Please wait a minute...
 首页  期刊介绍 期刊订阅 联系我们 横山亮次奖 百年刊庆
 
最新录用  |  预出版  |  当期目录  |  过刊浏览  |  阅读排行  |  下载排行  |  引用排行  |  横山亮次奖  |  百年刊庆
清华大学学报(自然科学版)  2016, Vol. 56 Issue (5): 504-510    DOI: 10.16511/j.cnki.qhdxxb.2016.25.008
  信息安全 本期目录 | 过刊浏览 | 高级检索 |
基于多分支路径树的云存储数据完整性验证机制
李勇1,2, 姚戈1, 雷丽楠1, 张晓菲3, 杨鲲4
1. 北京交通大学 电子信息工程学院, 北京 100044;
2. 福建师范大学 福建省网络安全与密码技术重点实验室, 福州 350007;
3. 中国信息安全测评中心, 北京 100085;
4. 中国计量科学研究院, 北京 100029
LBT-based cloud data integrity verification scheme
LI Yong1,2, YAO Ge1, LEI Linan1, ZHANG Xiaofei3, YANG Kun4
1. School of Electronic and Information Engineering, Beijing Jiaotong University, Beijing 100044, China;
2. Fujian Provincial Key Laboratory of Network Security and Cryptology, Fujian Normal University, Fuzhou 350007, China;
3. China Information Technology Security Evaluation Center, Beijing 100085, China;
4. National Institute of Metrology, Beijing 100029, China
全文: PDF(1097 KB)  
输出: BibTeX | EndNote (RIS)      
摘要 随着云存储技术的发展, 为了节约存储成本, 越来越多的用户选择将数据存储在云端, 但同时用户也失去了对数据的控制权, 无法确保云端数据的完整性。因此, 云服务提供商(cloud service provider, CSP)需要通过一种有效的协议向用户提供数据完整性证明。目前许多方案仍存在无法支持全动态(插入、修改和删除)更新, 或方案计算、存储和通信开销大等问题。针对上述问题, 该文提出基于多分支路径树(large branching tree, LBT)的数据完整性验证机制, 通过构建结构简单的认证树, 简化动态更新过程, 实现全动态更新。实验结果表明: 该方案在动态更新过程中, 能够减少协议各实体的计算负担, 高效完成大量数据更新的云存储数据完整性验证。
服务
把本文推荐给朋友
加入引用管理器
E-mail Alert
RSS
作者相关文章
李勇
姚戈
雷丽楠
张晓菲
杨鲲
关键词 云存储数据完整性数据持有性证明数据可恢复性证明    
Abstract:With the rapid growth of cloud storage, more and more users are choosing to store their data in the cloud to reduce storage costs. However, users then lose control of the data and the data integrity cannot be ensured. Thus, cloud service providers (CSP) need to provide proof to users that their data is secure through an efficient integrity verification protocol. A number of feasible schemes have been proposed, but they have trouble supporting fully dynamic operations including insert, modify, and delete and they have large computing, storage and communication costs. This paper presents a data integrity verification scheme based on a large branching tree (LBT). The scheme supports fully dynamic updates and simplifies the dynamic update process by constructing a simple authentication tree. Tests show that the scheme reduces the computation of burden of the entities so that the method can be efficiently applied in the cloud environment to verify data integrity with frequent update operations.
Key wordscloud storage    data integrity    provable data prossession    proofs of retrievability
收稿日期: 2016-01-22      出版日期: 2016-05-15
ZTFLH:  TP393  
引用本文:   
李勇, 姚戈, 雷丽楠, 张晓菲, 杨鲲. 基于多分支路径树的云存储数据完整性验证机制[J]. 清华大学学报(自然科学版), 2016, 56(5): 504-510.
LI Yong, YAO Ge, LEI Linan, ZHANG Xiaofei, YANG Kun. LBT-based cloud data integrity verification scheme. Journal of Tsinghua University(Science and Technology), 2016, 56(5): 504-510.
链接本文:  
http://jst.tsinghuajournals.com/CN/10.16511/j.cnki.qhdxxb.2016.25.008  或          http://jst.tsinghuajournals.com/CN/Y2016/V56/I5/504
  图1 LBT结构
  图2 云服务提供商构建的LBT结构
  图3 在数据块mi 后插入文件f
  表1 方案性能比较
  图4 出度树的构建时间
  图5 CSP生成证据的时间
  图6 TPA 验证时间
[1] 冯登国, 张敏, 张妍, 等. 云计算安全研究[J]. 软件学报, 2011,22(1):71-83. FENG Dengguo, ZHANG Min, ZHANG Yan, et al. Study on cloud computing security[J].Journal of Software, 2011,22(1):71-83. (in Chinese)
[2] Ateniese G, Burns R, Curtmola R. Provable data possession at untrusted stores[C]//Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS 2007). New York, USA:ACM Press, 2007:598-609.
[3] Ateniese G, Pietro R D, Mancini L, et al. Scalable and efficient provable data possession[C]//Proceedings of the 4th International Conference on Security and Privacy in Communication Networks (SecureComm'08). New York, USA:ACM Press, 2008:1-10.
[4] WANG Huaqun. Identity-based distributed provable data possession in multicloud storage[J].IEEE Transactions on Services Computing, 2015,8(2):328-340
[5] Juels A, Kaliski B S. PORs:Proofs of retrievability for large files[C]//Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS 2007). New York, USA:ACM Press, 2007:584-597.
[6] Shacham H, Waters B. Compact proofs of retrievability[C]//Proceedings of 14th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT'08). Berlin, Germany:Springer-Verlag Press, 2008:90-107.
[7] 谭霜, 贾焰, 韩伟红. 云存储中的数据完整性证明研究及进展[J]. 计算机学报, 2015,38(1):164-177. TAN Shuang, JIA Yan, HAN Weihong. Research and development of provable data integrity in cloud storage[J].Chinese Journal of Computers, 2015,38(1):164-177. (in Chinese)
[8] Erway C, Kupccu A, Papamathou C, et al. Dynamic provable data possession[C]//Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS 2009). New York, USA:ACM Press, 2009:213-222.
[9] ZHU Yan, HU Hongxin, AHN G J, et al. Efficient audit service outsourcing for data integrity in clouds[J].Journal of Systems and Software, 2012,85(5):1083-1095.
[10] ZHU Yan, HU Hongxin, AHN G J, et al. Cooperative provable data possession for integrity verification in multi-cloud storage[J].IEEE Transactions on Parallel and Distributed Systems, 2012,23(12):2231-2244.
[11] WANG Qian, WANG Cong, LI Jin, et al. Enabling public verifiability and data dynamics for storage security in cloud computing[C]//Proceedings of 14th European Symposium on Research in Computer Security (ESORICS 2009). Berlin, Germany:Springer-Verlag Press, 2009:355-370.
[12] Boneh D, Lynn B, Shacham H. Short signatures from the weil pairing[C]//Proceedings of Seventh International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT'01). Berlin, Germany:Springer-Verlag Press, 2001:514-532.
[1] 曹来成, 吴琪瑞, 王娅菲, 吴蓉, 郭显. 基于语义的多用户高效搜索方案[J]. 清华大学学报(自然科学版), 2021, 61(11): 1228-1233.
[2] 曹来成, 刘宇飞, 董晓晔, 郭显. 基于属性加密的用户隐私保护云存储方案[J]. 清华大学学报(自然科学版), 2018, 58(2): 150-156.
[3] 邹静, 李斌, 张利, 骆扬, 孙运传, 李世贤. 基于Hash聚合动态数据持有性方案安全性分析[J]. 清华大学学报(自然科学版), 2017, 57(11): 1145-1149,1158.
[4] 曹来成, 何文文, 刘宇飞, 郭显, 冯涛. 跨云存储环境下协同的动态数据持有方案[J]. 清华大学学报(自然科学版), 2017, 57(10): 1048-1055.
[5] 王伟平, 张俊峰, 王建新. 基于零空间的网络编码云存储完整性校验方案[J]. 清华大学学报(自然科学版), 2016, 56(1): 83-88,96.
[6] 杨东日, 王颖, 刘鹏. 一种副本复制和纠错码融合的云存储文件系统容错机制[J]. 清华大学学报(自然科学版), 2014, 54(1): 137-144.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
版权所有 © 《清华大学学报(自然科学版)》编辑部
本系统由北京玛格泰克科技发展有限公司设计开发 技术支持:support@magtech.com.cn