摘要
针对云存储中的隐私安全问题,设计了一个支持隐私保护的、高效且安全的云存储框架.该框架采用多叉树结构构建数据索引,设计密钥推导算法EKDA(Extirpation-Based Key Derivation Alogrithm)实现密钥的管理和分发,构建关键字检索算法DLSEK(Discrete Logarithm-Based Search on Encrypted Keyword)实现对数据共享和密文检索的支持,并结合延迟更新技术解决用户访问权限变更和数据更新问题.从EKDA的有效性、DLSEK的性能和隐私安全方面进行实验评估和安全分析,结果表明:EKDA能有效地减少通信和存储负载,DLSEK是一种具有单向性安全的支持检索的加密技术,整个框架的设计能有效地保护用户的隐私,同时支持高效的数据访问.
An efficient and secure framework of cloud storage is proposed to support privacy security in cloud storage. The framework adopts a multi-tree structure for indexing, designs an extirpation-based key derivation algorithm (EKDA) for key management, and constructs a discrete logarithm-based search on encrypted keyword (DLSEK) for data sharing and ciphertext retrieval. The lazy revocation is combined into the framework to deal with the changes of users' access right and dynamic operations of data. Analyzing results for the effectiveness of EKDA, the performance of DLSEK and the privacy security of the framework show that EKDA can efficiently reduce the communication and storage overheads and that DLSEK is an encryption technique which supports ciphertext retrieval and is one-way security. The proposed framework is privacypreserving while supporting data access efficiently.
出处
《西安交通大学学报》
EI
CAS
CSCD
北大核心
2011年第10期1-6,12,共7页
Journal of Xi'an Jiaotong University
基金
国家自然科学基金资助项目(60873071)
国家高技术研究发展计划资助项目(2008AA01Z410)
IBM共享高校研究计划资助项目
关键词
云存储
密钥推导
离散对数
密文检索
cloud storage
key derivation
discrete logarithm
ciphertext retrieval