期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于存储网关的数据安全去重方案 被引量:7

Secure Data Deduplication Scheme Based on Storage Gateway
下载PDF
导出
摘要 在实行客户端去重的云存储系统中,通过所有权证明可以解决攻击者仅凭借文件摘要获得整个文件的问题。然而,基于所有权证明的去重方案容易遭受侧信道攻击。攻击者通过上传文件来观察是否发生去重,即可判断该文件是否存在于云服务器中。基于存储网关提出一种改进的所有权证明去重方案,存储网关代替用户与云服务器进行交互,使得去重过程对用户透明,并采用流量混淆的方法抵抗侧信道攻击和关联文件攻击。分析与比较表明,该方案降低了客户端计算开销,并提高了安全性。 In a cloud storage system with client-side deduplication, proof of ownership can be used to solve the problem of an adversary getting an entire file via the file hash only. However, schemes based on proof of ownership are vulnerable to side-channel attacks. An adversary can observe the occurrence of deduplication by uploading a file and then infer whether the file exists in the cloud server. An improved proof of ownership deduplication scheme based on storage gateway is proposed. Storage gateway, instead of user, interacts with cloud server, so that the deduplication is transparent to the user. The scheme uses the method of traffic obfuscation to resist side-channel attacks and related-files attack. Analyses and comparisons show that the scheme reduces computation overhead on client-side and improves security.
作者 柳毅 王平雁 LIU Yi;WANG Pingyan(School of Computers, Guangdong University of Technology, Guangzhou 510006, China)
机构地区 广东工业大学计算机学院
出处 《计算机工程与应用》 CSCD 北大核心 2019年第17期112-116,149,共6页 Computer Engineering and Applications
基金 国家自然科学基金(No.61572144)
关键词 云存储 数据去重 存储网关 侧信道攻击 所有权证明 cloud storage data deduplication storage gateway side-channel attacks proof of ownership
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献3

二级参考文献52

  • 1Bhagwat D,Pollack K,Long DDE,Schwarz T,Miller EL,P-ris JF.Providing high reliability in a minimum redundancy archival storage system.In:Proc.of the 14th Int'l Symp.on Modeling,Analysis,and Simulation of Computer and Telecommunication Systems (MASCOTS 2006).Washington:IEEE Computer Society Press,2006.413-421.
  • 2Zhu B,Li K.Avoiding the disk bottleneck in the data domain deduplication file system.In:Proc.of the 6th Usenix Conf.on File and Storage Technologies (FAST 2008).Berkeley:USENIX Association,2008.269-282.
  • 3Bhagwat D,Eshghi K,Mehra P.Content-Based document routing and index partitioning for scalable similarity-based searches in a large corpus.In:Berkhin P,Caruana R,Wu XD,Gaffney S,eds.Proc.of the 13th ACM SIGKDD Int'l Conf.on Knowledge Discovery and Data Mining (KDD 2007).New York:ACM Press,2007.105-112.
  • 4You LL,Pollack KT,Long DDE.Deep store:An archival storage system architecture.In:Proc.of the 21st Int'l Conf.on Data Engineering (ICDE 2005).Washington:IEEE Computer Society Press,2005.804-815.
  • 5Quinlan S,Dorward S.Venti:A new approach to archival storage.In:Proc.of the 1st Usenix Conf.on File and Storage Technologies (FAST 2002).Berkeley:USENIX Association,2002.89-102.
  • 6Sapuntzakis CP,Chandra R,Pfaff B,Chow J,Lam MS,Rosenblum M.Optimizing the migration of virtual computers.In:Proc.of the 5th Symp.on Operating Systems Design and Implementation (OSDI 2002).New York:ACM Press,2002.377-390.
  • 7Rabin MO.Fingerprinting by random polynomials.Technical Report,CRCT TR-15-81,Harvard University,1981.
  • 8Rivest R.The MD5 message-digest algorithm.1992.http://www.python.org/doc/current/lib/module-md5.html.
  • 9U.S.National Institute of Standards and Technology (NIST).Federal Information Processing Standards (FIPS) Publication 180-1:Secure Hash Standard.1995.http://www.itl.nist.gov/fipspubs/fip180-1.htm.
  • 10U.S.National Institute of Standards and Technology (NIST).Federal Information Processing Standards (FIPS) Publication 180-2:Secure Hash Standard.2002.http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf.

共引文献154

同被引文献62

引证文献7

二级引证文献24

计算机工程与应用
2019年 第17期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部