计算机科学 ›› 2020, Vol. 47 ›› Issue (9): 330-338.doi: 10.11896/jsjkx.190800147
• 信息安全 • 上一篇
李莹1,2, 于亚新1,2, 张宏宇1, 李振国1
LI Ying1,2, YU Ya-xin1,2, ZHANG Hong-yu1, LI Zhen-guo1
摘要: 云存储中的数据可能会遭受非法窃取或篡改,从而使用户数据的机密性面临威胁。为了更加安全、高效地存储海量数据,提出一种支持索引、可追溯、可验证的云存储与区块链结合的存储模型CBaaS(Cloud and Blockchain as a service),它可以增强云中数据的可信性。另外,区块链的协商一致协议导致交易的吞吐量低,处理速度慢,严重制约了去中心化应用的发展。基于此,文中实现了一个三层架构的区块链模型TBchain(Three-tier architecture Blockchain),其通过分割区块链的一部分并将其锁定在更高级别区块链的块中提高区块链的可伸缩性,从而提高区块链中交易的吞吐量。此外,区块链由于去中心化的需求占用了海量节点的大量存储空间,这极大地限制了以区块链技术为基础的数据库系统的发展与应用。通过TBchain将一部分交易存储在本地,增加了区块链存储容量的可扩展性。云存储对象元数据中的ETag标示一个Object的内容,可以用来检查Object内容是否发生变化。将云存储中的对象元数据存储在区块链上,利用ETag值可以用于检查Object内容是否发生变化的特性和区块链上的数据不可篡改的特性来验证云上存储的数据是否安全,从而提高云上存储数据的可信性。实验结果表明,TBchain模型提高了区块链的可伸缩性和区块链存储容量的可扩展性,CBaaS模型也有效地提高了云上存储数据的可信性。
中图分类号:
| [1] NAKAMOTO S,BITCOIN A.A peer-to-peer electronic cashsystem[EB/OL].https://bitcoin.org/bitcoin.pdf. [2] ZHENG Z,XIE S,DAI H,et al.An overview of blockchaintechnology:Architecture,consensus,and future trends[C]//2017 IEEE International Congress on Big Data (BigData congress).IEEE,2017:557-564. [3] OTTE P,DE VOS M,POUWELSE J.TrustChain:A Sybil-re-sistant scalable blockchain[J].Future Generation Computer Systems,2020,107:770-780. [4] JIA D Y,XIN J C,WANG Z Q.Storage Capacity Scalable Model of Blockchain[J].Journal of Frontiers of Computer Science and Technology,2018,12(4):525-535. [5] EYAL I,GENCER A E,SIRER E G,et al.Bitcoin-ng:A scalable blockchain protocol[C]//13th {USENIX} Symposium on Networked Systems Design and Implementation ({NSDI} 16).2016:45-59. [6] SOMPOLINSKY Y,ZOHAR A.Secure high-rate transactionprocessing in bitcoin[C]//International Conference on Financial Cryptography and Data Security.Berlin:Springer,2015:507-527. [7] ZHOU L,VARADHARAJAN V,HITCHENS M.Trust en-hanced cryptographic role-based access control for secure cloud data storage[J].IEEE Transactions on Information Forensics and Security,2015,10(11):2381-2395. [8] UIKEY C,BHILARE D S.TrustRBAC:Trust role based access control model in multi-domain cloud environments[C]//2017 International Conference on Information,Communication,Instrumentation and Control (ICICIC).IEEE,2017:1-7. [9] TIAN H,CHEN Y,JIANG H,et al.Public auditing for trusted cloud storage services[J].IEEE Security & Privacy,2019,17(1):10-22. [10] ZHAO B,FAN P,NI M.Mchain:a blockchain-based VM measurements securestorage approach in IaaS cloud with enhanced integrity and controllability[J].IEEE Access,2018,6:43758-43769. [11] SUKHODOLSKIY I,ZAPECHNIKOV S.A blockchain-basedaccess control system for cloud storage[C]//2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus).IEEE,2018:1575-1578. [12] WESTERLUND M,KRATZKE N.Towards distributed clouds:A review about the evolution of centralized cloud computing,distributed ledger technologies,and a foresight on unifying opportunities and security implications[C]//2018 International Conference on High Performance Computing & Simulation (HPCS).IEEE,2018:655-663. [13] POURMAJIDI W,MIRANSKYY A.Logchain:blockchain-as-sisted log storage[C]//2018 IEEE 11th International Conference on Cloud Computing (CLOUD).IEEE,2018:978-982. [14] ZHU L,WU Y,GAI K,et al.Controllable and trustworthyblockchain-based cloud data management[J].Future Generation Computer Systems,2019,91:527-535. [15] ESPOSITO C,DE SANTIS A,TORTORA G,et al.Blockchain:A panacea for healthcare cloud-based data security and privacy?[J].IEEE Cloud Computing,2018,5(1):31-37. [16] SHEN M,MA B,ZHU L,et al.Cloud-based approximate constrained shortest distance queries over encrypted graphs with privacy protection[J].IEEE Transactions on Information Forensics and Security,2017,13(4):940-953. [17] XIA Q I,SIFAH E B,ASAMOAH K O,et al.MeDShare:Trust-less medical data sharing among cloud service providers via blockchain[J].IEEE Access,2017,5:14757-14767. [18] GUO R,SHI H,ZHAO Q,et al.Secure attribute-based signature scheme with multiple authorities for blockchain in electronic health records systems[J].IEEE access,2018,6:11676-11686. [19] LIANG G,WELLER S R,LUO F,et al.Distributed blockchain-based data protection framework for modern power systems against cyber attacks[J].IEEE Transactions on Smart Grid,2018,10(3):3162-3173. [20] ZYSKIND G,NATHAN O.Decentralizing privacy:Usingblockchain to protect personal data[C]//2015 IEEE Security and Privacy Workshops.IEEE,2015:180-184. [21] LIANG X,SHETTY S,TOSH D,et al.Provchain:A block-chain-based data provenance architecture in cloud environment with enhanced privacy and availability[C]//2017 17th IEEE/ACM International Symposium on Cluster,Cloud and Grid Computing (CCGRID).IEEE,2017:468-477. [22] JIA D,XIN J,WANG Z,et al.ElasticChain:support very large blockchain by reducing data redundancy[C]//Asia-Pacific Web (APWeb) and Web-Age Information Management (WAIM) Joint International Conference on Web and Big Data.Cham:Springer,2018:440-454. [23] GAETANI E,ANIELLO L,BALDONI R,et al.Blockchain-based database to ensure data integrity in cloud computing environments[C]//Italian Conference on Cybersecurity.2017. [24] YANG C,CHEN X,XIANG Y.Blockchain-based publicly verifiable data deletion scheme for cloud storage[J].Journal of Network and Computer Applications,2018,103:185-193. |
| [1] | 常炳国, 石华龙, 常雨馨. 基于深度学习的黑色素瘤智能诊断多模型算法 Multi Model Algorithm for Intelligent Diagnosis of Melanoma Based on Deep Learning 计算机科学, 2022, 49(6A): 22-26. https://doi.org/10.11896/jsjkx.210500197 |
| [2] | 何瑾琳, 刘学军, 徐新艳, 毛宇佳. 融合node2vec和深度神经网络的隐式反馈推荐模型 Implicit Feedback Recommendation Model Combining Node2vec and Deep Neural Networks 计算机科学, 2019, 46(6): 41-48. https://doi.org/10.11896/j.issn.1002-137X.2019.06.005 |
| [3] | 张栗粽,崔园,罗光春,陈爱国,卢国明,王晓雪. 面向大数据分布式存储的动态负载均衡算法 Dynamic Load Balance Algorithm for Big-data Distributed Storage 计算机科学, 2017, 44(5): 178-183. https://doi.org/10.11896/j.issn.1002-137X.2017.05.032 |
| [4] | 许婧,任开军,李小勇. 气象数据检索区域查询优化及并行算法设计 Parallel Algorithm Design and Optimization of Range Query for Meteorological Data Retrieval 计算机科学, 2017, 44(3): 42-47. https://doi.org/10.11896/j.issn.1002-137X.2017.03.011 |
| [5] | 何炎祥,喻 涛,陈彦钊,李清安,范通让. 物联网环境中数据存储与查询机制研究 Data Storage and Query in Internet of Things 计算机科学, 2015, 42(3): 185-190. https://doi.org/10.11896/j.issn.1002-137X.2015.03.038 |
| [6] | 傅腾,高建华. Web工程中基于不变性的元数据检查和测试 Metadata Checking and Testing of Web Application Based on Invariance 计算机科学, 2014, 41(8): 224-228. https://doi.org/10.11896/j.issn.1002-137X.2014.08.048 |
| [7] | 孙宁伟,赵瑜,刘勇,刘海峰,肖卫东,张翀. TVBRT:一种基于Radial Tree的具有度量属性的多变元时态数据可视化方法 TVBRT:A Time-varying Multivariate Data Visualization Method Based on Radial Tree 计算机科学, 2014, 41(6): 5-11. https://doi.org/10.11896/j.issn.1002-137X.2014.06.002 |
| [8] | 谢平. 存储系统重复数据删除技术研究综述 Survey on Data Deduplication Techniques for Storage Systems 计算机科学, 2014, 41(1): 22-30. |
| [9] | 董国卿,童维勤. 数据库元数据的自动语义标注 Automatic Semantic Annotation for Metadata in Databases 计算机科学, 2012, 39(Z11): 159-162. |
| [10] | 刘茜,李华. Scorm元数据在教育资源语义检索中的研究与应用 Research and Application of Scorm Metadata in Semantic Retrieval of Education Resources 计算机科学, 2011, 38(Z10): 416-418. |
| [11] | 陈斌,白晓颖,马博,黄俊飞. 分布式系统可伸缩性研究综述 Survey on Software Scalability of Distributed Systems 计算机科学, 2011, 38(8): 17-24. |
| [12] | 刘科,秦磊华,周敬利,聂雪军,曾东. 内容感知存储系统中的两阶段检索策略 Two-phrase Retrieval Strategy in Content Aware Network Storage System 计算机科学, 2011, 38(5): 20-23. |
| [13] | 徐俊刚,裴莹. 数据ETL研究综述 Overview of Data Extraction, Transformation and Loading 计算机科学, 2011, 38(4): 15-20. |
| [14] | 朱焱. 万维网资源质量模式挖掘技术分析 On Web Source Quality Pattern Mining Approaches 计算机科学, 2010, 37(8): 201-207. |
| [15] | 邓科峰,何连跃,王晓川,周先奉. KESS元数据处理一致性协议 Consistency Protocol for Metadata Processing in KESS 计算机科学, 2010, 37(2): 75-77. |
|
||
首页