计算机科学 ›› 2020, Vol. 47 ›› Issue (6): 303-309.doi: 10.11896/jsjkx.190600079
张茜, 王箭
ZHANG Xi, WANG Jian
摘要: 云端共享数据完整性审计用于验证一个用户群组共享在云端的数据的完整性。与单用户的数据完整性审计相比,群组共享数据的完整性审计需要考虑用户撤销、身份隐私保护等问题。如果数据出现争议或其他情况,还需要对数据的来源进行追踪,目前已有的云共享数据完整性审计方案尚未能很好地处理这个问题。为了实现数据源的追踪,并保证高效的用户撤销和用户身份隐私的保护,文中提出基于群签名算法的云共享数据完整性审计方案。当需要追踪数据块签名者的身份时,群管理员可利用自己的私钥对数据块签名者的身份进行追踪,且他人无法得知该签名者的身份。该方案中的私钥更新机制能很好地支持用户撤销,极大缩减了用户撤销过程中的计算和通信开销。安全性分析和实验结果表明,该方案是安全、高效的。
中图分类号:
[1]REN K,WANG C,WANG Q.Security Challenges for the Public Cloud[J].IEEE Internet Computing,2012,16(1):69-73. [2]ATENIESE G,BURNS R,CURTMOLA R,et al.Provable data possessionat untrusted stores[C]//Proceedings of the 14th ACM Conference on Computer and Communications Security.ACM,2007:598-609. [3]ERWAY C C,KÜPÇÜ A,PAPAMANTHOUS C,et al.Dynamic provable data possession[J].ACM Transactions on Information and System Security(TISSEC),2015,17(4):15. [4]ZHU Y,WANG H,HU Z,et al.Dynamic audit services for integrity verification of outsourced storages in clouds[C]//Proceedings of the 2011 ACM Symposium on Applied Computing.ACM,2011:1550-1557. [5]CAO N,YU S,YANG Z,et al.LT codes-based secure and reliable cloud storage service[C]//2012 Proceedings IEEE INFOCOM.IEEE,2012:693-701. [6]WANG B,LI B,LI H.Oruta:Privacy-preserving public auditing for shared data in the cloud[J].IEEE Transactions on Cloud Computing,2014,2(1):43-56. [7]WANG B,LI H,LI M.Privacy-preserving public auditing for shared cloud data supporting group dynamics[C]//2013 IEEE International Conference on Communications(ICC).IEEE,2013:1946-1950. [8]WANG B,LI B,LI H.Panda:Public auditing for shared data with efficient user revocation in the cloud[J].IEEE Transactions on Services Computing,2013,8(1):92-106. [9]JIANG T,CHEN X,MA J.Public integrity auditing for shared dynamic cloud data with group user revocation[J].IEEETran-sactions on Computers,2015,65(8):2363-2373. [10]YU J,WANG H.Strong key-exposure resilient auditing for secure cloud storage[J].IEEE Transactions on Information Forensics and Security,2017,12(8):1931-1940. [11]ZHANG Y,YU J,HAO R,et al.Enabling Efficient User Revocation in Identity-based Cloud Storage Auditing for Shared Big Data[J].IEEE Transactions on Dependable and Secure Computing,2018,PP(99):1-1. [12]WANG B,LI B,LI H.Knox:privacy-preserving auditing for shared data with large groups in the cloud[C]//International Conference on Applied Cryptography and Network Security.Springer,Berlin,Heidelberg,2012:507-525. [13]BONEH D,BOYEN X,SHACHAM H.Short group signatures[C]//Annual International Cryptology Conference.Springer,Berlin,Heidelberg,2004:41-55. [14]REN K,WANG C,WANG Q.Security challenges for the public cloud[J].IEEE Internet Computing,2012,16(1):69-73. [15]SHACHAM H,WATERS B.Compact proofs of retrievability[J].Journal of Cryptology,2013,26(3):442-483. [16]YANG G,YU J,SHEN W,et al.Enabling public auditing for shared data in cloud storage supporting identity privacy and traceability[J].Journal of Systems and Software,2016,113:130-139. [17]SHEN W,YU J,XIA H,et al.Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium[J].Journal of Network and Computer Applications,2017,82:56-64. [18]SOOKHAK M,YU F R,ZOMAYA A Y.Auditing big data storage in cloud computing using divide and conquer tables[J].IEEE Transactions on Parallel and Distributed Systems,2017,29(5):999-1012. [19]ZHANG Y,YU J.ID-based Cloud Storage Integrity Detection Scheme[J].Computer Engineering,2018,44(3): 8-12,18. [20]YU J,HAO R,ZHAO H.IRIBE: Intrusion-resilient identity-based encryption[J].Information Sciences,2016,329:90-104. |
[1] | 徐堃, 付印金, 陈卫卫, 张亚男. 基于区块链的云存储安全研究进展 Research Progress on Blockchain-based Cloud Storage Security Mechanism 计算机科学, 2021, 48(11): 102-115. https://doi.org/10.11896/jsjkx.210600015 |
[2] | 于七龙, 鲁宁, 史闻博. 一种可追溯的比特币混淆方案 Traceable Mixing Scheme for Bitcoin 计算机科学, 2021, 48(11): 72-78. https://doi.org/10.11896/jsjkx.210600242 |
[3] | 李莹, 于亚新, 张宏宇, 李振国. 基于TBchain区块链的高可信云存储模型 High Trusted Cloud Storage Model Based on TBchain Blockchain 计算机科学, 2020, 47(9): 330-338. https://doi.org/10.11896/jsjkx.190800147 |
[4] | 陈利锋, 朱路平. 一种基于云端加密的FPGA自适应动态配置方法 Encrypted Dynamic Configuration Method of FPGA Based on Cloud 计算机科学, 2020, 47(7): 278-281. https://doi.org/10.11896/jsjkx.190700110 |
[5] | 赵楠,章国安. VANET中基于无证书环签密的可认证隐私保护方案 Authenticated Privacy Protection Scheme Based on Certificateless Ring Signcryption in VANET 计算机科学, 2020, 47(3): 312-319. https://doi.org/10.11896/jsjkx.190100115 |
[6] | 李树全,刘磊,朱大勇,熊超,李锐. 一种面向云存储的数据动态验证方案 Protocol of Dynamic Provable Data Integrity for Cloud Storage 计算机科学, 2020, 47(2): 256-261. https://doi.org/10.11896/jsjkx.181202371 |
[7] | 白利芳, 祝跃飞, 芦斌. 云数据存储安全审计研究及进展 Research and Development of Data Storage Security Audit in Cloud 计算机科学, 2020, 47(10): 290-300. https://doi.org/10.11896/jsjkx.191000111 |
[8] | 乔毛,秦岭. 云存储服务中一种高效属性撤销的AB-ACCS方案 AB-ACCS Scheme for Revocation of Efficient Attributes in Cloud Storage Services 计算机科学, 2019, 46(7): 96-101. https://doi.org/10.11896/j.issn.1002-137X.2019.07.015 |
[9] | 谢四江,贾倍,王鹤,许世聪. 基于多分支路径树的云存储大数据完整性证明机制 Cloud Big Data Integrity Verification Scheme Based on Multi-branch Tree 计算机科学, 2019, 46(3): 188-196. https://doi.org/10.11896/j.issn.1002-137X.2019.03.028 |
[10] | 顾晨阳, 付伟, 刘金龙, 孙刚. 云存储中的ORAM研究综述 Survey of ORAM Research in Cloud Storage 计算机科学, 2019, 46(11A): 341-347. |
[11] | 吴修国, 刘翠. 云存储系统中最小开销的数据副本布局转换策略 Data Replicas Distribution Transition Strategy in Cloud Storage System 计算机科学, 2019, 46(10): 202-208. https://doi.org/10.11896/jsjkx.180901623 |
[12] | 金瑜,蔡超,何亨,李鹏. BTDA:基于半可信第三方的动态云数据更新审计方案 BTDA:Dynamic Cloud Data Updating Audit Scheme Based on Semi-trusted Third Party 计算机科学, 2018, 45(3): 144-150. https://doi.org/10.11896/j.issn.1002-137X.2018.03.023 |
[13] | 刘宴涛, 刘珩. 一种基于网络编码的云存储系统 Cloud Storage System Based on Network Coding 计算机科学, 2018, 45(12): 293-298. https://doi.org/10.11896/j.issn.1002-137X.2018.12.047 |
[14] | 岳笑含, 惠明亨, 王溪波. 基于群签名的前向安全VANET匿名认证协议 Forward Security Anonymous Authentication Protocol Based on Group Signature for Vehicular Ad Hoc Network 计算机科学, 2018, 45(11A): 382-388. |
[15] | 庞晓琼, 任孟琦, 王田琪, 陈文俊, 聂梦飞. 一种支持完美隐私保护的批处理数据拥有性证明方案 Perfect Privacy-preserving Batch Provable Data Possession 计算机科学, 2018, 45(11): 130-137. https://doi.org/10.11896/j.issn.1002-137X.2018.11.019 |
|