yu S, Ren K, Lou W. Attribute-Based content distribution with hidden policy. In:Proceeding of the 4th Workshop on Secure Network Protocols(NPSec).Orlando:IEEE Computer Society,2008.39-44.
[98]Traynor P, Butler K,Enck W, Mcdaniel P. Realizing massive-scale conditional access systems through attribute-based cryptosystems. In:Proceeding of the 15th Annual Network and Distributed System Security Symp.(NDSS 2008).San Diego:USENIX Association,2008.1-13.
[99]Cheung L,Newport C.Provably secure ciphertext policy ABE.In:Proc. of the ACM Conf. on Computer and Communications Security. New York:ACM Press,2007.456-?465.
[100]Cheung L, Cooley JA, Khazan R, Newport C. Collusion-Resistant group key management using attribute-based encryption.http://eprint.iacr.org/2007/161.pdf
[101]Yu S, Ren K, Lou W. Attribute-Based on-demand multicast group setup with membership anonymity. Computer Networks,2010,54(3):377-386.
[102]Baden R, Bender A, Spring N, Bhattacharjee B, Starin D. Persona:An online social network with user-defined privacy. In:Proceeding of the ACM SIGCOMM 2009 Conference on Data Communication. New York:ACM Press,2009.135-146.
[103]Bethencourt J, Sahai A., Waters B. Ciphertext-policy attribute-based encryption. In:IEEE Symposium on Security and Privacy, IEEE Computer Society.2007,321-334.
[104]Rafail Ostrovsky, Amit Sahai, and Brent Waters. Attribute-based encryption with non-monotonic access structures. In ACM Conference on Computer and Communications Security,2007,195-203.
[105]Ling Cheung, Calvin Newport. Provably secure ciphertext policy ABE. In ACM Conference on Computer and Communications Security,2007,456-465.
[106]Bethencourt J, Sahai A., Waters B. Ciphertext-policy attribute-based encryption. In:IEEE Symposium on Security and Privacy, IEEE Computer Society.2007,321-334.
[107]Vipul Goyal, Abhishek Jain, Omkant Pandey, and Amit Sahai. Bounded ciphertext policy attribute based encryption. In ICALP(2),2008,579-591.
[108]Ibraimi L, Asim M, retkovic M. An encryption scheme for a secure policy updating. In: proceeding of the 2010 International Conference on Security and Cryptography (SECRYPT), Athens, Greece,2010.
[109]Amos Beimel. Secure Schemes for Secret Sharing and Key Distribution[D], Israel Institute of Technology,Technion,Haifa,Israel,1996.
[110]Biham E. New Types of cryptanalytic attacks using related keys[M]. Springer-Verlag,1993, 398-409.
[111]Cheung S.C, Curreern H. Rights protection for digital contents redistribution over the Internet. In:Proceedings of the 26th Annual International Computer Software and Applications Conference(COMPSAC'02), IEEE Computer Society, Oxford, UK,2002,105-110.
[2]崔铭常,林喜荣.基于生物特征和移动密钥的电子数据保护方法及装置.中国专利:CN101345619,2009-1-14.
[3]Hennessy S D, Lauer G D, Zunic N, et al. Data-centric security:Intergrating data privacy and data security[J]. IBM Journal of Research and Development,2009,vol53(2):1-12.
[4]Sang Yeob Na*, SeungDae Lee. Design of security mechanism for electronic document repository system [A]. International conference on convergence and hybrid information technology[C],2008.
[5]Owczarek D, Wojciechowski J, Murlewski J, et al. Electronic document management system[A]. International conference on mixed design[C],2006.
[6]郑磊,马兆丰,顾明.基于文件系统过滤驱动的安全增强型加密系统技术研究[J].小型微型计算机系统,vol28(7),2008:1181-1184.
[7]马建设,王怀涛.数据安全保管设备和数据安全保管方法.中国专利:CN101403993,2009-4-8.
[8]马兆丰,冯博琴,宋擒豹.基于动态许可证的信任版权安全认证协议[J].软件学报,2004,vol15(1):131-140.
[9]马兆丰,范科峰,陈铭等.支持时空约束的可信数字版权管理安全许可协议[J].通信学报,2008,vol29(10):1 53-164.
[10]夏俊领.基于电子标签的多级文档安全模型研究与设计[D].西安,西安电子科技大学,2011.
[11]刘岸,吴琨,仲海骏等.基于策略机制的分布式文件保护系统PFICS[J],计算机工程,2004.
[12]WIPO-world intellectual property organization[EB/OL].http://www.wipo. int.
[13]XrML specifications[EB/OL].http://www.xrml.org/get_XrML.asp.
[14]庄杰,顾君忠.基于DRM的文档安全流转系统的研究与实现[D].上海,华东师范大学,2008.
[15]Muntes-Mulero V,Nin J.Privacy and anonymization for very large datasets.In:Chen P,ed.Proc of the ACM 18th Int'l Conf.on Information and Knowledge Management,CIKM 2009.New York:Association for Computing Machinery,2009,2117-2118.
[16]Vipul Goyal UCLA, Omkant Pandey UCLA. Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data[J]. Conference on Computer and Communication Security proceedings ACM2006.
[17]Matthew Pirretti, Patrick Traynor. Secure Attribute Based Systems[J]. Conference on Computer and Communication Security Proceedings ACM2006.
[18]耿振民,杨磊.基于可选透明加解密的文件保护方法及系统.中国专利:CN102215214A,2011-10-14.
[19]张汉宁,房鼎益,陈晓江等.基于透明加解密的数字内容安全防护系统.西北大学学报(自然科学版),2010,vol40(3):437-441.
[20]章勇.一种基于文件过滤驱动的文件流转权限控制系统.中国专利:CN201682524U,2010-12-22.
[21]沈明峰,李胜磊,张勇等.协同工作环境下涉密文档的保护方法.中国专利:CN1822014A.2006-8-23.
[22]M.Blaze, G.Bleumer, and M.Strauss. Divertible protocols and atomic proxy cryptography [A]. InEUROCRYPT1998, LNCS1403,1998,127-144.
[23]Anca Ivan, Yevgeniy Dodis. Proxy cryptography revisited. In Internet Society (ISOC):NDSS 2003.
[24]G Ateniese, K. Fu, M. Green, and S. Hohenberger. Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Transactions on Information and System Security (TISSEC), vol.9(1),2006,1-30.
[25]Canetti R, Hohenberger S. Chosen-ciphertext secure proxy re-encryption. In:ACM Conference on Computer and Communications Security,2007,185-194.
[26]Libert B, Vergnaud D. Unidirectional chosen-ciphertext secure proxy re-encryption. In:Cramer R, ed. Public Key Cryptography. LNCS 4939.Berlin:Springer-Verlag,2008,360-379.
[27]Goyal V, Pandey A, Sahai A, Waters B. Attribute-Based encryption for fine-grained access control of encrypted data. In:Juels A, Wright RN,Vimercati SDC, eds.Proc. of the 13th ACM Conference on Computer and Communications Security, CCS2006. Alexandria:ACM Press,2006,89-98.
[28]Bethencourt J, Sahai A, Waters B. Ciphertext-Policy attribute-based encryption. In:Shands D, ed. Proceeding of 2007 IEEE symposium on Security and Privacy. Oakland:IEEE Computer Society,2007,321-334.
[29]Gentry C.Fully homomorphic encryption using ideal lattices.In:Mitzenmacher M,ed. Proc.of the 2009 ACM Int'l Symp.on Theory of Computing.New York:Association for Computing Machinery,2009,169-178.
[30]Harney H. and Muckenhirn C. Group Key Management Protocol (GKMP) Architecture. RFC 2094.1997.
[31]保罗·麦卡沃伊,袁珀,奥尔森·肯普.用于数据内容分发的系统和方法[P].中国专利:CN101765845A,2010-06-30.
[32]D.M.Wallner, E.J.Harder and R.C. Agee. Key management for multieast:Issues and architectures.1999.
[33]Canetti R. Multicast Security:A Taxonomy and Efficient Constructions [A].in:IEEE INFOCOM[C].New York, NY,1999.708-716.
[34]GH.Chou and W.T.Chen. Secure broadcasting using the secure lock. IEEE Trans, on Software Engineering,1989,15(8),929-934.
[35]T.H wang and J.L.Chen. Identity-based conference key broadcast systems. IEE proc.of Computers and Digital Techniques,1994,Vol.141, No.1,57-60.
[36]T.Chikazawa and A.Yamagishi. An improved identity-based one-way conference key Sharing system. In Proc.of ICCS/ISITA, IEEE Computer Society Press,1992,270-273.
[37]Z.K Yang, H.T. Xie, W.Q. Chen, and Y.M. Tan. An Identity-based Fault-tolerant Conference Key Distribution Scheme. Parallel and Distributed Computing, Applications and Technologies, IEEE Computer Society, Taiwan,2006, pp.389-392.
[38]Yongquan Cai, Xiuying Li. An Improved Identity-based Fault-tolerant Conference Key Distribution Scheme. Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, IEEE Computer Society,2007,345-349.
[39]A. Shamir. How to share a secret, Communications of ACM,24(11), pp.612-613,1979.
[40]R.J. McEliece and D.V. Sarwate. On sharing secrets and Reed-Solomon codes. Communication of ACM,26(9), pp.583-584,1981.
[41]朱文涛,熊继平,李津生等.安全组播密钥管理的层次结构研究.电子与信息学报.2004,26(1).7-13.
[42]李晖,付晓红,吕锡香等.基于中国剩余定理的群组密钥管理方法.中国专利:CN101789945A.
[43]Wei Wang, Fenghua Li, Jianfeng Ma. Efficient and Secure Group Key Management for High Delay Networks. Chinese Journal of Electronics.2007,16(4):721-726.
[44]刘璟,周明天.大型动态多播群组的密钥管理和访问控制[J].软件学报.2002,vol13(2).291-297.
[45]朱文涛,熊继平,李津生等.安全组播密钥管理的层次结构研究.电子与信息学报.2004,26(1).7-13.
[46]Crampton J, Martin K, Wild P. On key assignment for hierarchical access control. In:Guttan J, ed, Proc. of the 19th IEEE Computer Security Foundations Workshop—CSFW 2006. Venice:IEEE Computer Society Press,2006.5-7.
[47]Malek B, Miri A. Combining attribute-based and access systems. In:Muzio JC, Brent RP, eds. Proc.IEEE CSE2009,12th IEEE Int'l Conf. on Computational Science and Engineering IEEE Computer Society,2009.305-312.
[48]Boneh D, Franklin M. Identity-Based encryption from the Weil pairing. SIAM Journal on Computing,2003,32(3):586-615.
[49]郭代飞,隋爱芬.一种用于防止文档被未授权访问的方法和装置.中国专利:CN101937501A,2011-1-5.
[50]PARK J, SANDHU R. Towards usage control models:beyond traditional access control [C]. ACM Symposium on Access control Models and Technologies,2002,2(3):57-64.
[51]Zhang X, Li Y, Nalla D. An attribute-based access matrix model[C]. In:proceedings of the 2005 ACM Symposium on applied computing,2005,359-363.
[52]Wang L Y, WIJESEKERA D, JAJODIA S. A logic-based framework for attribute based access control [A]. Proceedings of the 2004 ACMWorkshop on Formal Methods in Security Engineering[C].2004.45-55
[53]E Bertinol,A C Squicciarini,I Paloscia,et al.Ws-AC:A fine grained access control system for web services[J].World Wide Web,2006,9(2):143-171.
[54]Fareed Zaffer, Gershon Kedem. Paranoid:A Global Secure File Aceess Control System[J]. Proceedings of the 21st Annual Computer Security Applications Conference IEEE2005.
[55]赵铭伟,毛锐,江荣安.基于过滤驱动的透明加密文件系统模型.计算机工程,2009,35(1):150-152.
[56]刘功建,基于文档保护的数字权限管理系统设计与实现[硕士学位论文].山东,山东大学,2008.
[57]谷利泽,郑世慧,杨义先等.现代密码学教程.北京,北京邮电大学出版社,2009.
[58]刘建伟,王育民.网络安全——技术与实践.北京,清华大学出版社,2005.
[59]章照止.现代密码学基础.北京,北京邮电大学出版社,2004.
[60]B.W.Lampson.Protection.In:5th Princton Symposium on Information Science and Systems, 1971,437-443. Reprinted in ACM Operating Systems Reviews,1974,8(1):18-24.
[61]R.S.Sandhu. Role Hierarchies and Constraints for Lattice-Based Access Control. In:4th European Symposium on Research in computer Security, Rome, Italy,1996.25-27.
[62]D F Ferraiolo, D R Kuhn. Role-based access control [A]. In Proc.of 15th National Computer Security Conference[C].October,1992,554-563.
[63]鲁建锋,卢正鼎.访问控制策略的安全与效用优化方法研究[博士学位论文].武汉,华中科技大学,2010.
[64]PARK J, SANDHU R. Usage Control:A vision for next generation access control [C]. International Workshop on Mathematical Methods, Models and Architectures for Computer Networks Security,2003,2(1):17-31
[65]PARK J, SANDHU R. The UCONABC usage control model[J].ACM Transactions on Information and Systems Security,2004,7(1):128-174.
[66]俞银燕,汤帜.数字版权保护技术研究综述.计算机学报,2005,28(12):1957-1968.
[67]Kwok S.H, Lui S.M. A license management model to support B2C and C2C music sharing.In: Proceedings of the 10th International World Wide Web Conference (W WW 10), Hong Kong, 2001:136-137.
[68]Kwok S.H, Lui S.M. A license management model for peer-to-peer music sharing. International Journal of information Technology and Decision Making,2002,1(3):541-558.
[69]D.Boneh and X.Boyen. Secure Identity Based Encryption without Random Oracles. In CRYPTO 2004, LNCS3027,2004,443-459.
[70]Diffie W, Hellman M E. New directions in cryptography [J]. IEEE Trans on Information Theory, 1976,22(6):644-654.
[71]Boneh D. The decision Diffie-Hellman problem [G]//LNCS 1423:Proc of the 3rd Int Symp on Algorithmic Number Theory. Berlin:Springer,1998:48-63.
[72]Boneh D, Franklin M. Identity-based encryption from the Weil pairing [J]. SLAM Journal of Computing,2000,32(3):586-615.
[73]A. Shamir. Identity based cryptosystems and signature scheme. In proc. Of CRYPTO'84, LNCS. Vol.196, Springer-Verlag,47-53,1984.
[74]D.M.Wallner, E.J.Harder and R.C. Agee. Key management for multieast:Issues and architectures.1999.
[75]C.K.Wong, M.Gouda and S.S. Lam. Secure group communications using key graphs. IEEE Tran. Networks.2000, Vol 8(8):16-30.
[76]M.Waldvogel, G.Caronni, D.Sun, N.Weiler and B.Plattner. The versa key framework:versatile group key management. IEEE Journal on Selected Areas in Communications (Special Issue on Middleware),1999, Vol 17:(9),1614-1631.
[77]A.T. Sherman and D.A. McGrew. Key establishment in large dynamic groups using One-way function trees. IEEE Transactions on Software Engineering,2003,Vol 29:(5) 444-458.
[78]Dinsmore P T, Balenson D M, Heyman Met al. Policy-based security management for large dynamic groups:An overview of the DCCM project. In:Proc the DARPA Information Survivability Conference & Exposition, SC, USA,2000.64-73.
[79]Yongquan Cai, Xiuying Li. An Improved Identity-based Fault-tolerant Conference Key Distribution Scheme. Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, IEEE Computer Society,2007,345-349.
[80]A. Shamir. How to share a secret, Communications of ACM,24(11), pp.612-613,1979.
[81]R.J. McEliece and D.V. Sarwate. On sharing secrets and Reed-Solomon codes. Communication of ACM,26(9), pp.583-584,1981.
[82]M. Bellare and P. Rogaway. Random oracles are practical:a paradigm for designing efficient protocols. In Proc. of the 1st ACM Conference on Computer and Communication Security (CCS),1993,62-73.
[83]Canetti R, Goldreich O, Halevi S. The random oracle methodology, revisited. In Proceedings of the STOC1998, Texas, USA,1998:209-218.
[84]冯登国.可证明安全性理论与方法研究.软件学报,2005,16(10):1743-1756.
[85]Shao J, Cao Z. CCA-secure proxy re-encryption without Pairings. In:Public Key CryPtography. LNCS 5443. Berlin:Springer-Verlag,2009,357-376.
[86]邵俊.代理重密码的研究.博士学位论文.上海:上海交通大学.2008.
[87]Weng J, Deng R H, Ding X,et al. Conditional Proxy re-encryption secure against chosen-ciphertext attack. In:ASIAN ACM Symposium on Information, Computer and Communications Security, ASIACCS,2009,322-332.
[88]翁健,陈泯融,杨艳江等.无需随机预言机的自适应攻陷模型下选择密文安全的单向代理重加密方案.中国科学:信息科学,2010,Vol 40(2):298-312
[89]G. Taban, A. A. Cardenas, and V. D. Gligor. Towards a secure and interoperable DRM architecture. In Proceedings of the 6th ACM workshop on Digital Rights Management,2006, 69-78.
[90]D.-W. Nam, J.-S. Lee and J.-H. Kim. Interlock system for DRM interoperability of streaming contents. In Proceedings of IEEE International Symposium on Consumer Electronics 2007 (ISCE 2007),2007.
[91]Sangho L, Heejin P, Jong K. A secure and mutual-profitable DRM interoperability scheme. In: Computers and Communications (ISCC),2010,75-80.
[92]Qin Q, Zhi T, Yinyan Y. A decentralized authorization scheme for DRM in P2P file-sharing systems. In:Consumer Communications and Networking Conference(CCNC),2011,136-140.
[93]Beimel A. Secure schemes for secret sharing and key distribution [D]. Technion:Israel Institute of Technology,1996.
[94]H.Anton and C.Rorres. Elementary Linear Algebra,9th Edition.2005.
[95]Sahai A, Waters B. Fuzzy identity-based encryption. In:Cramer R,ed. Advances in Cryptology-EUROCRYPT 2005. Berlin, Heidelberg:Springer-Verlag,2005.457-473.
[96]Goyal V, Pandey O, Sahai A, Waters B. Attribute-Based encryption for fine-grained access control of encrypted data. In:Proceeding of the 13th ACM Conference on Computer and Communications Security. New York:ACM Press,2006,89-98.
[97]Yu S, Ren K, Lou W. Attribute-Based content distribution with hidden policy. In:Proceeding of the 4th Workshop on Secure Network Protocols(NPSec).Orlando:IEEE Computer Society,2008.39-44.
[98]Traynor P, Butler K,Enck W, Mcdaniel P. Realizing massive-scale conditional access systems through attribute-based cryptosystems. In:Proceeding of the 15th Annual Network and Distributed System Security Symp.(NDSS 2008).San Diego:USENIX Association,2008.1-13.
[99]Cheung L,Newport C.Provably secure ciphertext policy ABE.In:Proc. of the ACM Conf. on Computer and Communications Security. New York:ACM Press,2007.456-?465.
[100]Cheung L, Cooley JA, Khazan R, Newport C. Collusion-Resistant group key management using attribute-based encryption.http://eprint.iacr.org/2007/161.pdf
[101]Yu S, Ren K, Lou W. Attribute-Based on-demand multicast group setup with membership anonymity. Computer Networks,2010,54(3):377-386.
[102]Baden R, Bender A, Spring N, Bhattacharjee B, Starin D. Persona:An online social network with user-defined privacy. In:Proceeding of the ACM SIGCOMM 2009 Conference on Data Communication. New York:ACM Press,2009.135-146.
[103]Bethencourt J, Sahai A., Waters B. Ciphertext-policy attribute-based encryption. In:IEEE Symposium on Security and Privacy, IEEE Computer Society.2007,321-334.
[104]Rafail Ostrovsky, Amit Sahai, and Brent Waters. Attribute-based encryption with non-monotonic access structures. In ACM Conference on Computer and Communications Security,2007,195-203.
[105]Ling Cheung, Calvin Newport. Provably secure ciphertext policy ABE. In ACM Conference on Computer and Communications Security,2007,456-465.
[106]Bethencourt J, Sahai A., Waters B. Ciphertext-policy attribute-based encryption. In:IEEE Symposium on Security and Privacy, IEEE Computer Society.2007,321-334.
[107]Vipul Goyal, Abhishek Jain, Omkant Pandey, and Amit Sahai. Bounded ciphertext policy attribute based encryption. In ICALP(2),2008,579-591.
[108]Ibraimi L, Asim M, retkovic M. An encryption scheme for a secure policy updating. In: proceeding of the 2010 International Conference on Security and Cryptography (SECRYPT), Athens, Greece,2010.
[109]Amos Beimel. Secure Schemes for Secret Sharing and Key Distribution[D], Israel Institute of Technology,Technion,Haifa,Israel,1996.
[110]Biham E. New Types of cryptanalytic attacks using related keys[M]. Springer-Verlag,1993, 398-409.
[111]Cheung S.C, Curreern H. Rights protection for digital contents redistribution over the Internet. In:Proceedings of the 26th Annual International Computer Software and Applications Conference(COMPSAC'02), IEEE Computer Society, Oxford, UK,2002,105-110.