摘要
针对云数据完整性公开审计中隐私泄漏给第三方审计者(TPA)以及云存储服务器(CSS)发起替代攻击的问题,提出一种面向公有云的数据完整性公开审计方案。该方案首先利用哈希值混淆方法,模糊化云存储服务器返回的证据,以防止TPA分析证据计算出原始数据;然后,在审计过程中,由TPA自行计算出文件Merkle哈希树(MHT)对应挑战请求所选数据块的覆盖树,并与CSS返回的覆盖树作结构匹配,以防止云存储服务器用其他已有数据响应审计挑战。实验结果表明,该方案解决了现有方案隐私问题及攻击问题后,在计算开销、存储开销和通信开销方面的性能不会有数量级变化。
Aimming at the problem of leaking privacy to Third-Party Auditors(TPA)and initiating alternative attacks by Cloud Storage Server(CSS)in public auditing,a new public auditing scheme of data integrity for public cloud was proposed.Firstly,the hash value obfuscation method was used to obfuscate the evidence returned by the cloud storage server to prevent TPA from analyzing and calculating the original data.Then during the audit process,TPA itself calculated the overlay tree of the Merkle Hash Tree(MHT)corresponding to the challenge request,and matched with the overlay tree returned by CSS to prevent the cloud storage server from responding to audit challenges with other existing data.Experimental results show that the performance in terms of computational overhead,storage overhead and communication overhead does not change by orders of magnitude after solving the privacy and attack problems of the existing scheme.
作者
缪俊敏
冯朝胜
李敏
刘霞
MIAO Junmin;FENG Chaosheng;LI Min;LIU Xia(School of Computer Science,Sichuan Normal University,Chengdu Sichuan 610101,China;School of Information and Software engineering,University of Electronic Science and Technology of China,Chengdu Sichuan 610054,China)
出处
《计算机应用》
CSCD
北大核心
2018年第10期2892-2898,共7页
journal of Computer Applications
基金
国家自然科学基金资助项目(61373163)
国家科技支撑计划项目(2014BAH11F02)
四川省科技支撑计划项目(2015GZ079)~~
关键词
云数据
完整性验证
公开审计
隐私保护
替代攻击
覆盖树
cloud data
integrity authentication
public auditability
privacy protection
alternative attack
overlay tree
