期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

软件即服务模式下租户多副本数据存储完整性问题研究 被引量:6

Research on multi-tenants duplicates storage integrity protection in software as a service
下载PDF
导出
摘要 针对云中软件即服务(Software as a Service,SaaS)多租户共享存储模式下恶意服务提供商伪造、删除或篡改租户定制存储的数据副本数据问题,结合多租户数据共享存储特点以及租户间隐私与隔离需求,提出了面向租户的多副本完整性保护机制(Tenant-oriented duplication integrity checking scheme,TDIC).TDIC通过对租户副本元组进行周期性随机抽样的方式,来降低验证对象的生成代价.为适应租户数据的动态更新,建立面向租户多副本辅助验证结构(Tenant duplication authentication structure,TDAS),TDAS可以将每个数据节点上不同租户的副本验证信息隔离,保证租户副本验证过程的隔离性.结合租户元组的同态标签与TDAS,TDIC可以在不泄露租户数据内容的前提下,委托可信第三方对租户副本进行抽样检查.分析表明,如果租户逻辑视图中包含一万个数据元组时,在元组破坏率为1%的情况下发现数据被破坏的随机抽样数目最大约为元组总数的5%,相对全部验证的方法有效降低了系统资源消耗. Software as a Service(SaaS)is one important software delivery model in cloud computing and provides the elastic extension,relatively inexpensive storage and computing resources for tenants.However,un-trustworthy service providers may malicious tamper,forge or delete tenant data without tenants' authorization.The purpose of this work is to provide a multi-tenant data duplication integrity protection scheme for SaaS multi-tenant shared storage.First,we present a sample based tenant integrity protection mechanisms tenant-oriented duplication integrity chec-king scheme(TDIC).Different to the traditional approaches,in TDIC,the sampled element is the tenants' physical data tuples in universal table rather than the intersected data blocks of existing methods.Through periodically random sampling,TDIC reduces the complexity of service provider side verification object construction and eliminates the resource waste.Second,in order to set up tuples sample challenge-response model,we construct a new multi-tenants duplication authentication structure(TDAS).TDAS can ensure the isolation requirement of tenants by setting up separated duplication authentication tree for each tenant.And TDAS accommodates the tenant data dynamic update operation with duplication authentication tree adjustment.Third,we set up homomorphism label for each tuples of tenant duplication.With the help of homomorphism label and TDAS,TDIC achieves the third party verification to relieve the verification burden on tenant's client side.Finally,the analysis shows that if the tenant logical view has10000 data tuples and the damage rate is about 1%,the random sampling data number is about 5% of the total number of tuples.
作者 李琳 钱进 张永新 丁艳辉 孔兰菊
机构地区 山东师范大学数学科学学院 山东大学计算机科学与技术学院 山东师范大学信息科学与工程学院
出处 《南京大学学报(自然科学版)》 CAS CSCD 北大核心 2016年第2期324-334,共11页 Journal of Nanjing University(Natural Science)
基金 国家自然青年科学基金(61303085 61303007) 山东省自然科学基金(ZR2013FQ014) 山东省科技发展计划(2014GGX101047) 山东省优秀中青年科学家科研奖励基金(BS2013DX044) 山东省软件工程重点实验室开放课题(2013SE02) 山东省高等学校科技计划(J15LN24)
关键词 软件即服务(Software as a Service SaaS) 多租户 数据副本 完整性保护 Software as a Service(SaaS) multi-tenants duplicate integrity protection
分类号 TP301 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献20

  • 1Aulbach S, Grust T, Jacobs D, et al. Multi-tenant databases for Software as a Service: Schema- mapping techniques. In: Proceedings of the ACM SIGMOD International Conference on Manage- ment of Data. Canada: SIGMOD Conference, 2008,1195--1206.
  • 2Aulbach S, Jacobs D, Kemper A, et al. A comparison of flexible schemas for software as a service. ImProceedings of the ACM SIGMOD In- ternational Conference on Management of Data. Rhode Island: SIGMOD Conference, 2009, 881--888.
  • 3孔兰菊,李庆忠,史玉良,王学.面向SaaS应用基于键值对模式的多租户索引研究[J].计算机学报,2010,33(12):2239-2247. 被引量:17
  • 4Wang C, Wang Q, Ren K, et al. Ensuring data storage security in cloud computing. In: The 17th International Workshop on Quality of Service. Charleston.. IEEE Press, 2009,1 -- 9.
  • 5王一蕾,吴英杰,孙岚.隐私保护关系型数据发布的多维划分动态规划算法[J].南京大学学报(自然科学版),2013,49(2):258-267. 被引量:2
  • 6Liu H, Zhang P, Liu J. Public data integrity verification for secure cloud storage. Journal of Networks, 2013,8 ( 2 ) : 373 -- 380.
  • 7卞磊,刘超,金茂忠.一种面向审查的过程内数据流异常自动检测方法[J].南京大学学报(自然科学版),2010,46(1):71-76. 被引量:2
  • 8Li L, Li Q, Kong L, et al. Tenant-oriented composite authentication tree for data integrity protection in SaaS. In: The 15'h International Conference on Web-Age Information Manage- ment. Maeau:Lecture Notes in Computer Science 8485,2014,402--414.
  • 9Zhang L, Li Q, Shi Y, et al. An integrity verification scheme for multiple replicas in clouds. In: The 2012 International Conference on Web Information Systems and Mining. Chengdu.. Lecture Notes in Computer Science 7529, Springer, 2012,264-- 274.
  • 10咸鹤群,冯登国.外包数据库模型中的完整性检测方案[J].计算机研究与发展,2010,47(6):1107-1115. 被引量:23

二级参考文献48

  • 1唐发根,钱红兵.Ada软件数据流分析方法及其实现[J].北京航空航天大学学报,1997,23(1):25-29. 被引量:1
  • 2John E H,Rdeev M,Jeffrey D U著.自动机理论、语言和计算导论.刘田,姜晖,王捍贫.北京:机械工业出版社,2004,80-81.
  • 3Fagan M. Design and code inspections to reduce errors in program development. IBM Systems Journal, 1976, 15(3): 182-211.
  • 4Beizer B. Software testing techniques. 2^nd edition. New York: International Thomson Computer Press, 1990.
  • 5Dunsmore A, Roper M, Wood M. Practical code inspection techniques for object-oriented systems: An experimental comparison. Software IEEE, 2003, 20(4): 21-29.
  • 6O-Neill D. Issues in software inspection. Software IEEE, 1997, 14(1): 18-19.
  • 7Gerard O’Regan.软件质量实用方法论.陈茵,闪四清.北京:清华大学出版社,2004.
  • 8Fosdick L D, Osterweil L J. Data flow analysis in software reliability. ACM Computing Surveys, 1976, 8(4): 41-56.
  • 9Huang J C. Detection of dataflow anomaly through program instrumentation. IEEE Transactions on Software Engineering, 1979, SE- 5 (2), 226-236.
  • 10Louridas P. Static code analysis. Software IEEE, 2006, 23(4): 58-61.

共引文献40

同被引文献57

引证文献6

二级引证文献14

南京大学学报(自然科学版)
2016年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部