云存储中基于用户授权的大数据完整性审计方案被引量：4

A Big Data Integrity Auditing Scheme Based on User Authorization in Cloud Storage

下载PDF

导出

摘要云存储具有存储量大、可扩展和成本低等优点,越来越多的用户选择把数据存储在云存储服务器端。云存储的可用性、高可靠性及数据共享服务等在给用户带来便利的同时,也会导致诸多安全问题,其中数据的完整性研究成为近期研究的热点。目前已有很多数据审计方案,但它们不能高效实现数据的细粒度更新操作。为了解决这一问题,文章提出一种支持细粒度更新的大数据完整性审计方案。首先,设计了一种支持细粒度更新的认证数据结构——动态索引表。在数据插入和删除操作过程中,动态索引表中的元素不需要进行移动,提高了数据更新的效率。其次,为了避免恶意攻击者对云存储服务器发起拒绝服务攻击,文章提出了一种基于用户授权的大数据完整性审计方案,即只有用户合法授权的第三方审计者才能发起完整性审计挑战,提高了系统的安全性。最后,模拟实验证明,文章提出的方案具有较高的数据审计运算效率。 As cloud storage has many advantages, such as large storage, scalability and low-cost, more and more users choose to store their big data on the remote cloud storage server. The availability, high reliability and data sharing services of cloud storage not only bring convenience to users, but also lead to many security problems and among them, the research on data integrity has become a hot topic in recent years. Recently, lots of auditing schemes have been proposed, but these schemes can’t efficiently realize fine-grained updating operations. To solve the problem, this paper propose a big data integrity audit scheme supporting fine-grained updating operations. Firstly, we design an authenticated data structure supporting fine-grained updating—dynamic index table. In the process of data insertion and deletion, the elements in the dynamic index table don’t need to be moved, so that the efficiency of data dynamic updating is improved. Secondly, in order to prevent malicious parties from launching denial-of-service attacks to the cloud storage server, this paper propose a big data integrity audit scheme based on user authorization. That is, only thirdparty verifiers authorized by users can initiate integrity verification challenges which improve system security. Finally, the simulation experiments show that this auditing scheme is of high efficiency.

作者鲁秀青咸鹤群 LU Xiuqing;XIAN Hequn(College of Completer Science and Technology, Qingdao University, Qingdao Shandong 266071, China;College of Business, Qingdao University, Qingdao Shandong 266071, China)

机构地区青岛大学计算机科学与技术学院青岛大学商学院

出处《信息网络安全》 CSCD 北大核心 2018年第4期32-37,共6页 Netinfo Security

基金国家自然科学基金[61303197] 山东省自然科学基金[ZR2013FQ005]

关键词云存储大数据完整性细粒度审计 cloud storage big data integrity fine-grained auditing

分类号 TP309 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献3

1王文旭,张健,常青,顾兆军.云计算虚拟化平台安全问题研究[J].信息网络安全,2016(9):163-168. 被引量：16
2李宏军,郎为民,邓刚.一种高效的大数据中心完整性检查方案研究[J].信息网络安全,2016(5):1-8. 被引量：12
3张键红,李鹏燕.一种有效的云存储数据完整性验证方案[J].信息网络安全,2017(3):1-5. 被引量：12

二级参考文献40

1FRANK F, MARCOS K.移动云计算:无线、移动和社交网络中分布式资源的开发利用[M].郎为民,译.北京:机械工业出版社,2015.
2BOYENX, WATERS B.Ful卜domain Subgroup Hiding andConstant-size Group Signatures [C]//IEEE. PKC 2007.10th InternationalConference on Practice and Theory in Public-Key Cryptography April16-20,2007,Beijing, China.NJ : IEEE, 2007: 1-15.
3MAJI H K, PRABHAKARAN M, ROSULEK M. Attribute-ased Signatures [EB/OL].http://eprint.iacr.org/2010/595.pdf, 2010-11-22.
4DOIDSY,YAMPOLSKIY A. A Verifiable Random Function withShort Proofi and Keys[C]//IEEE. PKC 2005.8th International Workshopon Theory and Practice in Public Key Cryptography, January 23-26,2005,Les Diablerets, Switzerland. NJ : IEEE, 416-431.
5SHACHAMH, WATEWRS . Compact Proofe of Retrievability [J].Journal of Cryptology, 2015, 28(3): 442-483.
6HANJ, WU S, MU Y, et al. Improving Privacy and Security inDecentralized Ciphertext-Policy Attribute-Based Encryption[J].IEEETransactions on Information Forensics and Security, 2015, 10(03): 665-678.
7CHIP W,LEI C L.Audit-Free Cloud Storage via DeniableAttribute-based Encryption[J].IEEE Transactions on Cloud Computing,2015,21(7): 865-876.
8ZHOUZ B, HUANG D J, WANG Z .Efficient Privacy-Preserving Ciphertext -Policy Attribute -based Encryption andBroadcast Encryption[J]. IEEE Transactions on Computers, 2015,64(01): 126-138.
9LIC L, CHEN Y,TAN P, et al. An Efficient Provable DataPossession Scheme with Data Dynamics[C]//IEEE. CSSS.Proceedingsof 2012 International Conference on Computer Science & ServiceSystem (CSSS),August 11 - 13,2012 , Nanjing China.NJ : IEEE,2012: 706-710.
10WANGJ X, LI S L. Dynamic Provable Data Possession withBatch-update Verifiability [C]//IEEE. ICADE.Proceedings of 2012 IEEEInternational Conference on Intelligent Control, Automatic Detection andHigh-End Equipment (ICADE). July 27-29,2012, Beijing, China.NJ : IEEE, 2012: 108-113.