摘要
云计算的可信性直接决定了其能否被广泛使用和推广.如果能使得云计算用户验证存储在云平台的数据的完整性或者在云平台执行的程序的正确性,将会大大加快云计算的应用.而可验证计算协议可检测出远程服务器返回的程序执行结果是否正确,且不需要将远程服务器所执行的程序再重新执行一遍.因此,近年来,可验证计算协议引起了学术界和工业界的广泛关注,成为实现可信云计算的一种建设性思路.文中在系统梳理和总结可验证计算协议国内外相关研究的基础上,依据可验证计算协议的实施流程对其按照编译处理和证明系统分类.其中,依据可验证计算协议使用的编译器的复杂程度,分为使用简单编译器的可验证计算协议和使用复杂编译器的可验证计算协议;依据证明系统的分类,主要研究基于交互式证明系统的可验证计算协议和基于论证系统的有预处理的可验证计算协议.随后对依据证明系统划分的每一分类,围绕基本定义、典型协议原理及流程、适用应用场景、性能分析等问题,对基于可验证计算的可信云计算进行了综述.最后,总结和展望了待解决的关键性问题和未来的研究方向.上述工作将对可验证计算协议在云计算中的应用起到一定推动作用.
To a very great extent, trustworthiness is a critical factor for the large-scale popularity of cloud computing. To instill greater confidence in computations and data outsourced to the cloud service providers, the client should verify the correctness of computation results returned by cloud service providers. Verifiable Computation is the very solution that can let the client check the correctness of a remotely executed computation by inspecting a proof by the remote cloud service providers, without reexecuting the computation. Recent works in verifiable compu- tation have received broad attention in both the academic and industrial research, and the pace of progress in verifiable computation has been rapid. A number of projects have reduced the verifiable computation theory to near-practice in the context of implemented system and have mode it become a constructive approach to trusted cloud computing. The goal of this paper is to survey this blossoming area of research, especially in the cloud computation area. This paper first presents the problem that proof-based verifiable computation is solving in a unified framework, together with some of key theory that has developed to solve it, and then describes design principle and basis theory of verifiable computation protocol. Based on systematic analysis and summary of the related works on verifiable computation, this paper presents a category of verifiable computation protocols according to the two dimensions which are main processes including compile processing and proof system. The verifiable computation protocols in this paper use compiler based on Fairplay and Benjamin compiler to compile the protocol, and generate model of computation for proof system. It can be divided into two approaches according to main process of compiling, as. verifiable computation protocol based on simple compiler and verifiable computation protocol based on complex compiler. It can be divided into two approaches according to proof system, as: verifiable computation protocol based on interactive proof system and verifiable computation protocol with preprocessing based on argument system. We do not discuss verifiable computation without preprocessing based on argument system, and the choice of scope is to make this paper manageable because such protocols are based on short PCPs and still impractical. This paper also covers basic definition, principle and process of typical protocols, application scenarios, performance analysis in each of our classification. At the end of this paper, we summarise some of open questions in this area. The biggest issue in this research area is performance. Also the computational model and underlying theory are a critical area of focus. And other research directions involve changing the model and goal of verifiable computation protocol, and privacy requirements of procotol in the context of cloud computing. All our works will play a role in promoting the further research of cloud computing security based on verifiable computation. And we believe that the real application of these techniques to cloud computing will appear in the next few years with the rapid progress in verifiable computation.
出处
《计算机学报》
EI
CSCD
北大核心
2016年第2期286-304,共19页
Chinese Journal of Computers
基金
国家自然科学基金(61202081)资助~~
关键词
云计算
可验证计算
云安全
交互式证明系统
论证系统
cloud computing
verifiable computation
cloud computing security
interactive proofsystem
argument system
