摘要
"确定性删除"技术旨在保障云服务器内过期或备份数据的确定性删除,使数据被彻底删除或者是永远不可解密和访问的,以保护用户的数据隐私性。但现有方案仅仅只删除了密钥,云端密文依旧完整,一旦密钥被窃取,会威胁数据隐私性,因此未实现"真正"意义上的确定性删除。针对上述问题,提出了一种基于密文采样分片的方案,来实现云端数据的确定性删除。利用密文采样分片思想,使云端存储不完整的密文,即使在密钥被泄露的情况下,也能保证数据的高机密性。而对采样密文的销毁,也实现了云端数据的即时确定性删除。理论分析以及实验结果表明,所提方法能够满足云存储系统中机密数据的确定性删除要求,并且在性能开销低的同时能提供比现有方案更高的安全性。
The technique named assured deletion was namely that the expired or backup data was reliably deleted and remain permanently unrecoverable and inaccessible by any party, However, the previous schemes only deleted the key while the cipher text still maintains entirely. Once the key was compromised, it would be a great threat to the privacy of sensitive data. Therefore, it cannot satisfy the real sense of assured deletion. Aiming at the above problems, a new scheme based on cipher text sample slice named ADCSS was proposed. The scheme can ensure that the cloud server only store the incomplete data by means of cipher text sample slice, which contributes to the top confidentiality of outsourced data even the key is obtained by accident or by malicious attacks. Moreover, the goal of assured deletion can be achieved by destroying the exact cipher text. Theoretical analysis and experimental results show that the proposed scheme can meet the requirement of the assured deletion of sensitive data on cloud storage. Moreover, the scheme performs higher security than the existing ones with low performance overhead.
出处
《通信学报》
EI
CSCD
北大核心
2015年第11期108-117,共10页
Journal on Communications
基金
国家自然科学青年基金资助项目(61303219)
陕西省自然科学基础研究计划基金资助项目(2014JQ8295)
中央高校基本科研业务费基金资助项目(JB140303)~~