摘要
可证明数据持有性验证(provable data possession,PDP)是云存储中重要的完整性验证技术,采用可证明数据持有验证,客户可通过常量级运算验证云服务器是否诚实地持有客户数据.某些情况下,客户无法亲自验证云端的数据持有,此时客户需要授权代理对云端数据进行持有验证.针对上述问题,提出了一种基于部分授权的可证明数据持有验证方案(provable data possession based on partial delegation,PDPPD),新方案基于双线性对及部分授权技术支持数据拥有者直接通过密钥变形方式委任代理方进行数据持有验证,并且数据拥有者可以随时撤销或更换代理方,证明了方案的安全性.与现有数据持有性验证方案相比,新方案在保证相同安全强度的条件下,具有更小的计算量和通信量,且应用场景更加广泛.
Provable data possession(PDP)is an important integrity checking technique in cloud storage.By using PDP,the client moves its data to cloud server and checks the possession of the data with constant computation. However,the client sometimes is not available to check its data possession.For example,the client wants to check its data which are stored in cloud server when he is in prison or at sea.In those cases,a convenient way to delegate the power of checking data possession to a proxy is necessary.In order to solve this problem,we propose a new provable data possession based on partial delegation(PDPPD).The PDPPD system model and security model are based on bilinear pairing and partial delegation.And the major feature of the proposed scheme is following:the client can delegate verification power to the proxy by sharing the converted secret key with the proxy,and the client can revoke or delete the proxy in an easy way at any time.Through our security analysis,the proposed scheme is provably secure.Compared with existing PDP schemes,the proposed scheme has less computation and communication overhead with the same level of security and also has wider application scenarios.
出处
《计算机研究与发展》
EI
CSCD
北大核心
2015年第10期2422-2430,共9页
Journal of Computer Research and Development
基金
国家自然科学基金项目(61472064)
四川省科技支撑基金项目(2015GZ0095)
中央高校基本科研业务费基础研究项目(YGX2013J072)
