期刊文献+

基于更新树的动态云数据审计方案 被引量:2

A Dynamic Cloud Data Audit Scheme Based on Update Tree
下载PDF
导出
摘要 由于云服务器是半可信的,为了保证云数据的完整性和正确性,用户需要定期对云中数据进行审计,同时云服务器也要支持用户对云数据进行动态操作。文章提出了一个新的更新树结构用于实现动态的数据完整性审计。方案中的更新树存有数据块的版本号、序号范围、偏移量,序号范围的设置使得更新树具有一个节点存储多个数据块的属性。相同版本号和偏移量的连续序号具保存在一个更新树节点中,这样大大减少了存储空间和访问时间。在动态审计过程中,系统可以根据序号和偏移量来对签名时的数据块号进行验证。对云中大量连续数据块进行修改时,更新树只需更新一次含有相应数据块序号范围的更新树节点,更新树不平衡时可根据二叉平衡树的原理进行调整。更新树节点存放的是一定范围的数据块属性,使得更新树的大小不与文件数据块个数成正比,而与用户对文件更新次数相关,从而方案对动态云数据的审计性能不会根据文件大小的增长而变低。最后通过安全性分析和性能分析可以看出,文中方案是一个高效安全的动态云数据审计方案。 The cloud server is partially trusted. In order to ensure the completeness and correctness of the cloud data, users need to periodically audit the cloud data. At the same time the cloud server should also support user to update the cloud data dynamic. The provable dynamic cloud data possession scheme via update tree came up with a new update tree structure which is used to realize dynamic data integrity audit plan. The update trees exist a version number of data blocks, the range of serial number, the offset, the setting of range makes the trees don't have to use a node to store the attribute of a single block of data. The continuous serial number with same version and offset can be stored in a node to the update tree, and it greatly reduces the storage space and access time. In the dynamic audit process, the system can be according to the serial number and offset to determine the data block number in signature for validation. At the same time when the user updates the data blocks for a range, it only needs to update the tree node which the range in it. When the update tree is not balance, it can be adjusted according to the principle of balanced binary tree. The update tree node stores attributes for a range of data blocks, and this characteristic makes the size of the tree affected by the times of dynamic operations not by the file size, and thus the performance of the audit will not step down when the file size become large. By the security and performance analysis which in the end of this article, we can be seen that this scheme is an efficient security provable dynamic cloud data possession scheme.
出处 《信息网络安全》 2015年第12期1-7,共7页 Netinfo Security
基金 国家自然科学基金[61472064] 国家高科技研究发展计划(国家863计划)[2015AA016007]
关键词 云存储安全 动态云数据审计 更新树 cloud storage security dynamic cloud data audit update tree
  • 相关文献

参考文献22

  • 1DESWARTE Y, QUISQUATER J J, SAIDANE A. Remote Integrity Checking[C]//IFIP. Sixth Working Conference on Integrity and Internal Control in Information Systems (IICIS), November 13-14, 2003, Lausanne, Switzerland. US: Springer, 2003:1-11.
  • 2OPREA A, REITER M K, YANG K. Space-Efficient Block Storage Integrity[C]//Internet Society. Network and Distributed System Security Symposium, NDSS 2005, February 3-4, 2005, California, USA. USA: NDSS, 2005: 1-12.
  • 3FILHO D L G, BARR, ETO P S L M. Demonstrating Data Possession and Uncheatable Data Transfer[EB/OL]. http://wenku.baidu. com/link?url= NOlzehhzNbismj di5X9OTR1Cj t31Xs_awEWPVxh- tD4Avj 8tpoAkY1BrPxr_SU9y- F2-[J].WYoySb78kZGmx8XS4 lkba6F2eAT14z-hLIXy, 2015-02-14.
  • 4SEBE F, MARTINEZ-BALLESTE A, DESWARTE Y, et al. Time- bounded Remote File Integrity Checking[R]. Tarragona: UNIVERSITAT ROVIRA I VIRGILI, Tech.Rep.04429, 2004.
  • 5SCHWARZ T S J, MILLER E L. Store, Forget, and Check: Using Algebraic Signatures to Check Remotely Administered Storage[C]// IEEE. Distributed Computing Systems, ICDCS 2006, 26th IEEE International Conference on, July 4-7, 2006, Lisboa. Washington, USA: IEEE, 2006: 12.
  • 6ATENIESE G, BURNS R, CURTMOLA R, et al. Provable Data Possession at Untrusted Stores[C]//ACM. 14th ACM Conference on Computer and Communications Security, October 28-31, 2007, Alexandria, Virginia, USA. New York: ACM, 2007: 598-609.
  • 7ATENIESE G, KAMARA S, KATZ J. Proofs of Storage from Homomorphic Identification Protocols[C]//INTERNATIONAL ASSOCIATION FOR CRYPTOLOGIC RESEARCH. Advances in Cryptology-ASIACRYPT 2009, December 6-10, 2009, Tokyo, Japan. Heidelberg: Springer, 2009: 319-333.
  • 8JUELS A, KALISKI JR B S. PORs: Proofs of Retrievability for Large Files[C]//ACM. 14th ACM Conference on Computer and Communications Security, October 29-November 2, 2007, Alexandria, Viginia, USA. New York: ACM, 2007: 584-597.
  • 9ATENIESE G, PIETRO R D, MANCINI L V, et al. Scalable and Efficient Provable Data Possession[C]// IACR. 4th International Conference on Security and Privacy in Communication Networks, September 22-25, 2008, Istanbul, Turkey. New York: ACM, 2008: 9.
  • 10ERWAY C, KP#O A, PAPAMANTHOU C, et al. Dynamic Provable Data Possession[C]//ACM. 16th ACM Conference on Computer and Communications Security, November 9-13, 2009, Chicago. New York: ACM, 2009: 213-222.

二级参考文献63

  • 1Mell P,Grance T. The NIST definition of cloud computing[J].National Institute of Standards and Technology,2009,(06):50.
  • 2Armbrust M,Fox A,Griffith R. A view of cloud computing[J].Communications of the ACM,2010,(04):50-58.
  • 3Velte T,Velte A,Elsenpeter R. Cloud computing,a practical approach[M].McGraw-Hil,Inc,2009.
  • 4Oualha N,Roudier Y. Reputation and audits for self-organizing storage[A].ACM,2008.2.
  • 5Oualha N,Leneutre J,Roudier Y. Verifying remote data integrity in peer-to-peer data storage:A comprehensive survey of protocols[J].Peer-to-Peer Networking and Applications,2012,(03):231-243.
  • 6Yang K,Jia X. An efficient and secure dynamic auditing protocol for data storage in cloud computing[J].Paral el and Distributed Systems IEEE Transactions on,2013,(09):1717-1726.
  • 7Wang C,Ren K,Lou W. Toward publicly auditable secure cloud data storage services[J].Network IEEE,2010,(04):19-24.
  • 8Yang K,Jia X. Data storage auditing service in cloud computing:chal enges,methods and opportunities[J].World Wide Web,2012,(04):409-428.
  • 9Deswarte Y,Quisquater J J,Sa?dane A. Remote integrity checking[A].Springer US,2004.1-11.
  • 10Oprea A,Reiter M K,Yang K. Space-Efficient Block Storage Integrity[A].2005.

共引文献56

同被引文献3

引证文献2

二级引证文献5

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部