English  |  正體中文  |  简体中文  |  Items with full text/Total items : 43312/67235
Visitors : 2049852      Online Users : 3
RC Version 5.0 © Powered By DSPACE, MIT. Enhanced by NTU/NCHU Library IR team.

Please use this identifier to cite or link to this item: http://nchuir.lib.nchu.edu.tw/handle/309270000/154546

標題: 雲端環境下重加密技術之研究
A Study of Re-encryption Scheme in Cloud Environment
作者: 鍾佩珊
Chung, Pei-Shan
Contributors: 黃明祥
資訊管理學系所
關鍵字: 雲端運算;資料儲存;重加密;資料機密性
Cloud computing;data storage;re-encryption;data confidentiality
日期: 2013
Issue Date: 2013-11-21 10:49:32 (UTC+8)
Publisher: 資訊管理學系所
摘要: 隨著網際網路技術的發展,雲端運算的觀念也隨之出現。透過網際網路的低成本與便利性,雲端可以提供眾多服務給使用者,大致上分為:架構即服務、平台即服務、軟體即服務以及儲存即服務(Storage as a Service),而在這些服務當中,儲存即服務讓使用者利用雲端提供的儲存空間存取資料,在任何有網路的地點就可以下載檔案,不受空間時間的限制,也因為這樣的便利性,使得雲端儲存服務儼然成為重要的服務之ㄧ。在雲端儲存服務中,為了保護資料的機密性並同時達到資料的完整性,重加密是一項重要的技術。重加密技術可以被分類為兩種,無代理者的重加密技術與透過代理者的重加密技術。無代理者的重加密技術指的是由資料擁有者執行重加密運算,而透過代理者的重加密技術指的是由資料擁有者委託重加密權限給雲端去進行重加密運算。
在本研究中,根據重加密技術的分類,提出兩種不同的重加密技術。本研究從無代理者的重加密技術開始介紹,此方法是基於完整性與機密性金鑰管理方法(IC-Lock Scheme),且為了驗證資料完整性,資料擁有者將加密檔案重新加密。在此方法中,資料擁有者不須儲存額外的解密金鑰,只需使用她的私密金鑰就可以解密檔案。接著,本研究以透過代理者的重加密技術的介紹作為結尾。此方法是基於具代理密文轉換特性之屬性加密技術(ciphertext policy attribute-based proxy re-encryption scheme),此方法的資料擁有者除了在加密運作外,可以經常保持離線狀態。在此方法中,加密檔案可以分享給其他的資料使用者,而資料使用者只需使用自己的秘密金鑰就可以將檔案解密。此外,我們會在各個重加密技術介紹完後,分析此重加密技術的安全性並與其他相關技術進行效能的比較。
The concept of cloud computing is appearing with the development of Internet technology. Through the internet, the cloud can provide many application services for users, one main issue related to cloud services is cloud storage service because of its convenience and low storage cost. Moreover, re-encryption scheme is also an important technology for data confidentiality and data integrity in data storage. Re-encryption scheme can be roughly categorized as either “without proxy” or “with proxy”. Re-encryption scheme without proxy means that the data owner executes the re-encryption operation by herself, and re-encryption scheme with proxy means that the data owner delegates the re-encryption right to the cloud and the cloud executes the re-encryption operation.
In this study, according to the types of re-encryption scheme, we proposed two different re-encryption schemes. This research started from re-encryption scheme without proxy, this proposed scheme is based on IC-Lock scheme, and the data owner would re-encrypt the encrypted data for verifying the data integrity. In this proposed scheme, the data owner just uses her own private key to decipher the encrypted data, and she doesn’t need to store additional decryption keys. In addition, re-encryption scheme with proxy was proposed as the end in this research. This proposed scheme is based on ciphertext policy attribute-based proxy re-encryption scheme, and the data owner can be always offline except encryption operation. In this proposed scheme, the encrypted data can be shared with other data users, and the data user just uses his own secret key to decipher the encrypted data. At last, we also analyze the security and compare the performance for each re-encryption scheme.
Appears in Collections:[依資料類型分類] 碩博士論文

Files in This Item:

File SizeFormat
index.html0KbHTML184View/Open


 


學術資源

著作權聲明

本網站為收錄中興大學學術著作及學術產出,已積極向著作權人取得全文授權,並盡力防止侵害著作權人之權益。如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員,將盡速為您處理。

本網站之數位內容為國立中興大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用。

聯絡網站維護人員:wyhuang@nchu.edu.tw,04-22840290 # 412。

DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU/NCHU Library IR team Copyright ©   - Feedback