UCAP：云计算中一种PCL安全的用户认证协议

doi:10.11959/j.issn.1000-436x.2018147

通信学报 ›› 2018, Vol. 39 ›› Issue (8): 94-105.doi: 10.11959/j.issn.1000-436x.2018147

UCAP：云计算中一种PCL安全的用户认证协议

李学峰^1,²,张俊伟²,马建峰²

¹ 青海广播电视大学教育信息技术与资源建设中心，青海西宁 810008
² 西安电子科技大学计算机学院，陕西西安 710071

修回日期:2018-07-01 出版日期:2018-08-01 发布日期:2018-09-13
作者简介:李学峰（1975-），男，安徽宿州人，青海广播电视大学副教授，“西部之光”访问学者（在西安电子科技大学访学），主要研究方向为密码学、协议设计与形式化分析等。|张俊伟（1982-），男，陕西西安人，博士，西安电子科技大学副教授，主要研究方向为密码学、网络安全等。|马建峰（1963-），男，陕西西安人，博士，西安电子科技大学教授、博士生导师，主要研究方向为信息安全、密码学与无线网络安全等。
基金资助:
国家自然科学基金资助项目(61472310);国家自然科学基金资助项目(61372075);国家高技术研究发展计划（“863计划”）基金资助项目(2015AA016007);青海社会科学规划课题基金资助项目(16034)

UCAP:a PCL secure user authentication protocol in cloud computing

Xuefeng LI^1,²,Junwei ZHANG²,Jianfeng MA²

¹ Education Information Technology and Resource Construction Center,Qinghai Radio ＆Television University,Xining 810008,China
² School of Computer Science ＆Technology,Xidian University,Xi’an 710071,China

Revised:2018-07-01 Online:2018-08-01 Published:2018-09-13
Supported by:
The National Natural Science Foundation of China(61472310);The National Natural Science Foundation of China(61372075);The National High Technology Research and Development Program of China (863 Program)(2015AA016007);The Social Science Planning Project of Qinghai(16034)

摘要/Abstract

摘要：

云计算利用网络使 IT 服务变得弹性可变，如果用户需要登录到云端来使用服务与应用，系统需要确保使用者的身份合法，才能为其服务。为此，提出一种面向云计算协议组合逻辑（PCL,protocol composition logic）安全的用户认证协议（UCAP）。UCAP引入了可信第三方，使用基于对称加密密钥的认证方法，确保参与认证双方的相互认证，实现协议会话的认证性和密钥机密性。协议主要分成2个阶段：初始认证阶段，由可信第三方生成根会话密钥后，认证双方相互认证；重认证阶段，不需要可信第三方的参与，认证双方快速生成子会话密钥并实现相互认证。在协议组合逻辑模型下给出所提协议的形式化描述并利用顺序组合证明方法分析了所提协议的安全属性。同其他相关协议比较及实验分析表明，UCAP在不影响安全性的前提下，提高了用户认证的通信与计算效率，不但在重认证阶段不依赖可信第三方，而且整个过程不依赖可信第三方同步时钟。

关键词: 云计算, 用户认证, 协议组合逻辑, 机密性, 相互认证

Abstract:

As the combine of cloud computing and Internet breeds many flexible IT services,cloud computing becomes more and more significant.In cloud computing,a user should be authenticated by a trusted third party or a certification authority before using cloud applications and services.Based on this,a protocol composition logic (PCL) secure user authentication protocol named UCAP for cloud computing was proposed.The protocol used a symmetric encryption symmetric encryption based on a trusted third party to achieve the authentication and confidentiality of the protocol session,which comprised the initial authentication phase and the re-authentication phase.In the initial authentication phase,the trusted third party generated a root communication session key.In the re-authentication phase,communication users negotiated a sub session key without the trusted third party.To verify the security properties of the protocol,a sequential compositional proof method was used under the protocol composition logic model.Compared with certain related works,the proposed protocol satisfies the PCL security.The performance of the initial authentication phase in the proposed scheme is slightly better than that of the existing schemes,while the performance of the re-authentication phase is better than that of other protocols due to the absence of the trusted third party.Through the analysis results,the proposed protocol is suitable for the mutual authentication in cloud computing.

Key words: cloud computing, user authentication, protocol composition logic, confidentiality, mutual authentication

中图分类号:

TP309

李学峰,张俊伟,马建峰. UCAP：云计算中一种PCL安全的用户认证协议[J]. 通信学报, 2018, 39(8): 94-105.

Xuefeng LI,Junwei ZHANG,Jianfeng MA. UCAP:a PCL secure user authentication protocol in cloud computing[J]. Journal on Communications, 2018, 39(8): 94-105.

图/表 9

图1

表1

A、B、S角色执行动作Cord的描述"

第一阶段：初始认证阶段	第二阶段：重认证阶段
$U C A P_{1 A} = [< (v R_{A}) \hat{A}, \hat{B}, I D_{A}, {R_{A}, I D_{A}, I D_{B}}_{A_S} > (\hat{S}, \hat{A}, {z, w, R_{B}})$	$U C A P_{2 A} = [< (v R'_{A}) \hat{A}, \hat{B}, I D_{A}, {I D_{A}, K, T_{B}, E X P}_{B_S} >$
$(z / {K, I D_{B}, R_{A}, T_{B}, E X P}_{\bar{A_S}}) < \hat{A}, \hat{B}, w, u (u / {R_{B}}_{\bar{K}}) >]_{A}$	$(\hat{B}, \hat{A}, {I D_{B}, R'_{B}, u'}) (u' / {R'_{A}, I D_{A}, I D_{B}, R'_{B}}_{\bar{K'}}),$
	$< (\hat{A}, \hat{B}, {R'_{B}, I D_{A}, I D_{B}, R'_{A}}_{K'} (K' / H a s (K, R'_{A}, R'_{B})) >]_{A}$
$U C A P_{1 B} = [(I D_{A}, x), < (v R_{B}) \hat{B}, \hat{S}, I D_{B}, I D_{A} {x, T_{B}, I D_{A}, E X P}_{B_S}, R_{B} >$	$U C A P_{2 B} = [(\hat{A}, \hat{B}, w) (v R'_{B}) (w / {K, A, T_{B}, I D_{A} E X P}_{\bar{K}}),$
$(\hat{A}, \hat{B}, w, u) (w / {K, I D_{A}, T_{B}, E X P}_{\bar{B_S}}) (u / {R_{B}}_{\bar{K}})]_{B}$	$< (\hat{B}, \hat{A}, {I D_{B}, R' {}_{B}, {R'_{A}, I D_{A}, I D_{B}, R'_{B}}_{K'}}) >,$
	$(\hat{A}, \hat{B}, {u''} (K' / H a s (K', R'_{A}, R'_{B})) (u'' / {R'_{B}, I D_{A}, I D_{B}, R'_{A}}_{\bar{K}'}))]_{B}$
$U C A P_{1 S} = [(\hat{B}, \hat{S}, {I D_{B}, y, R_{B}, E X P}) (x / {R_{A}, I D_{A}, I D_{B}}_{\bar{A_S}})$
$(y / {x, T_{B}}_{\bar{B_S}}) (I D_{B} / \hat{B}) < (v K) \hat{S}, \hat{A}, {z, w, R_{B}} >]_{S}$

表1

表2

UCAP的前提条件"

第一阶段UCAP₁的前提条件	第二阶段UCAP₂的前提条件
$θ_{U C A P_{1}} = H a s (A, A_S) \land H a s (B, B_S) \land H a s (S, A_S) \land H a s (S, B_S)$	$θ_{U C A P_{2}} = H a s (A, B_S) \land H a s (B, B_S) \land H a s (B, K) \land H a s (A, K)$

表2

表3

UCAP安全属性"

第一阶段UCAP₁的安全属性	第二阶段UCAP₂的安全属性
$ϕ_{U C A P_{1. a u t h}} = H o n e s t (\hat{A}) \land H o n e s t (\hat{B}) \land H o n e s t (\hat{S}) \supset \exists B . A c t i o n I n O r d e r ($	$ϕ_{U C A P_{2 .auth}} = H o n e s t (\hat{A}) \land H o n e s t (\hat{B})) \supset \exists B . A c t i o n I n O r d e r ($
$S e n d (A, {\hat{A}, \hat{B}, I D_{A}, {R_{A}, I D_{A}, I D_{B}}_{A_S}}),$	$S e n d (A, {\hat{A}, \hat{B}, I D_{A}, R'_{A}, {I D_{A}, K, T_{B}, E X P}_{B_S}}),$
$R e c e i v e (B, {\hat{A}, \hat{B}, A, {R_{A}, I D_{A}, I D_{B}}_{A_S}}),$	$R e c e i v e (B, {\hat{A}, \hat{B}, I D_{A}, R'_{A}, {I D_{A}, K, T_{B}, E X P}_{B_S}),$
$S e n d (B, {\hat{B}, \hat{S}, I D_{B}, {R_{A}, I D_{A}, I D_{B}}_{A_S}, T_{B}}_{B_S}, I D_{A}, R_{B}),$	$S e n d (B, {\hat{B}, \hat{A}, I D_{B}, R'_{B}, {R'_{A}, I D_{A}, I D_{B}, R'_{B}}_{K'}}),$
$R e c e i v e (S, {\hat{B}, \hat{S}, I D_{B}, I D_{A}, {R_{A}, I D_{A}, I D_{B}}_{A_S}, T_{B}}_{B_S}, R_{B}),$	$R e c e i v e (A, {\hat{B}, \hat{A}, I D_{B}, R'_{B}, {R'_{A}, I D_{A}, I D_{B}, R'_{B}}_{K'}}),$
$S e n d (S, {\hat{S}, \hat{A}, {K, I D_{B}, R_{A}, T_{B}, E X P}_{A_S}, {K, I D_{A}, T_{B}, E X P}_{B_S}}, R_{B}),$	$S e n d (A, {\hat{A}, \hat{B}, {R'_{B}, I D_{A}, I D_{B}, R'_{A}}_{K'}),$
$R e c e i v e (A, {\hat{S}, \hat{A}, {K, I D_{B}, R_{A}, T_{B}, E X P}_{A_S}, {K, I D_{B}, T_{B}, E X P}_{B_S}}, R_{B}),$	$R e c e i v e (B, {\hat{A}, \hat{B}, {R'_{B}, I D_{A}, I D_{B}, R'_{A}}_{K'})$
$S e n d (A, {\hat{A}, \hat{B}, {K, I D_{A}, T_{B}, E X P}_{B_S}, {R_{B}}_{K}}),$
$R e c e i v e (B, {\hat{A}, \hat{B}, {{K, I D_{A}, T_{B}, E X P}_{B_S}, {R_{B}}_{K}})$
$ϕ_{U C A P_{1. \sec}} = H o n e s t (\hat{A}) \land H o n e s t (\hat{B}) \land H o n e s t (\hat{S}) \supset$	$ϕ_{U C A P_{2. \sec}} = H o n e s t (\hat{A}) \land H o n e s t (\hat{B}) \supset (H a s (Z, K)) \supset$
$(H a s (Z, K)) \land Z \neq \hat{S} \supset (Z = \hat{A} \lor Z = \hat{B}) \land H a s (\hat{A}, K) \land H a s (\hat{B}, K)$	$(Z = \hat{A} \lor Z = \hat{B}) \land H a s (\hat{A}, K') \land H a s (\hat{B}, K')$

表3

表4

UCAP的不变量"

第一阶段UCAP₁的不变量	第二阶段UCAP₂的不变量
$Γ_{U C A P, 1} = = H o n e s t (\hat{A}) \supset ((◇ S e n d (A, x_{0}) \land$	$Γ_{U C A P, 5} = = H o n e s t (\hat{A}) \supset ((◇ S e n d (A, x'_{0}) \land$
$C o n t a i n s (x_{0}, {R_{A}, I D_{A}, I D_{B}}_{A_S})$	$C o n t a i n s (x_{0}, {I D_{A}, K, T_{B}, E X P}_{B_S}) \land \neg ◇ F r e s h (A, R'_{A})) \supset$
$\land \neg ◇ F r e s h (\hat{A}, R_{A})) \supset ((x_{0} = {\hat{A}, \hat{B}, {K, I D_{A}, T_{B}, E X P}_{B_S}},$	$((x_{0} = {\hat{A}, \hat{B}, {K, I D_{A}, T_{B}, E X P}_{B_S}} \land A f t e r$
${R_{B}}_{K}, {R_{A}, I D_{A}, I D_{B}}_{A_S}) \land A f t e r$	$(R e c e i v e (A, {\hat{B}, \hat{A}, R'_{A} {K, \hat{A}, T_{B}, E X P}_{B_S}})), K^{'} = H a s ({R^{'}}_{B} \| \| K \| \| {R^{'}}_{A})$
$(Re c e i v e (A, {\hat{S}, \hat{A}, {K, I D_{B}, R_{A}, T_{B}, E X P}_{A_S},$	$S e n d (A, {\hat{A}, \hat{B}, {R'_{B}, I D_{A}, I D_{B}, R'_{A}}_{K'}))$
$S e n d (A, {\hat{A}, \hat{B}, {K, I D_{B}, T_{B}, E X P}_{B_S}}, {R_{B}}_{K}))$	$Γ_{U C A P, 6} = H o n e s t (\hat{B}) (\exists B ◇ S e n d (B, y_{0}) \land$
	$C o n t a i n s (y_{0}, {R'_{A}, I D_{A}, I D_{B}, R'_{B}}_{K'}))$
$Γ_{U C A P, 2} = H o n e s t (\hat{B}) (\exists B ◇ S e n d (B, y_{0}) \land$	$\supset ((y_{0} = {R'_{A}, I D_{A}, I D_{B}, R'_{B}}_{K'}) \land ◇ F r e s h (B, R'_{B}) \land$
$C o n t a i n s (y_{0}, {{R_{A}, I D_{A}, I D_{B}}_{A_S}, T_{B}}_{B_S})) \supset$	$A f t e r (R e c e i v e (B, {\hat{A}, \hat{B}, {I D_{A}, K, T_{B}, E X P}_{B_S}})),$
$((y_{0} = {\hat{A}, \hat{B}, I D_{A}, {R_{A}, I D_{A}, I D_{B}}_{A_S}, {{R_{A}, I D_{A}, I D_{B}}_{A_S}, T_{B}}_{B_S}, R_{B})$	$S e n d (B, {\hat{B}, \hat{A}, {{R'_{B}, I D_{A}, I D_{B}, R'_{A}}_{K'}}))$
$\land ◇ F r e s h (B, R_{B}) \land ◇ F r e s h (B, T_{B}) \land$	$Γ_{U C A P, 7} = (H a s (X', K) \supset \neg ((S e n d (X', m) \land C o n t a i n s (m, K'))$
$A f t e r (R e c e i v e (B, {\hat{A}, \hat{B}, I D_{A}, {R_{A}, I D_{A}, I D_{B}}_{A_S}})),$	$\land H a s (\hat{A}, K') \land H a s (\hat{B}, K'))$
$S e n d (B, {\hat{B}, \hat{S}, I D_{B}, I D_{A}, {{R_{A}, I D_{A}, I D_{B}}_{A_S}, T_{B}}_{B_S}, R_{B}}))$	$Γ_{U C A P_{2}} = Γ_{U C A P, 5} \land Γ_{U C A P, 6} \land Γ_{U C A P, 7}$
$Γ_{U C A P, 3} = H o n e s t (\hat{S}) (◇ S e n d (S, z_{0}) \land$
$C o n t a i n s (z_{0}, {K, I D_{B}, R_{A}, T_{B}, E X P}_{A_S}, {K, I D_{A}, T_{B}, E X P}_{B_S}))$
$\land ⊖ F r e s h (S, K) \supset ((z_{0} = {\hat{B}, \hat{S}, I D_{B}, {{R_{A}, I D_{A}, I D_{B}}_{A_S}, T_{B}}_{B_S}, R_{B}},$
${\hat{S}, \hat{A}, {K, I D_{B}, R_{A}, T_{B}, E X P}_{A_S}, {K, I D_{A}, T_{B}, E X P}_{B_S}, R_{B}} \land$
$A f t e r (R e c e i v e (S, {\hat{B}, \hat{S}, I D_{B}, I D_{A}, {{R_{A}, I D_{A}, I D_{B}}_{A_S}, T_{B}}_{B_S}, R_{B}})),$
$S e n d (S, {\hat{S}, \hat{A}, {K, I D_{B}, R_{A}, T_{B}, E X P}_{A_S}, {K, I D_{A}, T_{B}, E X P}_{B_S}, R_{B}}))$
$Γ_{U C A P, 4} = (H a s (X, K) \supset$
$\neg ((S e n d (X, m) \land C o n t a i n s (m, K)) \land H a s (\hat{A}, K) \land$
$H a s (\hat{B}, K) \land H a s (\hat{S}, A_S) \land H a s (\hat{S}, B_S))$
$Γ_{U C A P_{1}} = Γ_{U C A P, 1} \land Γ_{U C A P, 2} \land Γ_{U C A P, 3} \land Γ_{U C A P, 4}$

表4

表5

表6

表7

图2

参考文献 25

[1]	林闯, 苏文博, 孟坤 ,等. 云计算安全:架构,机制与模型评价[J]. 计算机学报, 2013,36(9): 1765-1784.
	LIN C , SU W B , MENG K ,et al. Cloud computing security:architecture ,mechanism and modeling[J]. Chinese Journal of Computers, 2013,36(9): 1765-1784.
[2]	KANDUKURI B R , RAKSHIT A . Cloud security issues[C]// IEEE International Conference on Services Computing. 2009: 517-520.
[3]	XIAO Z , XIAO Y . Security and privacy in cloud computing[J]. IEEE Communications Surveys ＆ Tutorials, 2013,15(2): 843-859.
[4]	BOYKO V , MACKENZIE P , PATEL S . Provably secure password-authenticated key exchange using Diffie-Hellman[C]// International Conference on the Theory and Applications of Cryptographic Techniques. 2000: 156-171.
[5]	MACKENZIE P , PATEL S , SWAMINATHAN R . Password-authenticated key exchange based on RSA[C]// International Conference on the Theory and Application of Cryptology and Information Security. 2000: 599-613.
[6]	BERTINO E , PACI F , FERRINI R ,et al. Privacy-preserving digital identity management for cloud computing[J]. Bulletin of the Technical Committee on Data Engineering, 2009,32(1): 21-27.
[7]	BRAINARD J , JUELES A , KALISKI B S ,et al. A new two-server approach for authentication with short secret[C]// The 12th Conference USENIX Security. 2003: 201-214.
[8]	KOHL J , NEUMAN C . The Kerberos network authentication service (v5)[R]. 1993.
[9]	HOJABRI M , . Innovation in cloud computing:implementation of Kerberos version5 in cloud computing in order to enhance the security issues[C]// 2013 International Conference on Information Communication and Embedded Systems (ICICES). 2013: 452-456.
[10]	ZISSIS D , LEKKAS D . Addressing cloud computing security issues[J]. Future Generation Computer Systems, 2012,28(3): 583-592.
[11]	BINU S , MISBAHUDDIN M , RAJ P . A mobile based remote user authentication scheme without verifier table for cloud based services[C]// The Third International Symposium on Women in Computing and Informatics. 2015: 502-509.
[12]	DATTA A . Security analysis of network protocols:compositional reasoning and complexity-theoretic foundations[D]. Stanford University, 2005.
[13]	ZHNG J , MA J F , YANG C . Protocol derivation system for the needham-schroeder family[J]. Security and Communication Networks, 2015,8(16): 2687-2703.
[14]	DATTA A , DEREK A , MITCHELL J C ,et al. Protocol composition logic (PCL)[J]. Electronic Notes in Theoretical Computer Science, 2007,172: 311-358.
[15]	ZHANG H , CHEN L . An efficient authentication protocol of WLAN and its security proof[C]// The 2008 International Conference on Communications and Networking. 2008: 1133-1137.
[16]	HE C , SUNDARARAJAN M , DATTA A ,et al. A modular correctness proof of IEEE 802.11i and TLS[C]// The 12th ACM conference on Computer and communications security. 2005: 2-15.
[17]	王丽丽, 冯涛, 马建峰 . 协议组合逻辑安全的 4G 无线网络接入认证方案[J]. 通信学报, 2012,33(4): 77-84.
	WANG L L , FENG T , MA J F . Secure access authentication scheme for 4G wireless network based on PCL[J]. Journal on Communications, 2012,33(4): 77-84.
[18]	URIEN P , MARIE E , KIENNERT C . An innovative solution for cloud computing authentication:grids of EAP-TLS smart cards[C]// 2010 Fifth International Conference on Digital Telecommunications (ICDT). 2010: 22-27.
[19]	LI C T , LEE C W , SHEN J J . A secure three-party authenticated keyexchange protocol based on extended chaotic maps in cloud storage service[C]// The 2015 International Conference on Information Networking (ICOIN). 2015: 31-36.
[20]	ZISSIS D , LEKKAS D . Addressing cloud computing security issues[J]. Future Generation Computer Systems, 2012,28(3): 583-592.
[21]	YIN X C , LIU Z G , LEE H J . An efficient and secured data storage scheme in cloud computing using ECC-based PKI[C]// 2014 16th International Conference on Advanced Communication Technology(ICACT). 2014: 523-527.
[22]	YAN L , RONG C , ZHAO G . Strengthen cloud computing security with federal identity management using hierarchical identity-based cryptography[C]// IEEE International Conference on Cloud Computing. 2009: 167-177.
[23]	GOEL A , GUPTA G , BHUSHAN M ,et al. Identity management in hybrid cloud[C]// 2015 International Conference on Green Computing and Internet of Things (ICGCIoT). 2015: 1096-1100.
[24]	YANG J H , LIN P Y . An ID-based user authentication scheme for cloud computing[C]// 2014 Tenth International Conference on Intelligent Information Hiding and Multimedia Signal (IIH-MSP). 2014: 98-101.
[25]	QIAN L , LUO Z , DU Y ,et al. Cloud computing:an overview[M]// Springer Berlin Heidelberg, 2009: 626-631.

协议	F₁	F₂	F₃	F₄	F₅	F₆	F₇	F₈
3PAKE	Y	Y	N	N	Y	N	Y	Y
EPP	Y	N	N	N	Y	N	Y	Y
IDP	Y	N	N	N	Y	N	N	Y
Kerberos	Y	Y	N	Y	Y	Y	N	Y
UCAP	Y	N	Y	Y	Y	Y	Y	Y

协议	用户		CSP		TTP		总计			CN
协议	IC	RC	IC	RC	IC	RC	IC	RC	IC	RC
Kerberos	3D+3E	3D+3E	2E	2E	3D+3E	3D+3E	6D+8E	6D+8E	6		6
3PAKE	4C+2H	4C+2H	4C+2H	4C+2H	5C	5C	13C+4H	13C+4H	5		5
EPP	Ec+3H+Kp+Dp	Ec+3H+Kp+Dp	Ec+3H+Kp+Dp	Ec+3H+Kp+Dp	2Ec+6H+2Kp+2Dp	2Ec+6H+2Kp+2Dp	4Ec+12H+4Kp+4Dp	4Ec+12H+4Kp+4Dp	5		5
IDP	12H+2M+1G+1R+2E+D	12H+2M+1G+1R+2E+D	8H+D+E	8H+D+E	6H+M+G+R	6H+M+G+R	26H+3M+2G+2R+3E+2D	26H+3M+2G+2R+3E+2D	7		7
UCAP	D+2E	E	2D+E	2D+E+H	2D+2E	—	5D+5E	2D+2E+H	4		3

协议	用户	CSP	TTP	总计
Kerberos	366	188	366	920
3PAKE	236	236	190	662
EPP	696	696	1 392	2 784
IDP	792	458	324	1 574
UCAP	155	171	122	448

UCAP：云计算中一种PCL安全的用户认证协议

UCAP:a PCL secure user authentication protocol in cloud computing

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 9

参考文献 25

相关文章 15

Metrics

推荐阅读 0

[1]	马玲, 樊漆亮, 许婷, 郭冠琛, 张圣林, 孙永谦, 张玉志. 基于强化学习的在线离线混部云环境下的调度框架[J]. 通信学报, 2023, 44(6): 90-102.
[2]	王圣宝, 周鑫, 文康, 翁柏森. 适用于智能电网的三方认证密钥交换协议[J]. 通信学报, 2023, 44(2): 210-218.
[3]	王化群, 刘哲, 何德彪, 李继国. 公有云中身份基多源IoT终端数据PDP方案[J]. 通信学报, 2021, 42(7): 52-60.
[4]	张键红, 武梦龙, 王晶, 刘沛, 姜正涛, 彭长根. 云环境下安全的可验证多关键词搜索加密方案[J]. 通信学报, 2021, 42(4): 139-149.
[5]	李瑞琪, 贾春福, 王雅飞. 基于NTRU的多密钥同态代理重加密方案及其应用[J]. 通信学报, 2021, 42(3): 11-22.
[6]	张嘉伟, 马建峰, 马卓, 李腾. 云计算中基于时间和隐私保护的可撤销可追踪的数据共享方案[J]. 通信学报, 2021, 42(10): 81-94.
[7]	王文娟, 杜学绘, 单棣斌. 基于动态概率攻击图的云环境攻击场景构建方法[J]. 通信学报, 2021, 42(1): 1-17.
[8]	田有亮,骆琴. 基于改进Merkle-Tree认证方法的可验证多关键词搜索方案[J]. 通信学报, 2020, 41(9): 118-129.
[9]	王娜,郑坤,付俊松,李剑. 基于分块的移动边缘计算密文检索方法[J]. 通信学报, 2020, 41(7): 95-102.
[10]	赵临东,庄文芹,陈建新,周亮. 异构蜂窝网络中分层任务卸载：建模与优化[J]. 通信学报, 2020, 41(4): 34-44.
[11]	梁冰,纪雯. 基于次模优化的边云协同多用户计算任务迁移方法[J]. 通信学报, 2020, 41(10): 25-36.
[12]	苏命峰,王国军,李仁发. 基于利益相关视角的多维QoS云资源调度方法[J]. 通信学报, 2019, 40(6): 102-115.
[13]	陈兴蜀,滑强,王毅桐,葛龙,朱毅. 云环境下SDN网络低速率DDoS攻击的研究[J]. 通信学报, 2019, 40(6): 210-222.
[14]	王万良, 臧泽林, 陈国棋, 屠杭垚, 王宇乐, 陆琳彦. 大规模云计算服务器优化调度问题的最优二元交换算法研究[J]. 通信学报, 2019, 40(5): 180-191.
[15]	王田,沈雪微,罗皓,陈柏生,王国军,贾维嘉. 基于雾计算的可信传感云研究进展[J]. 通信学报, 2019, 40(3): 170-181.