计算机科学 ›› 2023, Vol. 50 ›› Issue (12): 368-376.doi: 10.11896/jsjkx.221000185
• 信息安全 • 上一篇
郭彩彩, 金瑜
GUO Caicai, JIN Yu
摘要: 云存储凭借其高扩展性、低成本等优点受到广泛关注,但确保云数据的完整性成为了目前亟待解决的问题。由于区块链具有去中心化、不可篡改等特点,可以很好地解决基于第三方审计者的云审计方案中存在的单点失效和安全威胁等问题,因此有学者提出了基于区块链的云审计方案,但这类方案的审计证明均由数据拥有者(DO)或委托其他DO进行验证,需要DO保持在线状态,加重了审计负担,且绝大部分方案并未在真正的区块链环境中实现。基于此,提出了一种基于以太坊智能合约的云审计方案——CASESC,使用solidity语言编写可实现向云服务提供商发起审计请求和验证其返回的审计证明等功能的以太坊智能合约代码,并将审计结果和相关信息记录在以太坊中供DO随时查询,使得CASESC能代替DO完成审计工作,无需DO委托验证与实时在线,降低了审计开销。此外,CASESC分别在以太坊Goerli公有链测试网络和Ganache搭建的私有链中运行,验证了其可用性。理论分析和实验结果表明,CASESC可在不增加整体审计开销的情况下大幅降低DO的审计开销。
中图分类号:
[1]ZHANG Y,XU C,LI H,et al.Cryptographic Public Verification of Data Integrity for Cloud Storage Systems[J].IEEE Cloud Computing,2016,3(5):44-52. [2]XUE J,XU C,BAI L.DStore:A Distributed System for Out-sourced Data Storage and Retrieval[J].Future Generation Computer Systems,2019,99(1):106-114. [3]YANG K,JIA X.An Efficient and Secure Dynamic AuditingProtocol for Data Storage in Cloud Computing[J].IEEE Tran-sactions on Parallel and Distributed Systems,2013,24(9):1717-1726. [4]ZHANG Y,XU C,LIANG X,et al.Efficient Public Verification of Data Integrity for Cloud Storage Systems from Indistinguishability Obfuscation[J].IEEE Transactions on Information Forensics and Security,2017,12(3):676-688. [5]NI J,YU Y,MU Y,et al.On the Security of an Efficient Dynamic Auditing Protocol in Cloud Storage[J].IEEE Transactions on Parallel and Distributed Systems,2014,25(10):2760-2761. [6]HAN H,FEI S,YAN Z,et al.A Survey on Blockchain-Based Integrity Auditing for Cloud Data[J].Digital Communications and Networks,2022,1(1):1-13. [7]WANG X,ZHA X,NI W,et al.Survey on Blockchain for Internet of Things[J].Computer Communications,2019,136(1):10-29. [8]LIU L,XU B.Research on Information Security TechnologyBased on Blockchain[C]//Proceedings of IEEE 3rd Interna-tional Conference on Cloud Computing and Big Data Analytics(ICCCBDA).Piscataway:IEEE,2018:380-384. [9]XUY,REN J,ZHANG Y,et al.Blockchain Empowered Arbitrable Data Auditing Scheme for Network Storage as a Service[J].IEEE Transactions on Services Computing,2020,13(2):289-300. [10]ZHANG G,YANG Z,XIE H,et al.A Secure Authorized Deduplication Scheme for Cloud Data Based on Blockchain[J].Information Processing and Management,2021,58(3):102510. [11]SHARMA P,JINDAL R,BORAH M D.Blockchain-Based Decentralized Architecture for Cloud Storage System[J].Journal of Information Security and Applications,2021,62(8):102970. [12]ZHANG C,XU Y,HU Y,et al.A Blockchain-Based Multi-Cloud Storage Data Auditing Scheme to Locate Faults[J].IEEE Transactions on Cloud Computing,2021,1(1):1-12. [13]LIU B,YU X L,CHEN S,et al.Blockchain Based Data Integrity Service Framework for IoT Data[C]//Proceedings of IEEE International Conference on Web Services(ICWS).Piscataway:IEEE,2017:468-475. [14]YU H,YANG Z,SINNOTT R O.Decentralized Big Data Auditing for Smart City Environments Leveraging Blockchain Technology[J].IEEE Access,2018,7(1):6288-6296. [15]WANG H,ZHANG J.Blockchain Based Data Integrity Verifica-tion for Large-Scale IoT Data[J].IEEE Access,2019,7(1):164996-165006. [16]HUANG P,FAN K,YANG H,et al.A Collaborative Auditing Blockchain for Trustworthy Data Integrity in Cloud Storage System[J].IEEE Access,2020,8(1):94780-94794. [17]LI J,WU J,JIANG G,et al.Blockchain-Based Public Auditing for Big Data in Cloud Storage[J].Information Processing and Management,2020,57(6):102382. [18]SHU J,ZOU X,JIA X,et al.Blockchain-Based DecentralizedPublic Auditing for Cloud Storage[J].IEEE Transactions on Cloud Computing,2021,1(1):1-14. [19]ZUO W,LO D,KOCHHAR P S,et al.Smart Contract Development:Challenges and Opportunities[J].IEEE Transactions on Software Engineering,2021,47(10):2084-2106. [20]RENNER T,MULLER J,KAO O.Endolith:A Blockchain-Based Framework to Enhance Data Retention in Cloud Storages[C]//Proceedings of 26th Euromicro International Conference on Parallel,Distributed and Network-based Processing(PDP).Piscataway:IEEE,2018:627-634. [21]XUE J,XU C,ZHANG Y,et al.DStore:A Distributed Cloud Storage System Based on Smart Contracts and Blockchain[C]//Proceedings of 18th International Conference on Algorithms and Architectures for Parallel Processing(ICA3PP).Cham:Sprin-ger,2018:385-401. [22]PENG F,TIAN H,QUAN H,et al.Data Auditing for the Internet of Things Environments Leveraging Smart Contract[C]//Proceedings of 3rd International Conference on Frontiers in Cyber Security(FCS).Singapore:Springer,2020(1286):133-149. [23]YUAN H,CHEN X,WANG J,et al.Blockchain-Based PublicAuditing and Secure Deduplication with Fair Arbitration[J].Information Sciences,2020,541(9):409-425. [24]XIE M,ZHAO Q,HONG H.A Blockchain-Based Proxy Oriented Cloud Storage Public Audit Scheme for Low-Performance Terminal Devices[C]//Proceedings of 21st International Conference on Algorithms and Architectures for Parallel Processing(ICA3PP).Cham:Springer,2021(13155):676-692. [25]ATENIESE G,BURNS R,CURTMOLA R,et al.Provable Data Possession at Untrusted Stores[C]//Proceedings of 14th ACM Conference on Computer and Communications Security.New York:Association for Computing Machinery,2007:598-609. [26]GAZZONI F D L,BARRETO P S L M.Demonstrating Data Possession and Uncheatable Data Transfer[J].Cryptology ePrint Archive,2006,1(1):150-159. [27]LIU F,YANG J,LI Z B,et al.A Secure Multi-Party Computation Protocol for Universal Data Privacy Protection Based on Blockchain[J].Journal of Computer Research and Development,2021,58(2):281-290. [28]ALIA G,MARTINELLI E.Fast Modular Exponentiation ofLarge Numbers with Large Exponents[J].Journal of Systems Architecture,2002,47(14/15):1079-1088. [29]DESWARTE Y,QUISQUATER J J,SAïDANE A.Remote Integrity Checking[C]//Proceedings of Working Conference on Integrity and Internal Control in Information Systems.Boston:Springer,2003(140):1-11. [30]YAN H,ZHAO F S,SU F G,et al.Quantum Algorithm for Solving Hyperelliptic Curve Discrete Logarithm Problem[J].Quantum Information Processing,2020,19(3):120-126. [31]ZHANG F,REIHANEH S N,SUSILO W.An Efficient Signature Scheme from Bilinear Pairings and its Applications[C]//Proceedings of 7th International Workshop on Practice and Theo-ry in Public Key Cryptography.Berlin:Springer,2004(2947):277-290. |
|