|
|
- 2016
基于多分支路径树的云存储数据完整性验证机制
|
Abstract:
随着云存储技术的发展, 为了节约存储成本, 越来越多的用户选择将数据存储在云端, 但同时用户也失去了对数据的控制权, 无法确保云端数据的完整性。因此, 云服务提供商(cloud service provider, CSP)需要通过一种有效的协议向用户提供数据完整性证明。目前许多方案仍存在无法支持全动态(插入、修改和删除)更新, 或方案计算、存储和通信开销大等问题。针对上述问题, 该文提出基于多分支路径树(large branching tree, LBT)的数据完整性验证机制, 通过构建结构简单的认证树, 简化动态更新过程, 实现全动态更新。实验结果表明: 该方案在动态更新过程中, 能够减少协议各实体的计算负担, 高效完成大量数据更新的云存储数据完整性验证。
Abstract:With the rapid growth of cloud storage, more and more users are choosing to store their data in the cloud to reduce storage costs. However, users then lose control of the data and the data integrity cannot be ensured. Thus, cloud service providers (CSP) need to provide proof to users that their data is secure through an efficient integrity verification protocol. A number of feasible schemes have been proposed, but they have trouble supporting fully dynamic operations including insert, modify, and delete and they have large computing, storage and communication costs. This paper presents a data integrity verification scheme based on a large branching tree (LBT). The scheme supports fully dynamic updates and simplifies the dynamic update process by constructing a simple authentication tree. Tests show that the scheme reduces the computation of burden of the entities so that the method can be efficiently applied in the cloud environment to verify data integrity with frequent update operations.
| [1] | 谭霜, 贾焰, 韩伟红. 云存储中的数据完整性证明研究及进展[J]. 计算机学报, 2015,38(1):164-177. TAN Shuang, JIA Yan, HAN Weihong. Research and development of provable data integrity in cloud storage[J].Chinese Journal of Computers, 2015,38(1):164-177. (in Chinese) |
| [2] | Erway C, Kupccu A, Papamathou C, et al. Dynamic provable data possession[C]//Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS 2009). New York, USA:ACM Press, 2009:213-222. |
| [3] | Ateniese G, Burns R, Curtmola R. Provable data possession at untrusted stores[C]//Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS 2007). New York, USA:ACM Press, 2007:598-609. |
| [4] | Ateniese G, Pietro R D, Mancini L, et al. Scalable and efficient provable data possession[C]//Proceedings of the 4th International Conference on Security and Privacy in Communication Networks (SecureComm'08). New York, USA:ACM Press, 2008:1-10. |
| [5] | Shacham H, Waters B. Compact proofs of retrievability[C]//Proceedings of 14th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT'08). Berlin, Germany:Springer-Verlag Press, 2008:90-107. |
| [6] | 冯登国, 张敏, 张妍, 等. 云计算安全研究[J]. 软件学报, 2011,22(1):71-83. FENG Dengguo, ZHANG Min, ZHANG Yan, et al. Study on cloud computing security[J].Journal of Software, 2011,22(1):71-83. (in Chinese) |
| [7] | WANG Huaqun. Identity-based distributed provable data possession in multicloud storage[J].IEEE Transactions on Services Computing, 2015,8(2):328-340 |
| [8] | Juels A, Kaliski B S. PORs:Proofs of retrievability for large files[C]//Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS 2007). New York, USA:ACM Press, 2007:584-597. |
| [9] | ZHU Yan, HU Hongxin, AHN G J, et al. Efficient audit service outsourcing for data integrity in clouds[J].Journal of Systems and Software, 2012,85(5):1083-1095. |
| [10] | ZHU Yan, HU Hongxin, AHN G J, et al. Cooperative provable data possession for integrity verification in multi-cloud storage[J].IEEE Transactions on Parallel and Distributed Systems, 2012,23(12):2231-2244. |
| [11] | WANG Qian, WANG Cong, LI Jin, et al. Enabling public verifiability and data dynamics for storage security in cloud computing[C]//Proceedings of 14th European Symposium on Research in Computer Security (ESORICS 2009). Berlin, Germany:Springer-Verlag Press, 2009:355-370. |
| [12] | Boneh D, Lynn B, Shacham H. Short signatures from the weil pairing[C]//Proceedings of Seventh International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT'01). Berlin, Germany:Springer-Verlag Press, 2001:514-532. |
