计算机科学 ›› 2018, Vol. 45 ›› Issue (3): 144-150.doi: 10.11896/j.issn.1002-137X.2018.03.023

• 信息安全 • 上一篇    下一篇

BTDA:基于半可信第三方的动态云数据更新审计方案

金瑜,蔡超,何亨,李鹏   

  1. 武汉科技大学计算机科学与技术学院 武汉430065,武汉科技大学计算机科学与技术学院 武汉430065;湖北省智能信息处理与实时工业系统重点实验室 武汉430065,武汉科技大学计算机科学与技术学院 武汉430065;湖北省智能信息处理与实时工业系统重点实验室 武汉430065,武汉科技大学计算机科学与技术学院 武汉430065;湖北省智能信息处理与实时工业系统重点实验室 武汉430065
  • 出版日期:2018-03-15 发布日期:2018-11-13
  • 基金资助:
    本文受云计算环境下基于行为的动态信任模型研究(61303117),混合云中基于属性密码的轻量级安全控制机制研究(61602351),混合车载网络环境下的节点部署及协同内容分发研究(61502359)资助

BTDA:Dynamic Cloud Data Updating Audit Scheme Based on Semi-trusted Third Party

JIN Yu, CAI Chao, HE Heng and LI Peng   

  • Online:2018-03-15 Published:2018-11-13

摘要: 云存储由于具有方便和廉价的优点,自诞生以来便得到了广泛应用。但与传统系统相比,云存储中的用户失去了对数据的直接控制,因此用户最关心的是存储在云上的数据是否安全,其中完整性是安全需求之一。公共审计是验证云数据完整性的有效方法。虽然现有方案不仅能够实现云数据的完整性验证,也能够支持动态数据更新审计,但它们也存在缺点,例如在执行多个二级文件块更新任务时,用户需要一直在线进行更新审计,而且在该过程中用户与云服务器的通信量和用户计算量都较大。基于此,提出了一种基于半可信第三方的动态云数据更新审计方案——BTDA。在BTDA中,用户将二级文件块更新审计任务代理给半可信第三方,因此在二级文件块更新审计过程中,用户可以离线,从而减少了用户端的通信量和计算量。另外,BTDA采用了数据盲化和代理重签名技术来防止半可信第三方和云服务器获取用户敏感数据,从而保护了用户隐私。实验表明,与目前的二级文件块更新审计方案相比,BTDA中的用户端无论在计算时间还是通信量方面都有大幅减少。

关键词: 云存储,数据完整性,半可信第三方,二级文件块更新

Abstract: Cloud storage has been widely used since its birth because of its convenience and low price.But compared with the traditional system,the users in the cloud storage system lost the direct control of the data,so users are most concerned about whether the data stored in the cloud are security,where integrity is one of the security needs.Public audit is an effective way to verify the integrity of cloud data.Existing research work can not only achieve cloud data integrity verification,but also support dynamic data update audit.However,such schemes also suffer from some drawbacks,for example,when multiple second-level file block update tasks are implemented,users need to be online for the update audit of each task,and in this process the communication cost and the computational cost on user side are larger. On this basis,this paper proposed BTDA,namely a semi-trusted third party dynamic cloud data update audit program.In BTDA,semi-trusted third party deals with update audit instead of user,so during the update audit process,the user can be off-line,thereby reducing the communication cost and the computational cost on user side.In addition,BTDA uses data blind and proxy re-signature technology to prevent semi-trusted third party and cloud server to obtain user sensitive data,thus protecting user privacy.Experiments show that compared with the current scheme about second-level file block update,BTDA has a large reduction in both computation time and communication cost on user side.

Key words: Cloud storage,Data integrity,Semi-trusted third party,Second-level file block update

[1] DESWARTE Y,QUISQUATER J J,SADANE A.Remote Integrity Checking[M]∥Integrity and Internal Control in Information System VI.2004:1-11.
[2] SEBE F,MARTINEZ-BALLESTE A,DESWARTE Y.Time-bounded remote file integrity checking:Technical Report 04429[R].2004.
[3] ATENIESE G,BURNS R,CURTMOLA R,et al.Provable data possession at untrusted stores[C]∥ACM Conference on Computer and Communications Security.ACM,2007:598-609.
[4] JUELS A,KALISKI B S.Pors:proofs of retrievability for large files[C]∥ACM Conference on Computer and Communications Security.ACM,2007:584-597.
[5] SHACHAM H,WATERS B.Compact Proofs of Retrievability[M]∥Advances in Cryptology-SIACRYPT 2008.Springer Berlin Heidelberg,2008:442-483.
[6] DAN B,LYNN B,SHACHAM H.Short Signatures from the Weil Pairing[J].Journal of Cryptology,2004,17(4):297-319.
[7] SHACHAM H,WATERS B.Compact Proofs of Retrievability[C]∥Proc.14th Int’l Conf.Theory and Application of Crypto-logy and Information Security:Advances in Cryptology (ASIACRYPT’08).2008:90-107.
[8] WANG Q,WANG C,REN K,et al.Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing[J].IEEE Transactions on Parallel & Distributed Systems,2011,22(5):847-859.
[9] WANG C,WANG Q,REN K,et al.Privacy-preserving public auditing for data storage security in cloud computing[J].Proceedings-IEEE INFOCOM,2010,62(2):525-533.
[10] YANG K,JIA X.An Efficient and Secure Dynamic AuditingProtocol for Data Storage in Cloud Computing[J].IEEE Tran-sactions on Parallel & Distributed Systems,2013,24(9):1717-1726.
[11] LIU C,ZHANG X,YANG C,et al.Authorized Public Auditing of Dynamic Big Data Storage on Cloud with Efficient Verifiable Fine-grained Updates[J].IEEE Transactions on Parallel & Distributed Systems,2013,25(9):2234-2244.
[12] BLAZE M,BLEUMER G,STRAUSS M.Divertible protocolsand atomic proxy cryptography[J].Eurocrypt,1998,3:127-144.
[13] CHAUM D.Blind Signatures for Untraceable Payments[M]∥Advances in Cryptology.Springer US,1983:199-203.
[14] WANG B,CHOW S S M,LI M,et al.Storing Shared Data on the Cloud via Security-Mediator[C]∥IEEE International Conference on Distributed Computing Systems.IEEE Computer Society,2013:124-133.
[15] WANG B,LI B,LI H.Panda:Public Auditing for Shared Data with Efficient User Revocation in the Cloud[J].IEEE Transactions on Services Computing,2015,8(1):92-106.
[16] RANJITH G,CHANDRA J V,SAGARIKA P,et al.Intelli-gence based Authentication- Authorization and Auditing for secured data storage[J].Journal of Advanced in Engineering and Technology,2015,8(4):628-636.
[17] HE K,HUANG C H,ZHOU C H,et al.Public auditing for encryption data with client-side deduplication in cloud storage[J].Wuhan University Journal of Natural Sciences,2015,20(4):291-298.
[18] HE K,HUANG C H,SHI J L,et al.Public Integrity Auditing for Dynamic Regenerating Code Based Cloud Storage[C]∥IEEE Symposium on Computers and Communication (ISCC).2016:581-588.
[19] SHEN W T,YU J,XIA H,et al.Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium[J].Journal of Network and Computer Applications,2017,82:56-64.
[20] ZHU Y,WANG H,HU Z,et al.Dynamic audit services for integrity verification of outsourced storages in clouds[C]∥Proceedings of the 2011 ACM Symposium on Applied Computing.ACM,2011:1550-1557.

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!