智能电网是结合双向通信技术融合各种电力设备的新型电力系统框架,智能电网中的业务数据包含敏感和私人信息,需要直接在数据层面实施细粒度的访问控制。本文提出了一种基于国密算法的智能电网数据密文策略属性基加密(CP-ABE)方案,通过在SM9-IBE算法的系统主密钥、系统公钥和用户私钥中增加了属性相关的组件,并在密文中引入了阈值树形式的访问结构,将SM9-IBE算法扩展为支持细粒度访问控制的CP-ABE算法,进而加密SM4分组密码算法密钥。只有符合访问策略的用户才能解密并获取对称密钥,而且方案能够抵抗合谋攻击。

Smart grid is a new power system framework that combines bidirectional communication technology and various electrical devices. The business data in the smart grid contains sensitive and private information, and thus fine-grained access control needs to be directly implemented at the data level. This paper proposes a Ciphertext-Policy Attribute-Based Encryption (CP-ABE) scheme for smart grid data based on Chinese national cryptography. By adding attribute related components to the system master key, system public key, and user secret key of the SM9-IBE algorithm, and introducing an access structure in the form of threshold tree to the ciphertext, the SM9-IBE algorithm is extended to support fine-grained access control in the CP-ABE scheme, which thereby encrypts the SM4 block cipher key. Only users who comply with the access policy can decrypt and obtain this symmetric key. Moreover, the scheme can resist collusion attacks.

TP391