摘要
如今,随着科学技术的发展,云计算得到越来越多的关注和应用,随之而来的则是数据存储的安全问题。因此,与云存储有关的密码学研究成为学术界的一个热门领域。使用云存储服务的用户可以享受高质量的按需服务。但是,由于用户不再物理地拥有数据,因此无法保证云计算中数据的正确性和完整性。文章提出了一种隐私保护机制来保护用户存储在云中的数据的隐私,同时引进可信的第三方审计员(TPA)支持公共审计。在执行公共审计时,检查外包数据的完整性。为安全引进有效的TPA,必须保证审计过程对用户数据的隐私不构成新的安全威胁,同时不会给用户带来其他在线压力。特别地,当用户数据要和云中大部分人共享时,为保证数据不被云篡改,就必须委托TPA进行审计,同时TPA可以不检索整个数据。因此,无论是数据块信息还是数据块上的签名信息,对TPA而言仍是保密的。
Nowadays, with the development of science and technology, cloud computing gets more and more attentions and is put in use increasingly, and then the security problem of date storage appears. Therefore, cryptography related to the cloud storage has become a very hot topic in the academic circles. Users can enjoy the on-demand high quality services by using cloud storage. But, because users no longer physically occupy the date,they can' t ensure the correctness and the integrity of the date in the cloud computing. This paper proposes a privacy-preserving mechanism to ensure the privacies of the users, introduces a trusted third party auditor(TPA) to perform public audit, while checks the integrities of the outsourcing data. To securely introduce an effective TPA, the auditing process should bring no new security threats towards the users' date privacies, and bring no additional online pressure to users. Especially, while the users' date should be shared by a large number of users in the cloud, it must entrust the TPA to audit in order to ensure data not be tampered, and at the same time the TPA can not retrieve the entire data. Therefore, no matter the information or signature information on the data block, they are still confi dential to TPA.
出处
《信息网络安全》
2015年第2期19-25,共7页
Netinfo Security
基金
国家自然科学基金面上项目[11271003]
广东省高校科技创新项目[2013KJCX0146]
教育部高等学校博士学科点专项科研基金联合资助课题(博导类联合)[20134410110003]
关键词
隐私保护
第三方审计员
云审计
云存储
云计算
privacy-preserving
third party auditor(TPA)
cloud audit
cloud storage
cloud computing