一个改进的云存储数据完整性验证方案

doi:10.3969/j.issn.0372-2112.2014.01.024

电子学报 ›› 2014, Vol. 42 ›› Issue (1): 150-154.DOI: 10.3969/j.issn.0372-2112.2014.01.024

一个改进的云存储数据完整性验证方案

周恩光^1,2, 李舟军^1,2, 郭华^1,3, 贾仰理⁴

1. 北京航空航天大学软件开发环境国家重点实验室, 北京 100191;
2. 北京航空航天大学网络技术北京市重点实验室, 北京 100191;
3. 中国科学院信息工程研究所信息安全国家重点实验室, 北京 100093;
4. 聊城大学计算机学院, 山东聊城 252059

收稿日期:2012-11-12 修回日期:2013-08-20 出版日期:2014-01-25
- 作者简介:
- 周恩光 男.1984年3月生，河北鹿泉人.北京航空航天大学计算机学院博士研究生.研究方向为信息安全、云计算安全. E-mail:enguangzhou@163.com 李舟军 男.1963年9月生，湖南湘乡人.1999年获国防科技大学计算机博士学位.现为北京航空航天大学计算机学院信息安全系主任、教授、博士生导师.主要研究兴趣为网络与信息安全、数据挖掘与社交网络分析. E-mail:lizj@buaa.edu.cn
- 基金资助:
- 国家自然科学基金 (No.60973105，No.61170189，No.61300172，No.61370126）; 博士点基金 (No.20111102130003，No.20121102120017）; 软件开发环境国家重点实验室自主课题 (No.SKLSDE-2013ZX-19，No.SKLSDE-2012ZX-11）; 中央高校基本科研业务费专项资金 (No.YWF-13-A02-13）

An Improved Data Integrity Verification Scheme in Cloud Storage System

ZHOU En-guang^1,2, LI Zhou-jun^1,2, GUO Hua^1,3, JIA Yang-li⁴

1. State Key Laboratory of Software Development Environment, Beihang University, Beijing 100191, China;
2. Key Laboratory of Beijing Network Technology, Beihang University, Beijing 100191, China;
3. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;
4. School of Computer, Liaocheng University, Liaocheng, Shandong 252059, China

Received:2012-11-12 Revised:2013-08-20 Online:2014-01-25 Published:2014-01-25

摘要/Abstract

摘要： 在云计算环境中，客户将数据存储在不可信的云存储服务器上.如何在本地没有数据副本的情况下，高效地对客户存储的远程数据进行完整性验证是一个亟待解决的问题，针对此问题已相继提出一系列解决方案.提出已知证据伪造攻击的概念，即拥有一定数量证据的敌手可以伪造新的合法证据.指出已有的一些数据完整性验证方案无法抵抗已知证据伪造攻击.利用基于等级的认证跳表提出一个改进方案，该方案支持完全数据更新和公开审计.

关键词: 云存储, 完整性验证, 公开审计, 数据更新

Abstract: In cloud computing,clients put the large data files on the untrusted cloud storage server.As clients no longer physically possess the storage of their data,how to efficiently verify the correctness of outsourced cloud data becomes a big challenge for data storage security in cloud computing.In order to solve the problem of data integrity checking,many schemes are proposed.We first propose the notion of the known-proofs forgery attack,i.e.,the adversary who has a certain number of proofs can forge a new legal proof.We point out that some known schemes cannot resist the known-proofs forgery attack.After that we propose an improved data integrity checking protocol with full data dynamics and public verifiability for cloud storage by manipulating rank-based authenticated skip list.

Key words: cloud storage, integrity authentication, public auditability, data dynamics

中图分类号:

TP309

周恩光, 李舟军, 郭华, 贾仰理. 一个改进的云存储数据完整性验证方案[J]. 电子学报, 2014, 42(1): 150-154.

ZHOU En-guang, LI Zhou-jun, GUO Hua, JIA Yang-li. An Improved Data Integrity Verification Scheme in Cloud Storage System[J]. Acta Electronica Sinica, 2014, 42(1): 150-154.

参考文献

[1] 冯登国,张敏,张妍,徐震.云计算安全研究[J].软件学报,2011,22(1):71-83. Feng Deng-guo,Zhang Min,Zhang Yan,Xu Zhen.Study oncloud computing security[J].Journal of Software,2011,22(1):71-83.(in Chinese)
[2] G Ateniese,R Burns,R Curtmola,J Herring,L Kissner,Z Peterson,D Song.Provable data possession at untrusted stores [A].Proceedings of the 14th ACM Conference on Computer and Communications Security [C].Alexandria:ACM,2007.598-609.
[3] Juels,Burton S Kaliski Jr.Pors:Proofs of retrievability for large files [A].Proceedings of the 14th ACM Conference on Computer and Communications Security [C].Alexandria:ACM,2007.584-597.
[4] H Shacham,B Waters.Compact proofs of retrievability [A].Proceedings of the 14th International Conference on Theory and Application of Cryptology and Information Security:Advances in Cryptology [C].Melbourne:LNCS 5350,2008.90-107.
[5] K D Bowers,A Juels,A Oprea.Proofs of retrievability:Theory and implementation [A].Proceedings of the 2009 ACM Workshop on Cloud Computing Security [C].Chicago:ACM,2009.43-54.
[6] Ee-Chien Chang,Jia Xu.Remote integrity check with dishonest storage server [A].Proceedings of the 13th European Symposium on Research in Computer Security [C].Berlin:Springer-Verlag,2008.223-237.
[7] A Oprea,MK Reiter,K Yang.Space-efficient block storage integrity [A].Proceedings of the 12th Annual Network and Distributed System Security Symposium [C].San Diego:USENIX,2005.1-12.
[8] G Ateniese,RD Pietro,LV Mancini,G Tsudik.Scalable and efficient provable data possession [A].Proceedings of the 4th International Conference on Security and Privacy in Communication Networks [C].Istanbul:ACM,2008.1-10.
[9] C Wang,Q Wang,K Ren,W Lou.Ensuring data storage security in cloud computing [A].Proceedings of the 17th International Workshop Quality of Service [C].Charleston:IEEE,2009.1-9.
[10] C Erway,A Kupcu,C Papamanthou,R Tamassia.Dynamic provable data possession [A].Proceedings of the 16th ACM Conference on Computer and Communications Security [C].Chicago:ACM,2009.213-222.
[11] F Sebe,J Domingo-Ferrer,A Martinez-Balleste,Y Deswarte,J-J Quisquater.Efficient remote data possession checking in critical information infrastructures[J].IEEE Transactions on Knowledge and Data Engineering,2008,20(8):1034-1038.
[12] C Wang,Q Wang,K Ren,W Lou.Privacy-preserving public auditing for data storage security in cloud computing [A].Proceedings of 2010 IEEE INFOCOM [C].San Diego:IEEE,2010.1-9.
[13] Zhuo Hao,Sheng Zhong,Nenghai Yu.A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability[J].IEEE Transactions on Knowledge and Data Engineering,2011,23(9):1432-1437.
[14] Qian Wang,Cong Wang,Kui Ren,Wenjing Lou,Jin Li.Enabling public auditability and data dynamics for storage security in cloud computing[J].IEEE Transactions on Parallel and Distributed Systems,2011,22(5):847-859.
[15] Boneh D,Lynn B,Shacham H.Short signatures from the Weil pairing[J].Journal of Cryptology,2004,17(4):297-319.

一个改进的云存储数据完整性验证方案

An Improved Data Integrity Verification Scheme in Cloud Storage System

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 11

编辑推荐

Metrics

[1]	任正伟, 李雪婷, 王丽娜, 童言, 徐士伟, 丁炜. 云存储中外包数据确定性删除研究综述[J]. 电子学报, 2022, 50(10): 2542-2560.
[2]	王亚文, 郭云飞, 刘文彦, 霍树民, 杨超. 面向云存储安全的可自愈拜占庭Quorum系统[J]. 电子学报, 2020, 48(4): 675-681.
[3]	杜瑞忠, 石朋亮, 田俊峰. 基于DDCT表的多副本完整性审计方案[J]. 电子学报, 2020, 48(1): 164-171.
[4]	李建江, 马占宁, 张凯. 一种基于内容分块的层次化去冗优化策略[J]. 电子学报, 2019, 47(5): 1094-1100.
[5]	周洪丞, 杨超, 马建峰, 张俊伟. 云端数据异地容灾验证方案研究[J]. 电子学报, 2016, 44(10): 2485-2494.
[6]	陈伟, 于乐, 高迪. 一种支持完整性验证的隐私保护直方图融合算法[J]. 电子学报, 2014, 42(11): 2268-2272.
[7]	谢显中, 黄倩, 王柳苏, 马彬. 一种云存储中基于干扰对齐的多节点精确修复方法[J]. 电子学报, 2014, 42(10): 1873-1881.
[8]	王宁, 杨扬, 孟坤, 陈宇, 王磊, 季青. 云计算环境下基于用户体验的成本最优存储策略研究[J]. 电子学报, 2014, 42(1): 20-27.
[9]	王丽娜;;任正伟;余荣威;韩凤;董永峰. 一种适于云存储的数据确定性删除方法[J]. 电子学报, 2012, 40(2): 266-272.
[10]	李建敦, 彭俊杰, 张武. 云存储中一种基于布局的虚拟磁盘节能调度方法[J]. 电子学报, 2012, 40(11): 2247-2254.
[11]	吴吉义;傅建庆;平玲娣;谢琪;. 一种对等结构的云存储系统研究[J]. 电子学报, 2011, 39(5): 1100-1107.