电力终端基于信任和信誉的灵活数据访问控制

为了解决当前电力缴费终端身份认证和访问控制中存在的口令嗅探、重放攻击、越权操作等问题,提出了一种基于信任和信誉的灵活数据访问控制方案,结合云计算技术将其应用到电力终端设备数据访问控制中。该方案通过使用基于属性的加密和代理重加密、终端设备评估的信任级别和由多个信誉中心生成的用户信誉来共同控制电力终端的数据访问,将用户信任级别和信誉评估的概念集成到加密系统中,以支持各种控制方案和访问策略。通过对所提出方案的安全性和性能分析,证明该方案访问控制的细粒度,数据保密性良好,通信开销灵活可控,计算复杂度低,减少了电力终端设备的负担。

Flexible data-access control based on trust and reputation of power terminals

In order to solve the problems of password sniffing, replay attack and unauthorized operation in the current power payment terminal identity authentication and access control, in this paper a flexible data-access control scheme based on trust and reputation is proposed, which is applied to the power-terminal equipment data-access control in combination with cloud computing technology. The scheme controls the data access of the power terminal jointly by using attribute-based encryption and proxy re-encryption, the trust level evaluated by the terminal device and the user reputation generated by multiple reputation centers, and integrates the concept of user trust level and reputation evaluation into the encryption to support various control schemes and access strategies. Through the security and performance analysis of the proposed scheme, the fine-grained access control is proved, the data confidentiality is good, the communication overhead is flexible and controllable, the computational complexity is low, and the burden of the power terminal equipment is reduced.