A Quantum Authorization Management Protocol Based on EPRPairs

作     者：Yan Chang Shibin Zhang Lili Yan Guihua Han Haiquan Song Yan Zhang Xueyang Li Qirun Wang 

作者机构：College of Information Security EngineeringChengdu University of Information TechnologyChengdu610225China School of engineering and technologyUniversity of HertfordshireHertfordUK 

出 版 物：《Computers, Materials & Continua》 (计算机、材料和连续体（英文）)

年 卷 期：2019年第59卷第6期

页      面：1005-1014页

核心收录：

学科分类：0831[工学-生物医学工程（可授工学、理学、医学学位）] 0808[工学-电气工程] 0809[工学-电子科学与技术（可授工学、理学学位）] 08[工学] 0805[工学-材料科学与工程（可授工学、理学学位）] 0701[理学-数学] 0801[工学-力学（可授工学、理学学位）] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：Application Foundation Project of Sichuan Province of China, (2017JY0168) Fund for Middle and Young Academic Leaders of CUIT, (J201511) Sichuan academic and technical leaders training funding support projects, (2016120080102643) Sichuan innovation, (17TD0009) National Natural Science Foundation of China, NSFC, (61402058, 61572086) National Key Research and Development Program of China, NKRDPC, (2017YFB0802302) 

主　　题：Quantum authorization management entanglement swapping fin-grained rights division 

摘      要：Quantum authorization management(QAM)is the quantum scheme for privilege management infrastructure(PMI)problem.Privilege management(authorization management)includes authentication and authorization.Authentication is to verify a user’s identity.Authorization is the process of verifying that a authenticated user has the authority to perform a operation,which is more fine-grained.In most classical schemes,the authority management center(AMC)manages the resources permissions for all network nodes within the jurisdiction.However,the existence of AMC may be the weakest link of the whole scheme.In this paper,a protocol for QAM without AMC is proposed based on entanglement swapping.In this protocol,Bob(the owner of resources)authenticates the legality of Alice(the user)and then shares the right key for the resources with Alice.Compared with the other existed QAM protocols,this protocol not only implements authentication,but also authorizes the user permissions to access certain resources or carry out certain actions.The authority division is extended to fin-grained rights division.The security is analyzed from the four aspects:the outsider’s attack,the user’s attack,authentication and comparison with the other two QAM protocols.