摘要
云存储中的数据在生命周期结束删除时,大多是采用删除密钥的逻辑删除方式进行处理,数据仍存在泄露风险,为此提出了一种基于密文重加密与覆写验证结合的云数据确定性删除方案(WV-CP-ABE)。当数据拥有者想删除外包数据时,通过重新加密密文改变密文对应的访问控制策略来实现数据细粒度删除操作;其次构建基于脏数据块覆写的可搜索路径散列二叉树(DSMHT),对要删除的数据进行覆写后正确性验证;最终采用更改密文访问控制策略和数据覆写双重机制保障数据确定性删除。实验分析证明,所提方案在数据确定性删除方面比以前的逻辑删除方法细粒度控制更好,安全性更可靠。
At the end of data life cycle, there is still a risk of data leakage, because mostly data which was stored in cloud is removed by logical deletion of the key. Therefore, a cloud data assured deletion scheme (WV-CP-ABE) based on ciphertext re-encrypt and overwrite verification was proposed. When data owner wants to delete the outsourced data, the data fine-grained deletion operation was realized by re-encrypting the ciphertext to change the access control policy. Secondly, a searchable path hash binary tree (DSMHT) based on dirty data block overwrite was built to verify the correctness of the data to be deletion. Finally, the dual mechanism of changing the ciphertext access control policy and data overwriting guarantees the data assured deletion. The experimental analysis proves that the fine-grained control is better and the security is more reliable than the previous logical delete method in the assured deletion of data.
作者
杜瑞忠
石朋亮
何欣枫
DU Ruizhong;SHI Pengliang;HE Xinfeng(Cyberspace Security and Computer College, Hebei University, Baoding 071002, China;Key Lab on High Trusted Information System in Hebei Province, Baoding 071002, China)
出处
《通信学报》
EI
CSCD
北大核心
2019年第1期130-140,共11页
Journal on Communications
基金
国家自然科学基金资助项目(No.61572170)
河北省自然科学基金资助项目(No.F2018201153
No.2016205023)
河北省高等学校科学技术研究基金资助项目(No.ZD2016043)
河北省物联网监控工程技术研究中心基金资助项目(No.3142016020)~~
