Computer Science

Computer Science ›› 2018, Vol. 45 ›› Issue (11): 187-192.doi: 10.11896/j.issn.1002-137X.2018.11.029

• Information Security • Previous Articles     Next Articles

Secure Data Deduplication Scheme Based on Merkle Hash Tree in HybridCloud Storage Environments

ZHANG Gui-peng, CHEN Ping-hua   

  1. (School of Computers,Guangdong University of Technology,Guangzhou 510006,China)
  • Received:2018-08-08 Published:2019-02-25

PDF (PC)

824

Abstract: Deduplication is an efficient data compression and storage optimization technology in cloud storage systems.It can reduce storage space and transmission bandwidth consumption by detecting and eliminating redundant data.The convergence encryption adopted by existing cloud storage systems is vulnerable to brute-force attacks and the time cost of ciphertext generation is excessive.In this paper,an efficient deduplication scheme based on Merkle hash tree in hybrid cloud environment was proposed.The tag used to detect duplicated data is calculated by introducing privilege level function and label coefficients which can realize a secure deduplication system with different privilege levels.At the same time,an additional encryption algorithm is implemented,and cryptographic keys are generated by a Merkle hash tree.These keys are used to encrypt the plaintext at a file-level and block-level deduplication which ensures that the ciphertext becomes unpredictable.The security analysis shows that this scheme can effectively resist the brute-force attacks from internal and external attackers,and improve the confidentiality of data.The simulation results show that the proposed MTHDedup scheme can effectively reduce the computation overhead of ciphertext generation and the storage space of cryptographic keys.With the increase of the number of privilege sets,the performance advantage of MTHDedup scheme is more obvious.

Key words: Access control, Brute-force attacks, Data deduplication, Hybrid cloud storage, Merkle hash tree

CLC Number: 

  • TP309
[1]GANTZ J,REINSEL D.The digital universe in 2020:Big data,bigger digital shadows,and biggest growth in the fareast[OL].http://www.emc.com/collateral/analyst-reports/idc-the-digital-universe-in-2020.pdf.
[2]CLEMENTS A T,AHMAD I,VILAYANNUR M,et al.Decentralized deduplication in SAN cluster file systems[C]∥Con-ference on Usenix Technical.2009:8-8.
[3]BELLARE M,NAMPREMPRE C,NEVEN G.Security Proofs for Identity-Based Identification and Signature Schemes[J].Journal of Cryptology,2009,22(1):1-61.
[4]BELLARE M,PALACIO A.GQ and Schnorr Identification Schemes:Proofs of Security against Impersonation under Active and Concurrent Attacks[M]∥Advances in Cryptology-CRYP10 2002.Berlin:Springer,2002:149-162.
[5]NG W K,WEN Y,ZHU H.Private data deduplication protocols in cloud storage[C]∥Acm Symposium on Applied Computing.ACM,2012:441-446.
[6]STORER M W,GREENAN K,LONG D D E,et al.Secure data deduplication[C]∥ACM International Workshop on Storage Security and Survivability.ACM,2008:1-10.
[7]BARACALDO N,ANDROULAKI E,GLIDER J,et al.Reconciling End-to-End Confidentiality and Data Reduction In Cloud Storage[J].International Journal of Advanced Research in Electrical,Electronics and Instrumentation Engineering,2017,6(3):206-210.
[8]DOUCEUR J R,ADYA A,BOLOSKY W J,et al.Reclaiming space from duplicate files in a serverless distributed file system[C]∥International Conference on Distributed Computing Systems.IEEE,2002:617-624.
[9]STANEK J,SORNIOTTI A,ANDROULAKI E,et al.A secure data deduplication scheme for cloud storage[OL].http://www.ifca.ai/fc14/papers/fc14_submission_5.pdf.
[10]LI M,QIN C,LI J,et al.CDStore:Toward Reliable,Secure,and Cost-Efficient Cloud Storage via Convergent Dispersal[J].IEEE Internet Computing,2016,20(3):45-53.
[11]LIU Z S,HE Z.Deduplication with encrypted data based on Merkle hash tree in Cloud Storage[J].Computer Engineering and Applications,2018,54(5):85-90.(in Chinese)
刘竹松,何喆.基于Merkle哈希树的云存储加密数据去重复研究[J].计算机工程与应用,2018,54(5):85-90.
[12]PUZIO P,MOLVA R,ONEN M,et al.ClouDedup:secure deduplication with encrypted data for cloud storage [C]∥2013 IEEE 5th International Conference on Cloud Computing Technology and Science (CloudCom).IEEE,2013:363-370.
[13]YIN Q Q.Secure deduplication approach based on Bloom Filter in hybrid cloud storage environments[J].Computer Engineering and Applications,2018,54(10):73-80.(in Chinese)
尹勤勤.基于Bloom Filter的混合云存储安全去重方案[J].计算机工程与应用,2018,54(10):73-80.
[14]BELLARE M,KEELVEEDHI S,RISTENPART T.Message- Lcked Ecryption and Secure Deduplication[M]∥Advances in Cryptology -EUROCRYPT 2013.Berlin:Springer,2013:296-312.
[15]BELLARE M,KEELVEEDHI S,RISTENPART T.DupLESS:server-aided encryption for deduplicated storage[C]∥Usenix Conference on Security.USENIX Association,2013:179-194.
[16]HALEVI S,HARNIK D,PINKAS B,et al.Proofs of ownership in remote storage systems[C]∥ACM Conference on Computer and Communications Security.ACM,2011:491-500.
[17]BLASCO J,DI PIETRO R,ORFILA A,et al.A tunable proof of ownership scheme for deduplication using bloom filters[C]∥2014 IEEE Conference on Communications and Network Security (CNS).IEEE,2014:481-489.
[18]YANG C,ZHANG M,JIANG Q,et al.Zero knowledge based client side deduplication for encrypted files of secure cloud stora-ge in smart cities [J].Pervasive & Mobile Computing,2017,41:243-258.
[19]LIU X,SUN W,LOU W,et al.One-tag checker:Message-locked integrity auditing on encrypted cloud deduplication storage[C]∥IEEE Conference on Computer Communications.IEEE,2017.
[20]LI J,LI Y,CHEN X,et al.A hybrid cloud approach for secure authorized deduplication[J].IEEE Transactions on Parallel and Distributed Systems,2015,26(5):1206-1216.
[1] GUO Peng-jun, ZHANG Jing-zhou, YANG Yuan-fan, YANG Shen-xiang. Study on Wireless Communication Network Architecture and Access Control Algorithm in Aircraft [J]. Computer Science, 2022, 49(9): 268-274.
[2] YANG Zhen, HUANG Song, ZHENG Chang-you. Study on Crowdsourced Testing Intellectual Property Protection Technology Based on Blockchain and Improved CP-ABE [J]. Computer Science, 2022, 49(5): 325-332.
[3] GUO Xian, WANG Yu-yue, FENG Tao, CAO Lai-cheng, JIANG Yong-bo, ZHANG Di. Blockchain-based Role-Delegation Access Control for Industrial Control System [J]. Computer Science, 2021, 48(9): 306-316.
[4] CHENG Xue-lin, YANG Xiao-hu, ZHUO Chong-kui. Research and Implementation of Data Authority Control Model Based on Organization [J]. Computer Science, 2021, 48(6A): 558-562.
[5] PAN Rui-jie, WANG Gao-cai, HUANG Heng-yi. Attribute Access Control Based on Dynamic User Trust in Cloud Computing [J]. Computer Science, 2021, 48(5): 313-319.
[6] CAO Meng, YU Yang, LIANG Ying, SHI Hong-zhou. Key Technologies and Development Trends of Big Data Trade Based on Blockchain [J]. Computer Science, 2021, 48(11A): 184-190.
[7] HE Heng, JIANG Jun-jun, FENG Ke, LI Peng, XU Fang-fang. Efficient Multi-keyword Retrieval Scheme Based on Attribute Encryption in Multi-cloud Environment [J]. Computer Science, 2021, 48(11A): 576-584.
[8] XU Kun, FU Yin-jin, CHEN Wei-wei, ZHANG Ya-nan. Research Progress on Blockchain-based Cloud Storage Security Mechanism [J]. Computer Science, 2021, 48(11): 102-115.
[9] WANG Jing-yu, LIU Si-rui. Research Progress on Risk Access Control [J]. Computer Science, 2020, 47(7): 56-65.
[10] GU Rong-Jie, WU Zhi-ping and SHI Huan. New Approach for Graded and Classified Cloud Data Access Control for Public Security Based on TFR Model [J]. Computer Science, 2020, 47(6A): 400-403.
[11] PAN Heng, LI Jing feng, MA Jun hu. Role Dynamic Adjustment Algorithm for Resisting Insider Threat [J]. Computer Science, 2020, 47(5): 313-318.
[12] WANG Hui, LIU Yu-xiang, CAO Shun-xiang, ZHOU Ming-ming. Medical Data Storage Mechanism Integrating Blockchain Technology [J]. Computer Science, 2020, 47(4): 285-291.
[13] LI Shu-quan,LIU Lei,ZHU Da-yong,XIONG Chao,LI Rui. Protocol of Dynamic Provable Data Integrity for Cloud Storage [J]. Computer Science, 2020, 47(2): 256-261.
[14] TU Yuan-fei,ZHANG Cheng-zhen. Secure and Efficient Electronic Health Records for Cloud [J]. Computer Science, 2020, 47(2): 294-299.
[15] QIAO Mao,QIN Ling. AB-ACCS Scheme for Revocation of Efficient Attributes in Cloud Storage Services [J]. Computer Science, 2019, 46(7): 96-101.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.