一种基于MB+树的网络共享数据查询和检验方法

Approach of query authentication for data sharing online based on MB + tree

网络数据共享机制将数据置于远程网络服务商处并通过外部访问接口进行共享,用户无须保存数据副本,网络服务商负责数据的安全保障,因此无副本情况下数据用户对网络服务商处存储数据的查询和安全校验至关重要。分析目前对远程存储数据查询和检验常用的Merkle散列树方法,就其对大规模数据进行检验时存在验证过程冗余、验证辅助数据量大等不足,提出一种基于MB+树的网络共享数据查询和检验方法,帮助数据用户确认位于网络服务商处数据的正确性和完整性。利用MB+树非叶节点包含多出度、叶节点直接映射数据等特性对数据文件进行抽象组织,避免Merkle散列树的节点数和深度随数据文件块的增多而呈线性增长的问题,同时缩短检验过程中的查询认证路径,减少检验所需的辅助认证信息,有效地控制了时间和空间消耗。通过实验分析可知,相较于常用的方法(如Merkle散列树),处理大规模数据时MB+树更易于构建,也能够更加快速地查询和检验数据文件。

Data sharing online is now being wildly used through many applications.In this mode,data is uploaded to network service providers by data owners.So it is shared by network service providers instead of data owners and can be accessed through external interface by any other users.Then there is no need for data owners to keep the copy of their data.Due to the reputation of network service providers,query authentication for data sharing online by data owners becomes important.This paper applied traditional Merkle hash tree to ensure the correctness and integrity of data remotely stored.Considering the disadvantages of Merkle hash tree such as redundant verification procedures,large auxiliary verifications and so on,this paper proposed a new approach of query authentication for these data based on MB+tree.It constructed MB+tree by partitions of data under verification,and its leaf nodes were directly mapped to certain partitions.Tree authentication algorithm through MB+tree could check the validity of any random partition.Compared with Merkle hash tree,experimental results show that this approach has the advantages of less query paths,lower auxiliary verifications,and moderate complexity.