计算机科学 ›› 2023, Vol. 50 ›› Issue (7): 302-307.doi: 10.11896/jsjkx.220600067
王少辉, 赵铮宇, 王化群, 肖甫
WANG Shaohui, ZHAO Zhengyu, WANG Huaqun, XIAO Fu
摘要: 云存储服务能够让个人或者企业以更低的成本轻松地维护和管理大量数据,但其在为人们带来便利的同时却无法保证其外包数据的完整性和隐私性。远程数据完整性验证方案可以使用户在不下载全部数据的情况下对外包数据的完整性进行验证,即云服务器能够向验证者证明它实际上是在诚实地存储用户的数据。对Li等提出的基于身份云存储远程数据完整性验证方案的安全性进行了分析,结果表明该方案容易受到伪造攻击,即云服务器仅需保存少量的数据就能够生成合法的数据完整性证明。在Li等方案的基础上,提出了一个新的基于身份远程数据完整性验证方案。分析表明,所提方案能够满足健壮性和隐私性的安全需求,且与Li等方案的计算开销也能保持基本一致。
中图分类号:
[1]DESWARTE Y,QUISQUATER J J,SAIDANE A.Remote Integrity Checking[C]//Working Conference on Integrity & Internal Control in Information Systems.Springer,2003:1-11. [2]ATENIESE G,BURNS R,CURTMOLA R,et al.Provable Data Possession at Untrusted Stores[C]//Proceedings of the 14th ACM Conference on Computer & Communications Security.2007:598-609. [3]JUELS A,KALISKI JR B S.PORs:Proofs of Retrievability for Large Files[C]//Proceedings of the 14th ACM Conference on Computer & Communications Security.2007:584-597. [4]SHACHAM H,WATERS B.Compact Proofs of Retrievability[C]//International Conference on the Theory & Application of Cryptology & Information Security.Springer,2008:90-107. [5]ATENIESE G,DI PIETRO R,MANCINI L V,et al.Scalableand Efficient Provable Data Possession[C]//Proceedings of the 4th International Conference on Security & Privacy in Communication Networks.ACM,2008:1-10. [6]WANG Q,WANG C,REN K,et al.Enabling public auditability and data dynamics for storage security in cloud computing[J].IEEE Transactions on Parallel and Distributed Systems,2010,22(5):847-859. [7]SHEN W,YU J,XIA H,et al.Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium[J].Journal of Network & Computer Applications,2017,82:56-64. [8]WANG H,WU Q,QIN B,et al.Identity-based remote data possession checking in public clouds[J].IET Information Security,2014,8(2):114-121. [9]YU Y,MAN H A A,ATENIESE G,et al.Identity-based re-mote data integrity checking with perfect data privacy preserving for cloud storage[J].IEEE Transactions on Information Forensics and Security,2017,12(4):767-778. [10]WANG H,HE D,TANG S.Identity-based proxy-oriented data uploading and remote data integrity checking in public cloud[J].IEEE Transactions on Information Forensics and Security,2016,11(6):1165-1176. [11]WANG Y,WU Q,QIN B,et.al.Identity-based data outsourcing with comprehensive auditing in clouds[J].IEEE Transactions on Information Forensics and Security,2016,12(4):940-952. [12]ZHANG J,DONG Q.Efficient ID-based public auditing for the outsourced data in cloud storage[J].Information Sciences,2016,343:1-14. [13]WANG H Q.Identity-based distributed provable data possession in multicloud storage[J].IEEE Transactions on Services Computing,2014,8(2):328-340. [14]LI Y,YU Y,MIN G,et al.Fuzzy identity-based data integrity auditing for reliable cloud storage systems[J].IEEE Transactions on Dependable & Secure Computing,2017,16(1):72-83. [15]LI J,YAN H,ZHANG Y.Identity-based privacy preserving remote data integrity checking for cloud storage[J].IEEE Systems Journal,2020,15(1):577-585. |
|