计算机科学

计算机科学 ›› 2018, Vol. 45 ›› Issue (11): 130-137.doi: 10.11896/j.issn.1002-137X.2018.11.019

• 信息安全 • 上一篇    下一篇

一种支持完美隐私保护的批处理数据拥有性证明方案

庞晓琼, 任孟琦, 王田琪, 陈文俊, 聂梦飞   

  1. (中北大学大数据学院 太原030051)
  • 收稿日期:2018-07-15 发布日期:2019-02-25
  • 作者简介:庞晓琼(1982-),女,博士,讲师,硕士生导师,CCF会员,主要研究方向为信息安全与密码学、复杂系统的故障预测与健康管理,E-mail:xqpang@nuc.edu.cn(通信作者);任孟琦(1994-),女,硕士生,主要研究方向为信息安全与密码学;王田琪(1993-),女,硕士生,主要研究方向为信息安全与密码学;陈文俊(1980-),男,博士生,主要研究方向为金融信息安全;聂梦飞(1994-),女,硕士生,主要研究方向为信息安全与密码学。
  • 基金资助:
    本文受山西省青年自然科学基金(201601D021075),山西省回国留学人员科研项目(2015-083),山西省研究生教育改革研究项目(2018JG62)资助。

Perfect Privacy-preserving Batch Provable Data Possession

PANG Xiao-qiong, REN Meng-qi, WANG Tian-qi, CHEN Wen-jun, NIE Meng-fei   

  1. (School of Data Science and Technology,North University of China,Taiyuan 030051,China)
  • Received:2018-07-15 Published:2019-02-25

PDF (PC)

715

摘要: 数据拥有性证明技术是当前云存储安全领域中的一项重要研究内容,可使用户无须下载所有文件就能高效地远程校验用户数据是否完整存储于云服务器。现实中,用户趋向于委托第三方验证机构TPA代替自己来验证数据的完整性;然而,多数支持第三方公开审计的数据拥有性证明方案通常只考虑恶意服务器是否能够伪造标签或证明的问题,鲜有考虑恶意TPA可能会窃取用户隐私的情况。近几年,一些既针对服务器保证数据的安全性又针对TPA实现数据隐私保护的数据拥有性证明方案逐渐被提出,但多应用于单云服务器环境下;个别应用在多云服务器环境下可支持批量审计的方案,或者不能有效抵抗恶意云服务器的攻击,或者无法实现针对TPA的零知识隐私保护。因此,文中在Yu等工作的基础上,提出了一个多云服务器环境下支持批量审计的数据拥有性证明方案。所提方案既可保证针对恶意云服务器的安全性,还可实现针对TPA的完美零知识隐私保护。性能分析及仿真实验表明所提方案是高效且可行的。

关键词: 零知识隐私, 批处理校验, 数据拥有性证明, 云存储安全

Abstract: Provable data possession is an important research direction in the field of current cloud storage security.It allows user to verify whether his outsourced data stored in the cloud sever are complete without downloading all files efficiently and remotely.Currently,users tend to entrust TPA,a Third Party Auditor,to verify the integrity of their data instead of themselves.However,most of public auditing PDP schemes only consider whether malicious servers can forge data labels or proofs,rarely consider the case of whether malicious TPA may steal user’s data privacy.In recent years,some of PDP schemes that both ensure the data security in server and protect the data privacy for TPA have been proposed and applied in single-cloud server.Few of batch PDP protocols applied in multi-cloud server can effectively resist the malicious cloud server’s attack and achieve zero knowledge privacy for TPA.Therefore,based on the work proposed by Yu et al,this paper proposed a batch PDP scheme which can both guarantee the data security for malicious cloud servers and realize the perfect data privacy for TPA.Performance analysis and simulation experiments demonstrate the efficiency and feasibility of the proposed protocol.

Key words: Batch verification, Cloud storage security, Provable data possession(PDP), Zero knowledge privacy

中图分类号: 

  • TP309
[1]ATENIESE G,BURNS R,CURTMOLA R,et al.Provable data possession at untrusted stores[C]∥ACM Conference on Computer and Communications Security.ACM,2007:598-609.
[2]ATENIESE G,PIETRO R D,MANCINI L V,et al.Scalable and efficient provable data possession[C]∥Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks.ACM,2008:1-10.
[3]WANG Q,WANG C,LI J,et al.Enabling public verifiability and data dynamics for storage security in cloud computing[C]∥ European Conference on Research in Computer Security.Sprin-ger-Verlag,2009:355-370.
[4]ZHANG J,TANG W,MAO J.Efficient public verification proof of retrievability scheme in cloud[M].Kluwer Academic Publi-shers,2014.
[5]YU Y,NI J,MAN H A,et al.Comments on a Public Auditing Mechanism for Shared Cloud Data Service[J].IEEE Transactions on Services Computing,2015,8(6):998-999.
[6]YU Y,LI Y,NI J,et al.Comments on “Public Integrity Auditing for Dynamic Data Sharing With Multiuser Modification”[J].IEEE Transactions on Information Forensics & Security,2016,11(3):658-659.
[7]YU Y,XUE L,MAN H A,et al.Cloud data integrity checking with an identity-based auditing mechanism from RSA[J].Future Generation Computer Systems,2016,62(C):85-91.
[8]WANG C,WANG Q,REN K,et al.Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing[C]∥Infocom,2010 Proceedings IEEE.IEEE,2010:1-9.
[9]HAO Z,ZHONG S,YU N.A Privacy-Preserving Remote Data Integrity Checking Protocol with Data Dynamics and Public Verifiability[J].IEEE Transactions on Knowledge & Data Engineering,2011,23(9):1432-1437.
[10]YU Y,AU M H,MU Y,et al.Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage[J].International Journal of Information Security,2015,14(4):307-318.
[11]YU Y,MAN H A A,ATENIESE G,et al.Identity-based Remote Data Integrity Checking with Perfect Data Privacy Preserving for Cloud Storage[J].IEEE Transactions on Information Forensics & Security,2017,PP(99):1-1.
[12]ZHU Y,HU H,AHN G J,et al.Cooperative Provable Data Possession for Integrity Verification in Multicloud Storage[J].IEEE Transactions on Parallel & Distributed Systems,2012,23(12):2231-2244.
[13]HE K,HUANG C,WANG J,et al.An efficient public batch auditing protocol for data security in multi-cloud storage[C]∥2013 8th ChinaGrid Annual Conference.IEEE,2013:51-56.
[14]WANG H.Identity-Based Distributed Provable Data Possession in Multicloud Storage[J].IEEE Transactions on Services Computing,2015,8(2):328-340.
[15]ATENIESE G,BURNS R,CURTMOLA R,et al.Remote data checking using provable data possession[J].Acm Transactions on Information & System Security,2011,14(1):1-34.
[1] 徐堃, 付印金, 陈卫卫, 张亚男.
基于区块链的云存储安全研究进展
Research Progress on Blockchain-based Cloud Storage Security Mechanism
计算机科学, 2021, 48(11): 102-115. https://doi.org/10.11896/jsjkx.210600015
[2] 陈利锋, 朱路平.
一种基于云端加密的FPGA自适应动态配置方法
Encrypted Dynamic Configuration Method of FPGA Based on Cloud
计算机科学, 2020, 47(7): 278-281. https://doi.org/10.11896/jsjkx.190700110
[3] 伍琦,万常选,李国林.
一个改进型云存储共享方案
Improved Data Sharing Scheme over Cloud Storage
计算机科学, 2012, 39(8): 99-103.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发